[CentOS] Script not running correctly as cronjob

Tony Mountifield tony at softins.co.uk
Wed Feb 1 10:04:02 UTC 2017


In article <86827d81f1944333ae213f2d3f19856a at 2sic.com>,
Daniel Reich <Daniel.Reich at 2sic.com> wrote:
> Hi
> 
> I have a script to resign all DNS zones every two weeks. When i run the script from bash, it works like it should. But
> when it is executed in cron not. Its starting normal as cronjob:
> Feb  1 03:00:01 xxx CROND[20116]: (root) CMD (sh /opt/dnssec/resign_dnssec_zones.sh)
> 
> But after i get a mail that everything is finsihed, but it isn't.
> 03:04:28 DNSSEC-Signierung abgeschlossen
> 
> The script deletes the old signed zones, but don't resign it. The mail is also sent.
> Below the script.
> 
> Anybody an idea why it doesn't work in cron?^
> I cannot find any error in any log.

After the first line, add a line saying: set -x

Then set cron to run it and examine the output that gets mailed to you.

The -x tells it to echo each command it is about to execute. That will help
you to see how far it is getting.

Further comments below.

Cheers
Tony

> Best regards
> Daniel
> 
> 
> #!/bin/bash
> KSKDIR="/etc/named/KSK"
> ZSKDIR="/etc/named/ZSK"
> ZONEDIR="/var/named/chroot/var/named"
> LOG="/var/named/chroot/var/log/dnssec_resign.log"
> MAILREC="monitor at xx"
> 
> #delete old signed files
> rm -rf $ZONEDIR/*.signed
> 
> #delete the old log
> rm -rf $LOG
> 
> #read the zonefiles
> ZONEFILES=$(ls -p $ZONEDIR | grep -v '/$' | grep -v 'dsset*')
> 
> for FILES in $ZONEFILES; do
> #remove the .zone at the end
>         ZONE=$(echo "${FILES%.*}")

Why not just: ZONE=${FILES%.*}

> #remove the old signed zone
>     rm -rf $ZONEDIR/$ZONE.signed

You deleted them all further up.

> #Sign the zone
>         cd $ZONEDIR

Why not do this before the loop? Then you also don't need $ZONEDIR/ everywhere.

>         dnssec-signzone -o $ZONE -k $KSKDIR/K$ZONE.*.key -e +3024000 -f $ZONE.signed $ZONEDIR/$ZONE.zone
> $ZSKDIR/K$ZONE.*.key >> $LOG
> 
> #Set the correct permissions
>         chown named.named $ZONEDIR/*.signed
>         chmod 755 $ZONEDIR/*.signed
>         sleep 5
> done
> rm -rf $ZONEDIR/named.zone
> 
> echo $(date +"%T")"DNSSEC-Signierung abgeschlossen - Neustart des Servers" >> $LOG
> echo "$(cat $LOG)" | mail -s "DNSSEC-Signierung abgeschlossen auf xxx" $MAILREC
> 
> 
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
> 


-- 
Tony Mountifield
Work: tony at softins.co.uk - http://www.softins.co.uk
Play: tony at mountifield.org - http://tony.mountifield.org



More information about the CentOS mailing list