I have recently taken ownership of a Solaris 5.9 server and am in the process of migrating the applications over to a recent release. I decided to audit the applications and configuration of all the apps installed. One of the very long list of items I needed to figure out is the cron job,i.e. any automated scripts persormed by the system. I will explain the method I used to create a complete inventory of all cron jobs belonging to the administrator and users.
Cron jobs are generally stored in the default path of /var/spool/cron/crontabs. This path is common for most Unix and Linux versions. The easiest way to determine if a cron job is running is to goto /var/spool/cron/crontabs and list the files. You can cat the file to see the scheduled job.
I was only concerned about the scheduled jobs for all active userids and wanted to make sure that I captued them all.
The first thing I did was to list all active user accounts using the listusers command and redirecting the output to a file all_user_names. See the example below.
# listusers > all_user_names
You can view the file one page at a time using more, I copied the file to my desktop and inported it into Excel. This way I could then take notes.
# more all_user_names
You need to login as each user to see if they have any cron job. Since I did not know the password for each user accounts I simply used to su – user_name command to logon as the user. This will not prompt for password if you are already logged in as root or superuser.
# su – andrew
After loggin in as the user, run the command crontab -l to display any scheduled job.
server_promtp% crontab -l
# This command helps clean up user accounts.
1 0 * * 0 rm /home/andrew/*.log > /dev/null 2>&1
In the above example the # indicates a comment follows. All files with the extnsion .log is deleted very Sunday at 12:01 am.
If you get the message crontab: can’t open your crontab file, then it means that there are no schedule job for the the user.