On Wed, Apr 25, 2007 at 01:35:36AM +0200, Kay Smarczewski wrote: > On Sun, Apr 15, 2007 at 11:06:41AM +0200, Franck Joncourt wrote: > > On Sat, Apr 14, 2007 at 10:41:16AM +0200, Kay Smarczewski wrote: > > > On Fri, Apr 13, 2007 at 07:02:09PM +0200, Franck Joncourt wrote: > > > > > > > > According to the manpage, root overrides the rights you put in both > > > > /etc/cron.allow and /etc/cron.deny. > > > > > > > > So, have you tried just to remove root from those files, and see what > > > > happened ? > > > /etc/cron.deny doesn't exist. so from this file there should be no > > > "danger". > > > since if have removed root from cron.allow all goes the right way. > > > > > > but i don't understand that fact: if i add root to cron.allow i > > > will explicitly grant executing crontab commands to root. > > > if i don't add it to the file, access for root is granted by > > > default. > > > > > > so i think it should not matter if which way i go, should it? > > > > I see your point, but it would not have come to my mind to add root to > > /etc/cron.allow, or as for example, to /etc/shutdown.allow. > Ok. > > I get still the messages. But it seems from an weekly executed command. > Isn't there a way to see which command is not allowed to run? >
It may seem quite simple, but what about enabling your weekly scripts one by one in the /etc/cron.weekly/ directory ? This is the only thing I have in mind right now. -- Franck Joncourt http://www.debian.org http://smhteam.info/wiki/ GPG server : pgpkeys.mit.edu Fingerprint : C10E D1D0 EF70 0A2A CACF 9A3C C490 534E 75C0 89FE
signature.asc
Description: Digital signature