[Clip] CLIP kickstart file adds overly restrictive permissions to cron files

James Homer James.Homer at nexor.com
Fri Mar 27 12:05:10 CDT 2009 

I have been doing some testing customised logrotate configuration and I think that the files in

/etc/cron.daily (and others)

Have the permissions set to be too restrictive to allow them to function as expected. I have set the permissions as follows

-rwx------ 1 root root 183 Mar 27 04:07 /etc/cron.daily/logrotate

and the log rotation appears to know work under the control of crond. This may be the desired behaviour however the notes in the kickstart file suggest that some may require 700 but I don't have access to the UNIX checklist mentioned

<snip>
## ... The SA will ensure crontabs have
## permissions of 600, or more restrictive, (700 for some Linux crontabs, which
## is detailed in the UNIX Checklist).
chmod -R 600 /etc/cron.daily
chmod -R 600 /etc/cron.hourly
chmod -R 600 /etc/cron.weekly
chmod -R 600 /etc/cron.monthly
chmod 600 /etc/crontab
chmod -R 600 /etc/cron.d
</snip>


I am happy to update this locally for my purposes but thought I should bring it to light. The lines I would suggest need changing are

chmod -R 700 /etc/cron.daily
chmod -R 700 /etc/cron.hourly
chmod -R 700 /etc/cron.weekly
chmod -R 700 /etc/cron.monthly




--
James Homer CEng MBCS CITP
Senior Technical Consultant
CESG Listed Advisor Scheme Member
Nexor

DDI: +44 (0) 115 952 0587
Tel: +44 (0) 115 952 0500
Fax: +44 (0) 115 952 0519
mailto:james.homer at nexor.com
http://www.nexor.com

Nexor is recognised as an Investor in People and is accredited to ISO 9001/TickIT and ISO/IEC27001:2005.  Further details of Nexor's accreditations can be found on our website.

DISCLAIMER: Privileged or confidential information may be contained in this message or within any files transmitted with it. If you are not the intended recipient, kindly destroy the message and notify the sender by reply email. Opinions, conclusions and other information in this message that do not relate to the official business of Nexor are neither given nor endorsed by it.

Nexor Limited, Bell House, Nottingham Science and Technology Park, University Boulevard, Nottingham, NG7 2RL A company registered in England, No: 05152465

More information about the Clip mailing list