Forge Home

cron

Manage cron on AIX, Solaris and RHEL

7,751 downloads

6,871 latest version

1.9 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 0.1.3 (latest)
  • 0.1.2
  • 0.1.1
  • 0.1.0
released Feb 14th 2017

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'geoffwilliams-cron', '0.1.3'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add geoffwilliams-cron
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install geoffwilliams-cron --version 0.1.3

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

geoffwilliams/cron — version 0.1.3 Feb 14th 2017

Build Status

cron

Table of Contents

  1. Description
  2. Usage - Configuration options and additional functionality
  3. Reference - An under-the-hood peek at what the module is doing and how
  4. Limitations - OS compatibility, etc.
  5. Development - Guide for contributing to the module

Description

This module manages file permissions for the cron daemon on RHEL, Solaris and AIX. On RHEL, anacron may also be installed.

Usage

cron::anacron

  • Install anacron
  • Manage permissions for:
    • /etc/anacrontab
include cron::anacron

cron::cron_allow_deny

  • Manage the permissions for:
    • cron.allow
  • Removes cron.deny
  • Authorises passed in list of users in cron.allow by ensuring that each user is present in the file (does not delete existing entries)
class {"cron::cron_allow_deny":
  allow_users => ['root', 'adm'],
}

cron::protect_config

  • Normally applies to modern RHEL cron daemons
  • Manage permissions for:
    • /etc/crontab
    • /etc/cron.hourly
    • /etc/cron.daily
    • /etc/cron.weekly
    • /etc/cron.monthly
    • /etc/cron.d
include cron::protect_config

cron::protect_log

  • Protect cron's log file by enforcing correct permissions
include cron::protect_log

cron::protect_spool

  • Protect cron's spool files and directories by enforcing correct permissions:
    • root's crontab restricted to 0700
    • All crontabs restricted to 0770
    • All crontabs owned by the correct group (root for RedHat and Solaris, cron on AIX)
include cron::protect_spool

cron::protect_var

  • Protect cron's /var directory by enforcing correct permissions (Solaris)
include cron::protect_var

Suggested per-OS usage

RHEL

include cron::anacron
include cron::protect_config
include cron::protect_log

Solaris

class {"cron::cron_allow_deny":
  allow_users => ['root'],
}include cron::protect_log
include cron::protect_var

AIX

class {"cron::cron_allow_deny":
  allow_users => ['root', 'adm'],
}
include cron::protect_log
include cron::protect_spool

Reference

Classes

  • cron::anacron Manage anacron package and permissons on anacrontab (RedHat)
  • cron::cron_allow_deny Control permissions and content on cron.allow/cron.deny (AIX, Solaris)
  • cron::params Params pattern
  • cron::protect_configs Protect configuration file permissions (RedHat)
  • cron::protect_log Protect the log file with correct permissions (RedHat, AIX, Solaris)
  • cron::protect_spool Protect the spool directories (RedHat, AIX, Solaris)
  • cron::protect_var Protect cron's directory under /var (Solaris)

Limitations

  • Assumes that cron itself is already installed
  • Does not attempt to manage the cron services
  • Not supported by Puppet, Inc.

Development

PRs accepted :)

Testing

This module supports testing using PDQTest.

Test can be executed with:

bundle install
bundle exec pdqtest all

See .travis.yml for a working CI example