Re: Script not running correctly as cronjob

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Thank you for the hints

I modified like you described.
I also moved the permission part out of the loop (once at the end of the script is enough).

Now with the "set -x" the script is working also in cron.

Best regards
Daniel



-----Original Message-----
From: CentOS [mailto:centos-bounces@xxxxxxxxxx] On Behalf Of Tony Mountifield
Sent: Wednesday, February 1, 2017 11:04 AM
To: centos@xxxxxxxxxx
Subject: Re:  Script not running correctly as cronjob

In article <86827d81f1944333ae213f2d3f19856a@xxxxxxxx>,
Daniel Reich <Daniel.Reich@xxxxxxxx> wrote:
> Hi
> 
> I have a script to resign all DNS zones every two weeks. When i run 
> the script from bash, it works like it should. But when it is executed in cron not. Its starting normal as cronjob:
> Feb  1 03:00:01 xxx CROND[20116]: (root) CMD (sh 
> /opt/dnssec/resign_dnssec_zones.sh)
> 
> But after i get a mail that everything is finsihed, but it isn't.
> 03:04:28 DNSSEC-Signierung abgeschlossen
> 
> The script deletes the old signed zones, but don't resign it. The mail is also sent.
> Below the script.
> 
> Anybody an idea why it doesn't work in cron?^ I cannot find any error 
> in any log.

After the first line, add a line saying: set -x

Then set cron to run it and examine the output that gets mailed to you.

The -x tells it to echo each command it is about to execute. That will help you to see how far it is getting.

Further comments below.

Cheers
Tony

> Best regards
> Daniel
> 
> 
> #!/bin/bash
> KSKDIR="/etc/named/KSK"
> ZSKDIR="/etc/named/ZSK"
> ZONEDIR="/var/named/chroot/var/named"
> LOG="/var/named/chroot/var/log/dnssec_resign.log"
> MAILREC="monitor@xx"
> 
> #delete old signed files
> rm -rf $ZONEDIR/*.signed
> 
> #delete the old log
> rm -rf $LOG
> 
> #read the zonefiles
> ZONEFILES=$(ls -p $ZONEDIR | grep -v '/$' | grep -v 'dsset*')
> 
> for FILES in $ZONEFILES; do
> #remove the .zone at the end
>         ZONE=$(echo "${FILES%.*}")

Why not just: ZONE=${FILES%.*}

> #remove the old signed zone
>     rm -rf $ZONEDIR/$ZONE.signed

You deleted them all further up.

> #Sign the zone
>         cd $ZONEDIR

Why not do this before the loop? Then you also don't need $ZONEDIR/ everywhere.

>         dnssec-signzone -o $ZONE -k $KSKDIR/K$ZONE.*.key -e +3024000 
> -f $ZONE.signed $ZONEDIR/$ZONE.zone $ZSKDIR/K$ZONE.*.key >> $LOG
> 
> #Set the correct permissions
>         chown named.named $ZONEDIR/*.signed
>         chmod 755 $ZONEDIR/*.signed
>         sleep 5
> done
> rm -rf $ZONEDIR/named.zone
> 
> echo $(date +"%T")"DNSSEC-Signierung abgeschlossen - Neustart des 
> Servers" >> $LOG echo "$(cat $LOG)" | mail -s "DNSSEC-Signierung 
> abgeschlossen auf xxx" $MAILREC
> 
> 
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> https://lists.centos.org/mailman/listinfo/centos
> 


--
Tony Mountifield
Work: tony@xxxxxxxxxxxxx - http://www.softins.co.uk
Play: tony@xxxxxxxxxxxxxxx - http://tony.mountifield.org _______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux