Hi all,
How do folks like to test system Cron scripts, which run in the context system_u:system_r:system_crond_t? The system administrator can't simply invoke them using runcon:
runcon system_u:system_r:system_crond_t /etc/cron.hourly/test.cron
because the usual policies don't permit transitions from sysadm_t to system_crond_t.
And, modifying the policy to permit such a transition seems to entail authorizing too many permissions, at least for my taste.
I've tried running test scripts out of /etc/crontab, but I find that I waste a lot of time waiting for Cron to wake up and launch my test script.
I've also tried running scripts, and test scripts, out of root's crontab, by using crontab -e. But, doing so entails extending permissions to crond_t, and I seem to end up in pretty much the same predicament.
What am I missing?
Cheers,
-- Bill McCarty, Ph.D. Professor of Information Technology Azusa Pacific University
