It's Here!
CPX 360 2021 Content
Check Point Harmony
Highest Level of Security for Remote Users
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
Advanced Protection for
Small and Medium Business
Important! R80 and R80.10
End Of Support around the corner (May 2021)
Forrester Study Finds
CloudGuard Generates 169% ROI
Hey guys,
So, I want to setup a couple cronjobs to run a few bash scripts on my gateways. One being the healthcheck.sh. I then created an export script to take the two files it creates and export it to an FTP server.
Both of my shell scripts can be executed manually but when I try to setup cronjobs, they don't work. I created a user called jobuser to execute these.
[Expert@host]# crontab -u jobuser -l
0 1 1 1-12 * /home/admin/healthcheck.sh
0 2 1 1-12 * /home/admin/healthcheckexport.sh
25 3 * * * /home/admin/healthcheckexport.sh
Here you can see I have two schedules, one to run the healthcheck first then to run the export, then I have a third that I was just testing with live to see why or why it isnt working.
After this I also created a healthjob cron in etc/cron.d and chmod 664 to give it proper permissions.
Referencing How to create a cron job on SecurePlatform OS that runs every minute
[Expert@host]# cd /etc/cron.d/
[Expert@host]# ls -al
total 24
drwx------ 2 admin root 4096 Feb 16 16:55 .
drwxr-xr-x 47 admin root 12288 Feb 13 08:41 ..
-rw-rw-r-- 1 admin root 51 Feb 16 16:55 healthjob
-rw-r--r-- 1 admin root 188 Jan 31 2008 sysstat
[Expert@host]# cat healthjob
56 16 * * * root /home/admin/healthcheckexport.sh
When I restart the cron service and tail /var/log/cron I get BAD FILE MODE which just means permission issue as far as I know in the unix. I even chmod to 777 for fun and no luck.
Feb 20 10:50:15 2018 host crond[31840]: (*system*) BAD FILE MODE (/etc/cron.d/healthjob)
I also made sure that both my scripts start with !#bin/bash I've also tried adding -f -x but that isn't recognized
Any help would be greatly appreciated.
Kaspars_Zibarts
You can test your user permissions with runuser command. I created a script that can only be executed by admin UID 0 (kasparsz has the same UID)
[Expert@fw1:0]# runuser -l kasparsz /home/kasparsz/test.sh
test
[Expert@fw1:0]# runuser -l testuser /home/kasparsz/test.sh
-bash: /home/kasparsz/test.sh: Permission denied
Make sure that role that you have associated with this new user has rights to execute scheduled jobs
Kaspars, I ran chmod 777 on both of the scripts I need to run. Every user has access to them. Is there something I'm missing?https://community.checkpoint.com/people/kaspa0460ae43-b630-4a72-b063-0a8888fa3bb5
[Expert@fw1]# runuser -l jobuser /home/admin/healthcheck.sh
Usage-
clish [-d DebugLevel -i -l ExtLck -s -o OutFmt { -c Cmd | -f File }]
-c Cmd ;Single command to execute.
-d N ;Debug Level in which shell should operate.
-f File ;File to load configuration from.
-i ;Ignore cmd failure in batch and continue.
-l ExtLck ;Use the given lock-id.
-o OutFmt ;Output format (pretty, xml, structured).
-s ;Issue 'save' at the end.
Kaspars_Zibarts
This means means your job user has wrong shell set. Change it to bash instead of clish. In user settings.
Thank you, that worked when changing the shell to bash for "jobuser" Missed that part.
PhoneBoy
This is really more of an https://community.checkpoint.com/community/infinity-general/appliances-and-gaia?sr=search&searchId=5... question
Hello Kyle
Can you please share the export script that you have created?
Thanks.
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY