PDA

View Full Version : cron / crond / crontab / automatic backups / howdy busybox



jflemingeds
2015-10-01, 21:51
So I've been working with the 1200Rs a lot lately, which are basically the same thing as a 1100 only a MIPS CPU and some other fancy bits.

What i've found is Gaia Embedded doesn't have a scheduler (cron) setup but does have all the support for it built in.

Gaia embedded is running a userland from the busybox project. Its basically a set of all the normal unix utilities wrapped up into a single binary. The reason for this is it saves a huge amount of space. The way busybox works is all based on how its called. so if busybox is called cp then it works like the unix copy command.

You can see all the busybox modules compiled in via bosybox --help.

So.. where am i going with this.

crond and crontab are in there. All you have to do is create some symbolic links and you have crond and crontab.

i don't have one in front of me but just cd /sbin ; ls -l | grep busybox

you'll see the format for the symlink command. Its something like (i'll fix type-os later, i don't have a 1200R in front of me)

cd /sbin
ln -s ../bin/busybox crond
ln -s ../bin/busybox crontab

#Now you need to create the crontab folders
mkdir -p /var/spool/cron/crontabs/
#Now start cron
/sbin/crond

Now you can setup cron jobs! You'll need to add this to the userScript file to make it setup everyone on boot up. This file is also included in backups so your changes will be saved as well.


I opened a ticket with checkpoint and asked why they didn't enable cron as i want to setup automatic backups. I was told because checkpoint wants you to manage these firewalls via their cloud based management solution which does support automatic backups. MEH! i say MEH!

Irek_Romaniuk
2015-10-02, 08:34
Nice work , does it survive reboot ? I had similar discussion (https://www.cpug.org/forums/showthread.php/20400-can-t-ssh-to-1100-using-kyes) with CP about ssh to 1100 without password (key based auth) , they don't support it and will overwrite eventual hack..

PhoneBoy
2015-10-02, 08:37
Points for extreme cleverness.

jflemingeds
2015-10-02, 10:03
Nice work , does it survive reboot ? I had similar discussion (https://www.cpug.org/forums/showthread.php/20400-can-t-ssh-to-1100-using-kyes) with CP about ssh to 1100 without password (key based auth) , they don't support it and will overwrite eventual hack..

Its not saved post reboot, but that's why I said save it to userScript.

/pfrm2.0/etc/userScript

This is where you put user scripts. Its basically just like rc.local on a normal gateway only that its not created by default so you don't (in theory) have to worry about upgrades overwriting it.

BTW I forgot about the oddness you found.

ls -ld /
drwxr-xr-x 21 105 80 0 Oct 2 04:35 /

</eyeroll>

This is R77.20 no HFA.

Irek_Romaniuk
2015-10-02, 12:56
I did below , don't see it working..

# crontab -l
*/5 * * * * /opt/fw1/bin/fw fetch > /output.txt

yeah to survive reboot I appended to '>> /pfrm2.0/bin/os_start' in the past

jflemingeds
2015-10-02, 13:01
I did below , don't see it working..

# crontab -l
*/5 * * * * /opt/fw1/bin/fw fetch > /output.txt

yeah to survive reboot I appended to '>> /pfrm2.0/bin/os_start' in the past

ps ax | grep cron

alter cronjob - still have to setup the environment vars just like a normal gateway.
*/5 * * * * source /etc/profile ; /opt/fw1/bin/fw fetch 2>&1 | logger

jflemingeds
2015-10-02, 13:04
btw you will most likely loose the update to that file with a firmware upgrade where as userScript (in theory) should not.

oh.. missed the part about in the past. Never mind.

Irek_Romaniuk
2015-10-02, 13:12
Right thnx, but still no result what is that 'alter conjob' ?
# ps ax | grep cron
14218 pts/1 R+ 0:00 grep cron
# crontab -l
*/5 * * * * source /etc/profile ; /opt/fw1/bin/fw fetch 2>&1 | logger

jflemingeds
2015-10-02, 13:17
Nothing showing up in messages file?

I changed your cronjob to throw output to syslog so you don't have to worry about eating disk space and you forward syslog events to a syslog server automatically assuming you have a forwarder setup.

oh.. crond isn't running. Your grep is showing the grep processing the output of ps and searching for cron.

Irek_Romaniuk
2015-10-02, 13:19
[Expert@Irek-11]# cat /var/log/messages | grep cron
[Expert@Irek-11]#

jflemingeds
2015-10-03, 03:29
[Expert@Irek-11]# cat /var/log/messages | grep cron
[Expert@Irek-11]#

Not sure if you noticed or not, but you didn't start crond. See pervious post.

Irek_Romaniuk
2015-10-05, 12:07
Hm..right I am sure I run it , but did again:


[Expert@Irek-11]# /sbin/crond
[Expert@Irek-11]# ps ax | grep cron
19377 ? Ss 0:00 /sbin/crond
19389 pts/1 R+ 0:00 grep cron

and now looks good


[Expert@Irek-11]# crontab -l
*/5 * * * * source /etc/profile ; /opt/fw1/bin/fw fetch 2>&1 | logger
[Expert@Irek-11]# fw stat
HOST POLICY DATE
localhost Z_Irek_11_VPN 5Oct2015 12:05:10 :

Thnx a lot , I was looking for it some time ago

Irek_Romaniuk
2015-10-05, 12:13
btw..do you know how to install curl on 1100 busybox ? ;)

jflemingeds
2016-04-03, 20:33
I made a blog entry about this. It has a few more details and a full work through. Skip to step 6 for quick and dirty.

http://blog.spikefishsolutions.com/2016/04/enabling-cron-scheduling-services-on.html

I corrected a few type-os in the initial posting at the top.

some other notes. Create your crontab entries via echo statements from /pfrm2.0/etc/userScript and don't use crontab.