# [solved] vixie-cron: not allowed as user

## elmar283

I had a problem accessing crontab as normal user. I could access it as root: 'crontab -u elmarotter -e', but not as normal user. I'm using vixie-cron. I did solve the problem, but I would like to know it is wright what I did.

Config:

```

elmarotter@masterserver ~ $ cat /etc/cron.deny 

# $Id: vixie-cron-4.1-cron.deny,v 1.1 2005/03/04 23:59:48 ciaranm Exp $

# If for any reason you have users in the 'cron' group who should not

# be allowed to run crontab, add them to this file (one username per

# line)

all

elmarotter@masterserver ~ $ cat /etc/cron.allow 

elmarotter

mailman

elmarotter@masterserver ~ $ ls -la /var/spool/cron/

totaal 16

drwxr-x--- 4  755 cron 4096 12 jul 20:12 .

drwxr-xr-x 9 root root 4096  2 jun 13:34 ..

drwx-wx--T 2  755 cron 4096 14 jul 15:57 crontabs

-rw-r--r-- 1  755 root    0 12 jul 20:12 .keep_sys-process_cronbase-0

drwxr-x--- 2  755 root 4096 14 jul 16:00 lastrun

```

Reemering 'cronbase' did not resolve the problem. 

```

masterserver crontabs # ls -la

totaal 24

drwx-wx--T 2 root cron 4096 14 jul 15:57 .

drwxr-xr-x 4 root cron 4096 12 jul 20:12 ..

-rw------- 1 root cron  665  6 jun  2011 amavis

-rw------- 1 root cron  278 14 jul 13:20 elmarotter

-rw-r--r-- 1 root cron    0  8 jun 23:14 .keep_sys-process_vixie-cron-0

-rw------- 1 root cron 1597 14 jul 15:57 mailman

-rw------- 1 root cron 1876 14 jul 13:26 root

```

I changed permissies to 'g+rx'. Now I can access crontab again.

```

masterserver crontabs # ls -la

totaal 24

drwx-wx--T 2 root cron 4096 14 jul 15:57 .

drwxr-xr-x 4 root cron 4096 12 jul 20:12 ..

-rw-r-x--- 1 root cron  665  6 jun  2011 amavis

-rw-r-x--- 1 root cron  278 14 jul 13:20 elmarotter

-rw-r--r-- 1 root cron    0  8 jun 23:14 .keep_sys-process_vixie-cron-0

-rw-r-x--- 1 root cron 1597 14 jul 15:57 mailman

-rw------- 1 root cron 1876 14 jul 13:26 root

```

Last edited by elmar283 on Fri Aug 10, 2012 10:11 pm; edited 2 times in total

----------

## elmar283

There still seems to be a problem:

```
crontab: installing new crontab

crontab: error renaming crontabs/tmp.XXXXo74fp4 to crontabs/elmarotter

rename: Bewerking niet toegestaan

crontab: edits left in /tmp/crontab.XXXXm1T7qY
```

----------

## Veldrin

revert all changes, and add the user to group cron. then logout and login again.

V.

----------

## elmar283

User elmarotter is in the cron group:

```

elmarotter@masterserver /var/spool/cron $ groups elmarotter

wheel audio cdrom video users cron apache wireshark elmarotter

```

I did revert everything en re-emerged cronbase, with the result that I cannot do 'crontab -e' as a user.

Any sugestions?

----------

## Veldrin

could ou post the permissions of /var/spool/cron/crontabs (e.g ls -lad /var/spool/cron/crontabs)

V.

----------

## elmar283

Here it is:

```

elmarotter@masterserver ~ $ ls -lad /var/spool/cron/crontabs

drwx-wx--T 2 root cron 4096 14 jul 16:36 /var/spool/cron/crontabs

```

----------

## elmar283

I still don't know why I can't access the crontab for regular users. Is there anyone who knows how to fix this?

Could it have something to do with having hardned sources?

----------

## Jaglover

Looking at /etc/group it seems there is also crontab group.

----------

## elmar283

user elmarotter is now member of crontab group. I logged out and in again. Still no luck:

```

elmarotter@masterserver ~ $ groups

wheel cron audio cdrom video apache users crontab wireshark elmarotter

elmarotter@masterserver ~ $ crontab -e

crontabs/elmarotter: Toegang geweigerd

```

----------

## Jaglover

I just checked in two of my boxes the owner of parent directory is root:crontab, my user's crontab belongs to <user>:crontab. I'd try and change it, I see in your box it is root:cron.

----------

## elmar283

Thanks that did the trick. Just to be sure: this is what you meant?:

```

elmarotter@masterserver /var/spool/cron $ sudo ls -la crontabs/

totaal 24

drwx-wx--T 2 root       cron    4096 10 aug 22:47 .

drwxr-x--- 4 root       cron    4096 14 jul 16:50 ..

-rw------- 1 amavis     cron     665  6 jun  2011 amavis

-rw------- 1 elmarotter crontab  278 10 aug 22:47 elmarotter

-rw-r--r-- 1 root       cron       0  8 jun 23:14 .keep_sys-process_vixie-cron-0

-rw------- 1 mailman    cron    1597 14 jul 15:57 mailman

-rw------- 1 root       cron    1876 14 jul 13:26 root

```

----------

## Jaglover

If it worked, great. The parent directory ownership is still different.

drwx-wx--T 2 root crontab  54 May 22 08:15 .

----------

## elmar283

Like this?:

```

elmarotter@masterserver /var/spool/cron $ sudo ls -la crontabs/

totaal 24

drwx-wx--T 2 root       crontab 4096 10 aug 22:50 .

drwxr-x--- 4 root       crontab 4096 14 jul 16:50 ..

-rw------- 1 amavis     crontab  665  6 jun  2011 amavis

-rw------- 1 elmarotter crontab  277 10 aug 22:50 elmarotter

-rw-r--r-- 1 root       crontab    0  8 jun 23:14 .keep_sys-process_vixie-cron-0

-rw------- 1 mailman    crontab 1597 14 jul 15:57 mailman

-rw------- 1 root       crontab 1877 10 aug 22:50 root

```

----------

## Jaglover

Like this

```
ls -la /var/spool/cron/crontabs/

total 4

drwx-wx--T 2 root crontab  54 May 22 08:15 .

drwxr-x--- 4 root cron     70 Feb 22 18:59 ..

-rw-r--r-- 1 root root      0 Feb 22 20:09 .keep_sys-process_vixie-cron-0

-rw------- 1 saul crontab 287 May 22 08:15 saul

```

----------

## elmar283

Then this should be it:

```

elmarotter@masterserver /home/ftp/elmarotter $ sudo ls -la /var/spool/cron/crontabs/

totaal 24

drwx-wx--T 2 root       crontab 4096 10 aug 22:50 .

drwxr-x--- 4 root       cron    4096 14 jul 16:50 ..

-rw------- 1 amavis     crontab  665  6 jun  2011 amavis

-rw------- 1 elmarotter crontab  277 10 aug 22:50 elmarotter

-rw-r--r-- 1 root       root       0  8 jun 23:14 .keep_sys-process_vixie-cron-0

-rw------- 1 mailman    crontab 1597 14 jul 15:57 mailman

-rw------- 1 root       crontab 1877 10 aug 22:50 root

```

----------

## Jaglover

Yep, glad you got it sorted.  :Smile: 

----------

