以非root用户身份运行python cron脚本

Question

I have a small problem running a python script as a specific user account in my CentOS 6 box.

My cron.d/cronfile looks like this:

5 17 * * * reports /usr/local/bin/report.py > /var/log/report.log 2>&1

The account reports exists and all the files that are to be accessed by that script are chowned and chgrped to reports . The python script is chmod a+r . The python script starts with a #!/usr/bin/env python .

But this is not the problem. The problem is that I see nothing in the logfile. The python script doesn't even start to run! Any ideas why this might be?

If I change the user to root instead of reports in the cronfile, it runs fine. However I cannot run it as root in production servers.

If you have any questions please ask :)

/e: If I do sudo -u reports python report.py it works fine.

Answer 1

Cron jobs run with the permissions of the user that the cron job was setup under. IE Whatever is in the cron table of the reports user, will be run as the reports user.

If you're having to so sudo to get the script to run when logged in as reports , then the script likely won't run as a cron job either. Can you run this script when logged in as reports without sudo ? If not, then the cron job can't either. Make sense?

Check your logs - are you getting permissions errors?

There are a myriad of reasons why your script would need certain privs, but an easy way to fix this is to set the cron job up under root instead of reports . The longer way is to see what exactly is requiring elevated permissions and fix that. Is it file permissions? A protected command? Maybe adding reports to certain groups would allow you to run it under reports instead of root .

*be ULTRA careful if/when you setup cron jobs as root