openSUSE:Cron replace

Jump to: navigation, search

Purpose or why we need replace cron

Currently our default cron daemon is vixie-cron, upstream of this project looks dead and we have 20 patches in our package without chance to push it to upstream. This state leads to disorder and many patches use different syntax or style. Possible solutions are: create our new openSUSE fork and move it to git or svn, other solution is switch to other existing newer cron project (bcron,fcron,cronie) and merge our patches with them. Switching to cronie seems to be the best choice. Cronie is a fork from vixie-cron and it is the default cron daemon in Fedora. The git repo of this project is the most active repo of all the listed cron projects. It is also fork from vixie-cron—thus the code base is similar to vixie-cron in openSUSE.

Pros and cons - switch to cronie


  • could lead to different behavior
  • patches from Fedora could be unacceptable for openSUSE


  • fixes from fedora comes to our distro
  • versioning, clean package (without old patches)
  • cronie includes also anacron project

Patches in openSUSE vixie-cron

Patches from vixie-cron already included in cronie (deprecated)

  • Makefile.diff
  • pathnames.diff
  • sprintf_misc.diff
  • root-allowed.diff
  • manpages.diff
  • swapuids.diff
  • stat-no-fstat.diff
  • privilege_escalation.patch
  • segfault.patch
  • load_database.patch
  • restrict_link_count.patch
  • selinux.diff - cronie already contain support for selinux
  • vfork_sigchld.diff
  • crontab-permissions.diff - openSUSE use 644 permissions rule on crontab file (/var/spool/cron/tabs/username), Fedora use 600 rule, We will move to more restrict Fedora rule
  • sendasuser.diff - similar implementation in cronie
  • syscrondir.diff - similar implementation in cronie
  • remove_old_system.patch - similar implementation in cronie

Patches not included in cronie (fix for upstream)

  • pam.diff - pam_conv function should be pushed to cronie (pam config is different)
  • minuslog.diff - feature should be pushed to cronie

Patches not included in cronie (not suitable for upstream)

  • nheader_lines.diff - handle top three lines comment in crontab file

Differences between old openSUSE's cron and new openSUSE's cronie

So what will be changed in default openSUSE cron after switch to cronie ?

  • we will have anacron and audit support
  • see syscrondir.diff we will move to 600 permissions rule, for each crontab file (/var/spool/cron/tabs/username)
  • old 'crontab' command called without args prints message with usage options and do nothing, new crontab from cronie waits for input on stdin (waits to enter your new crontab rule)
  • Cronie contain inotify support, so it could effectively detect changed crontab files, and cron doesn't need to go through the all cron tab files, but on the other site symlinked crontabs are not automatically noticed by the cron daemon. The cron daemon must receive a SIGHUP to reload the crontabs. This is a limitation of inotify API.
  • Old cron daemon doesn't allow symlinks or hardlinks in crontab user tabs (/var/spool/cron/tabs), with cronie you could do this, could be more insecure (see bnc#258372 to related discussion)

Differences between new openSUSE's cronie and Fedora's cronie

/etc/crontab and processing sysconfig options
Fedora and openSUSE use system crontab file /etc/crontab to process cron.daily/ cron.hourly/ cron.monthly/ cron.weekly/, however in different way. In short : Fedora use /usr/bin/run-parts script (it's not part of cronie package, but crontabs package) and openSUSE's cron use /usr/lib/crons script. Both use different techniques : in openSUSE /usr/lib/crons manage start of all script in cron.* dirs and also use some part of sysconfig options from /etc/sysconfig/cron. This means that if we don't want break sysconfig ABI for cron after switch to cronie we must still use old /usr/lib/crons processing - but this is not problem as cronie source code is not binded to this script. Rest sysconfig options are used by scripts which are installed by packages which use cron services and these files are located in cron.daily/ cron.hourly/ cron.monthly/ cron.weekly/ so again we will not break here sysconfig options when we will switch to cronie
Top three lines of comments in crontab file
OpenSUSE put three lines of comments in to each crontab file :

# DO NOT EDIT THIS FILE - edit the master and reinstall.
# (/tmp/crontab.XXXXD6hhFw installed on Tue Dec 15 15:39:42 2009)
# (Cron version V5.0 -- $Id: crontab.c,v 1.12 2004/01/23 18:56:42 vixie Exp $)

These line should be hidden, when user edit crontabs rules using crontab command. Fedora doesn't use this comments, so openSUSE cronie have to apply patch nheader_lines.diff to handle this state
Other differences:

  • cronie in Fedora use /var/spool/cron to store crontab files fro users, openSUSE cronie use /var/spool/cron/tabs for this
  • cronie in openSUSE use /var/spool/cron/lastrun file to store info about last run - this is provided by /usr/lib/cron/run-crons (Fedora doesn't use this script see above)

How we will switch to cronie

We have more possibilities :
We will drop package cron (v4.1) from factory and we will add cronie(v1.4.3) package, to obsolete old cron v4.1 cronie's spec file will contain then (see cronie spec file in bs project):
Provides: cron = 4.2
Obsoletes: cron <= 4.1
- this bring a lot of issues, because switching from cron to cronie isn't really update of package, to remember proper state in runlevels we have to do few ugly hacks

cronie sources will be placed to old cron package (basically we could say, old cron will be updated to newer version)
- this doesn't work cronie has 1.4.4 version and our default vixie-cron has 4.1 zypper vcmp 1.4.4 4.1 shows :1.4.4 is older than 4.1

so finally we have to use few ugly hack and subpackage read this :

How to test cronie

For now we setup bs project for cronie : Base:System If you are brave, and you have installed openSUSE 11.2 just add Base:System repo and install cronie:

zypper ar
zypper in cronie

Your old cron daemon will be deleted