[CentOS] Script not running correctly as cronjob

Thu Feb 2 09:58:07 UTC 2017
Tony Mountifield <tony at softins.co.uk>

In article <9f43c460b0374ac3951c18dd2d477b14 at 2sic.com>,
Daniel Reich <Daniel.Reich at 2sic.com> wrote:
> Thank you for the hints
> 
> I modified like you described.
> I also moved the permission part out of the loop (once at the end of the script is enough).
> 
> Now with the "set -x" the script is working also in cron.

The "set -x" would not be not what made it work - it is a debugging aid only.

If it now works, then that is due to one of your other changes and you can
remove the "set -x" again if you wish.

Cheers
Tony

> Best regards
> Daniel
> 
> 
> 
> -----Original Message-----
> From: CentOS [mailto:centos-bounces at centos.org] On Behalf Of Tony Mountifield
> Sent: Wednesday, February 1, 2017 11:04 AM
> To: centos at centos.org
> Subject: Re: [CentOS] Script not running correctly as cronjob
> 
> In article <86827d81f1944333ae213f2d3f19856a at 2sic.com>,
> Daniel Reich <Daniel.Reich at 2sic.com> wrote:
> > Hi
> > 
> > I have a script to resign all DNS zones every two weeks. When i run 
> > the script from bash, it works like it should. But when it is executed in cron not. Its starting normal as cronjob:
> > Feb  1 03:00:01 xxx CROND[20116]: (root) CMD (sh 
> > /opt/dnssec/resign_dnssec_zones.sh)
> > 
> > But after i get a mail that everything is finsihed, but it isn't.
> > 03:04:28 DNSSEC-Signierung abgeschlossen
> > 
> > The script deletes the old signed zones, but don't resign it. The mail is also sent.
> > Below the script.
> > 
> > Anybody an idea why it doesn't work in cron?^ I cannot find any error 
> > in any log.
> 
> After the first line, add a line saying: set -x
> 
> Then set cron to run it and examine the output that gets mailed to you.
> 
> The -x tells it to echo each command it is about to execute. That will help you to see how far it is getting.
> 
> Further comments below.
> 
> Cheers
> Tony
> 
> > Best regards
> > Daniel
> > 
> > 
> > #!/bin/bash
> > KSKDIR="/etc/named/KSK"
> > ZSKDIR="/etc/named/ZSK"
> > ZONEDIR="/var/named/chroot/var/named"
> > LOG="/var/named/chroot/var/log/dnssec_resign.log"
> > MAILREC="monitor at xx"
> > 
> > #delete old signed files
> > rm -rf $ZONEDIR/*.signed
> > 
> > #delete the old log
> > rm -rf $LOG
> > 
> > #read the zonefiles
> > ZONEFILES=$(ls -p $ZONEDIR | grep -v '/$' | grep -v 'dsset*')
> > 
> > for FILES in $ZONEFILES; do
> > #remove the .zone at the end
> >         ZONE=$(echo "${FILES%.*}")
> 
> Why not just: ZONE=${FILES%.*}
> 
> > #remove the old signed zone
> >     rm -rf $ZONEDIR/$ZONE.signed
> 
> You deleted them all further up.
> 
> > #Sign the zone
> >         cd $ZONEDIR
> 
> Why not do this before the loop? Then you also don't need $ZONEDIR/ everywhere.
> 
> >         dnssec-signzone -o $ZONE -k $KSKDIR/K$ZONE.*.key -e +3024000 
> > -f $ZONE.signed $ZONEDIR/$ZONE.zone $ZSKDIR/K$ZONE.*.key >> $LOG
> > 
> > #Set the correct permissions
> >         chown named.named $ZONEDIR/*.signed
> >         chmod 755 $ZONEDIR/*.signed
> >         sleep 5
> > done
> > rm -rf $ZONEDIR/named.zone
> > 
> > echo $(date +"%T")"DNSSEC-Signierung abgeschlossen - Neustart des 
> > Servers" >> $LOG echo "$(cat $LOG)" | mail -s "DNSSEC-Signierung 
> > abgeschlossen auf xxx" $MAILREC
> > 
> > 
> > _______________________________________________
> > CentOS mailing list
> > CentOS at centos.org
> > https://lists.centos.org/mailman/listinfo/centos
> > 
> 
> 
> --
> Tony Mountifield
> Work: tony at softins.co.uk - http://www.softins.co.uk
> Play: tony at mountifield.org - http://tony.mountifield.org _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
> 


-- 
Tony Mountifield
Work: tony at softins.co.uk - http://www.softins.co.uk
Play: tony at mountifield.org - http://tony.mountifield.org