Hi guys This post is some sort of follow up of this one, and obviously many more from this forum. I can't say I've tested everything I've read, mostly because I hold myself doing thing I really don't understand, but after 4 hours of struggle, my head is about to blow. Basically, I've set up a perfect debian stretch server with ISPConfig. it's a fresh install of the server. BASICS I have an .sh file in /var/www/mysite/com/private the file is created and owned by the user "web3" I assume my script is ok as I can run it as web3 from the terminal with the command : ./myshfile.sh sh myshfile.sh ./var/www/mysite.com/private/myshfile.sh /var/www/mysite.com/private/./myshfile.sh sh /var/www/mystie.com/private/myshfile.sh However I create a cron job in ISPConfig, whith any of the above commands, I can't have the script run. Actually I think this damn job is not run but I'm not 100% sure I can see the job in /etc/cron.d/ispc_chrooted_web3 Code: MAILTO='' SHELL='/usr/sbin/jk_chrootsh' * * * * * web3 /private/civi-cron.sh >/dev/null 2>&1 #mysite.com and here is basically what I have in /var/log/ispconfig/cron.log Code: Thu Nov 15 18:07:02 CET 2018 Thu Nov 15 18:07:02 CET 2018 Thu Nov 15 18:07:02 CET 2018 15.11.2018-18:07 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'. Thu Nov 15 18:07:02 CET 2018 15.11.2018-18:07 - DEBUG - Found 1 changes, starting update process. Thu Nov 15 18:07:02 CET 2018 15.11.2018-18:07 - DEBUG - Calling function 'update' from plugin 'cron_jailkit_plugin' raised by event 'cron_update'. Thu Nov 15 18:07:02 CET 2018 15.11.2018-18:07 - DEBUG - Jailkit Plugin (Cron) -> update username:web3 Thu Nov 15 18:07:02 CET 2018 15.11.2018-18:07 - DEBUG - Calling function 'update' from plugin 'cron_plugin' raised by event 'cron_update'. Thu Nov 15 18:07:02 CET 2018 15.11.2018-18:07 - DEBUG - Wrote Cron file /etc/cron.d/ispc_web3 with content: Thu Nov 15 18:07:02 CET 2018 MAILTO='' Thu Nov 15 18:07:02 CET 2018 SHELL='/bin/sh' Thu Nov 15 18:07:02 CET 2018 Thu Nov 15 18:07:02 CET 2018 */20 * * * * web3 /usr/bin/wget --no-check-certificate --user-agent='Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:47.0) Gecko/20100101 Firefox/47.0' -$ Thu Nov 15 18:07:02 CET 2018 Thu Nov 15 18:07:02 CET 2018 15.11.2018-18:07 - DEBUG - Wrote Cron file /etc/cron.d/ispc_chrooted_web3 with content: Thu Nov 15 18:07:02 CET 2018 MAILTO='' Thu Nov 15 18:07:02 CET 2018 SHELL='/usr/sbin/jk_chrootsh' Thu Nov 15 18:07:02 CET 2018 Thu Nov 15 18:07:02 CET 2018 * * * * * web3 /private/myshfile.sh >/dev/null 2>&1 #mysite.com Thu Nov 15 18:07:02 CET 2018 Thu Nov 15 18:07:02 CET 2018 15.11.2018-18:07 - DEBUG - Processed datalog_id 92 Thu Nov 15 18:07:02 CET 2018 15.11.2018-18:07 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock Thu Nov 15 18:07:02 CET 2018 finished. Thu Nov 15 18:08:01 CET 2018 Thu Nov 15 18:08:01 CET 2018 Thu Nov 15 18:08:01 CET 2018 15.11.2018-18:08 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'. Thu Nov 15 18:08:01 CET 2018 15.11.2018-18:08 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock Thu Nov 15 18:08:01 CET 2018 finished. Thu Nov 15 18:09:01 CET 2018 Thu Nov 15 18:09:01 CET 2018 Thu Nov 15 18:09:01 CET 2018 15.11.2018-18:09 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'. Thu Nov 15 18:09:01 CET 2018 15.11.2018-18:09 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock Thu Nov 15 18:09:01 CET 2018 finished. Thu Nov 15 18:10:01 CET 2018 c1_my_site does not exceed quota qize: -1048576 > 14385152 Thu Nov 15 18:10:01 CET 2018 Thu Nov 15 18:10:01 CET 2018 Thu Nov 15 18:10:01 CET 2018 15.11.2018-18:10 - DEBUG - Calling function 'check_phpini_changes' from plugin 'webserver_plugin' raised by action 'server_plugins_loaded'. Thu Nov 15 18:10:01 CET 2018 /usr/bin/fail2ban-client Thu Nov 15 18:10:01 CET 2018 15.11.2018-18:10 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock Thu Nov 15 18:10:01 CET 2018 finished. Thu Nov 15 18:10:01 CET 2018 /sbin/iptables Thu Nov 15 18:10:01 CET 2018 /sbin/ip6tables EXTRA INFO just for the sake of testing I created an other cron job as such I have a .php file with a mailto() function in /var/www/mysite.com/web/ if I create a cron job in ISPC with http://mysite.com/myphpfile.php I do receive an email as expected ; this is for testing purpose I can see the job in /etc/cron.d/ispc_web3 mysite.com contains a fresh install of wordpress and civicrm. I followed civicrm tutorial for the installation and testing of the cron job. I opted for wp-cli. everything works the myshfile.sh contains : Code: echo 'debug' ls -la /var/www/mysite.com/private/myshfile.sh /usr/local/bin/wp --user=MYWPUSER --url=http://mysite.com --path=/var/www/mysite.com/web/ civicrm api job.execute auth=0 Any guidance would be greatly appreciated. Thank's
Whoooo Crasy I found a solution, but maybe not the "right solution" you'll tell me. I addressed the problem form a different angle and found this post : I got it from this post Out of the box, when you are logged in as admin in ISPConfig, when you create a cron job with http://mydomain.com/myphpscript.php ISPConfig creates /var/cron.d/ipsc_webX this file contains in its header SHELL='/bin/sh' the cron job will be run the comand iside the cron job will be run as well when you create a cron job with /var/www/mysite.Com/private.myshscript.sh ISPConfig creates /var/cron.d/ipsc_chrooted_webX this file contains in its header SHELL='/usr/sbin/jk_chrootsh the cron job will be run but the comand inside the cron job will not be run Don't ask me why. Something related to jailkit and the user beeing jailed. In order to run .sh script in your cron job you may : Log is as admin in IPSC go to Client and edit the one concerned go to Limits > Cron Job Limits > set Max. Allowed Cronjob types to Full cron No you may delete you .sh cron job and create it again. ISPConfig will add it to /var/cron.d/ispc_webX (you won't have anymore /var/cron.d/ispc_chrooted_webX) TaaaDaaa ! Now i still have a huge question If, in ISPConfig I do not log in as admin but as a client, either before or after having changed the above setting, I can't see any way to create a cron job ?! So how a clien is suposed to do ? Thank's
Yes, thats's the difference between a chrooted cronjob and a non chrooted cronjob. When you create a chrooted cronjob, then you must ensure that all programs that you call in that cronjob exist in the chroot and that all paths that you use in your files are relative to the chroot root fir, so "/var/www/mysite.com/web/" outside of the chroot is just "/web/" inside the chroot. so in your case, your shell script should have been: Code: echo 'debug' ls -la /private/myshfile.sh /usr/local/bin/wp --user=MYWPUSER --url=http://mysite.com --path=/web/ civicrm api job.execute auth=0 and you must ensure that the wp command you use exists in (seen as root user) /var/www/mysite.com/usr/local/bin/wp
oh ooooh ok does this also mean that I should create the cron job with this url to my script /private/civi-cron.sh ? about the wp comand beeing visible in /var/www/mysite.com/usr/local/bin/wp it's an other topic, but how am I supose to do ? make sure I install it for all users ? or create a symlink to /usr/local/bin
No. Install it there. A jail is a security function to prevent that the cronjob can access data from other sites. This implies that the command that you want to use must be installed inside the jail, it can not be installed globally and you can not use symlinks as the symlink target does not exist from within the jail. If symlinks from inside the jail to a program outside of the jail would be possible, then jails would be useless.
got it ! finally It took me a while to realise that a cron job based on a .sh script was jailed, once done the way out could be found So the idea is to install the comand , in this case wp, in /var/www/mysite.com/usr/local/bin/ and not as root but as webX, the ssh user linked to mysite.com as such, the webX can run this comand and it can only affect files in /var/www/mysite.com/ many many thank's
I have a simlare challenge I have made a little sh script that will bakckup some files to another computer. This works fine in shell. So I see two approaches.. I add cron under user in ISPconfig and I did so and added the SH file in a directory under web,. I gave folder and files usr right to be same as rest of web. to web owner. ANd it is executable. Still is nto script running.. SO I am wondering now how can I get a root script to run. my backup done auto by ISP Config are on a folder that I excpect need root priveliage to run. I have been looking at the crintab file but.. I might break something.. Any hints?