Braindump

Cron is an exceptionally useful tool in the Linux world where administrative tasks can easily be rolled up into shell, php, perl, and python scripts among other things. Per a website that I just came across, the word cron comes from the Greek word chronos which means time.

First, lets setup the environment. I use VI as my text editor on Linux and you can view my “60 second VI tutorial” on here as well. To ensure that VI will be our crontab (cron table) editor we will need to edit your “.profile” file for whatever user you are going to be logged in with (typically root).

vi /root/.profile

Add one of thefollowing lines above the second fi to match your preference.

export EDITOR=/usr/bin/vi #if you have just VI installed
export EDITOR=/usr/bin/vim.basic #if you have VIM installed

Ensure that you save it with :wq.

Now that we have that out of the way, lets start scheduling tasks.

Since backups are traditionally something that you would want to automate or schedule, I’ll use it as my main example but first I’ll break down the cron scheduling syntax.

0 2 * * * root tar czf /var/backup/www.tar.gz /var/www >> /dev/null 2>&1

With the above example and the table of what each field does, you get can put together that at 0200 or 2:00 AM every day root will be running “tar czf /var/backup/www.tar.gz /var/www >>/dev/null 2>&1″ which is telling tar to tar up /var/www into /var/backup/www.tar.gz and /dev/null 2>&1 is a way to have the command put any output into a “trash can” if you will  Alternately you can specify a log file for that output to go with “>> /var/log/cronforcommand.log 2>&1″.  The * in a schedule means to omit that portion of the schedule.

That one was pretty basic so I’ll get a little more complicated now.  Matter of fact, I’ll just skip the user and command to execute from now on and focus on the command structure for scheduling with cron

EXAMPLES:

Every Minute - * * * * *

Every 5 Minutes - 0,5,10,15,20,25,30,35,40,45,50,66 * * * *

Every 5 Minustes (Simple) - */5 * * * *

Every Hour - * */1 * * *

Every 2 hours - * */2 * * *

Every Day @2:00 AM - 0 2 * * *

Every Day @ 6:00 PM - 0 18 * * *

Every Sunday @ 3:15 AM - 15 3 * * 0

On Feburary 11 @ 10:00 PM - 0 22 11 2 *

That pretty much covers the majority of typical uses for cron. Obviously this is a very powerful tool and can do so much more but for this post, I think it’ll do.  If I messed anything up , please let me know.  Enjoy.

At work, I find it somewhat hard to stay on task.  I like it when I get real material things that can help manage my time.  One of they guys I work with sent me a link for this lecture by Randy Pausch.  As he recently passed due to cancer, this speaks volumes for his character as he had approximately 3 months to live at the time of this talk.  Please enjoy.

Seventy-five percent of the servers I have been working on over the last few months have been Linux.  Mostly Ubuntu.  This due to the fact that my company has allow me to start migrating over and building new servers on this platform.  With that, we need secure ways to access the servers.  On occasion I’ll use webmin but mostly just SSH and whatever website is running on it (management, applications, etc).  Webmin takes care of itself with a self signed certificate and SSH creates its own keys.  Pretty easy there.  Now, for the website that is running on the box, out of the gate it’s unencrypted TCP/80 traffic running from an Apache 2 web server.  This short tutorial will cover how to create a CSR with OpenSSL for use when getting a certificate from one of the CA’s.  I won’t explain everything here but you may use Ubuntu’s https-help guide if you need more info found here.

First, let’s make sure we have the right packages installed.

apt-get install openssh apache2 apache2.2-common php5

Now let’s enable SSL for apache2

sudo a2enmod ssl

Now lets create the server SSL key.

cd /etc/ssl/private
openssl genrsa -des3 -out dns.server.com.key 1024

Ok, now that we have the key, let’s create the CSR to be given to the CA.

openssl req -new -key dns.server.com.key -out dns.server.com.csr

It will prompt you for the passphrase and some other bits of information.  The most important one is site name.  This must match the name of your server.  Something like mail.domain.com or www.domain.com would be appropriate here.

The CSR can now be uploaded to whatever CA you choose.  I use GoDaddy because they are so cheap.

If you do not want to purchase a certificate you can create your own self signed cert with the following command.

openssl x509 -req -days 365 -in dns.server.com.csr -signkey dns.server.com.key -out dns.server.com.crt
cp /etc/ssl/private/dns.server.com.crt /etc/ssl/certs

Now that we have the cert created, let’s configure Apache to use it. Add the following 3 lines to your website configuration.  The default one is located in /etc/apache2/sites-available/default.

SSLEngine on
SSLCertificateFile /etc/ssl/certs/dns.server.com.crt
SSLCertificateKeyFile /etc/ssl/private/dns.server.com.key

Save that config file and enable Apache to listen on 443 for HTTPS traffic.  Add the following line to /etc/apache2/ports.conf

Listen 443

Restart your Apache2 process and you should have a fully functional SSL enabled website.

/etc/init.d/apache2 force-reload && /etc/init.d/apache2/restart

vi is neat.  Most of the engineers I work with like nano or pico but I like vi.  For some reason it makes me feel more like a geek when I’m using it.  In fact, I’ve been using it so often lately that I have been trying to use vi command in notepad (obviously without success).  This tutorial will cover only the basics but that should be enough to get you started.  A much better tutorial is available here.

vi /etc/network/interfaces - opens /etc/network/interfaces in vi

i - insert
/ - search
G - [Shift] g - go to bottom of page
dd - delete the line
d <- or d -> - d [left or right arrow] delete 1 character in that direction
10G - 10 [Shift] g - move to line 10 (obviously number can be replaced)
10dd - delete 10 lines from cursor and below (again, number can be changed)
:q - quit (no changes may have been made)
:q! - quit (do not save changes)
:wq - write quite (save and quit)
:w - write (save)

Ok, now that you have mastered the basics of vi, please refer all other needs to the link provided above.  Hope you like vi as much as I do.

NOTE:  Ubuntu (and maybe debian) have a few things that the built in vi program have that seem a little strange.  I usually install vim just to be safe.  to do this run sudo apt-get install vim-full.


Please!!  I’ve been using an old P4 1.6Ghz and 512Mb memory at home with Ubuntu loaded on it for some time now.  I can’t seem to ever come up with enough cash to purchase this myself so I thought I would give ChipIn at try.  It’s a new (I think) service that allows you to have a fund raiser of your own.  Check it out and try it for yourself.

I’m looking at one of the higher end HP or Dell’s running Vista Ultimate with a dual monitor setup for home.  I have dual monitors at work and it gets pretty hard to get all the work I want to get done at home when I only have a single 17″ flat panel.  Pretty low tech if you ask me.

For those of you who do donate, thank you very much.  I appreciate it.  For those of you who don’t, I won’t hold any grudges.