crontab Command

Purpose

Submits, edits, lists, or removes cron jobs.

Syntax

crontab [ -e [UserName] | -l [UserName] | -r [UserName] | -v [UserName] | File ]

Description

The crontab command submits, edits, lists, or removes cron jobs. A cron job is a command run by the cron daemon at regularly scheduled intervals. To submit a cron job, specify the crontab command with the -e flag. The crontab command invokes an editing session that allows you to create a crontab file. You create entries for each cron job in this file. Each entry must be in a form acceptable to the cron daemon. For information on creating entries, see The crontab File Entry Format.

When you finish creating entries and exit the file, the crontab command copies it into the /var/spool/cron/crontabs directory and places it in a file named for your current user name. If a file with your name already exists in the crontabs directory, the crontab command overwrites it.

Alternatively, you can create a crontab file by specifying the File parameter. If the file exists, it must be in the format the cron daemon expects. If the file does not exist, the crontab command invokes the editor. If the EDITOR environment variable exists, the command invokes the editor it specifies. Otherwise, the crontab command uses the vi editor.

To list the contents of your crontab file, specify the crontab command with the -l flag. To remove an existing file, use the -r flag.

The optional UserName parameter can be used by the owner of the crontab file or by the root user to edit, list, remove, or verify the status of the cron jobs for the specified user. If the UserName is invalid, an error message is generated and the program exits.

If the optional UserName parameter is not specified, the crontab flags are available for the root user and the current user.

Security

Only the root user or the owner of the crontab file can use UserName following the -e, -l, -r, and -v flags to edit, list, remove, or verify the crontab file of the specified user.

The cron Daemon

The cron daemon runs commands according to the crontab file entries. Unless you redirect the output of a cron job to standard output or error, the cron daemon mails you any command output or errors. If you specify a cron job incorrectly in your crontab file, the cron daemon does not run the job.

The cron daemon examines crontab files only when the cron daemon is initialized. When you make changes to your crontab file using the crontab command, a message indicating the change is sent to the cron daemon. This eliminates the overhead of checking for new or changed files at regularly scheduled intervals.

Controls on Using the crontab Command

The /var/adm/cron/cron.allow and /var/adm/cron/cron.deny files control which users can use the crontab command. A root user can create, edit, or delete these files. Entries in these files are user login names with one name to a line. If your login ID is associated with more than one login name, the crontab command uses the first login name that is in the /etc/passwd file, regardless of which login name you might actually be using. Also, to allow users to start cron jobs, the daemon attribute in the /etc/security/user file should be set to TRUE , using the chuser command.

The following is an example of an cron.allow file:

root
nick
dee
sarah

If the cron.allow file exists, only users whose login names appear in it can use the crontab command. The root user's log name must appear in the cron.allow file if the file exists. A system administrator can explicitly stop a user from using the crontab command by listing the user's login name in the cron.deny file. If only the cron.deny file exists, any user whose name does not appear in the file can use the crontab command.

A user cannot use the crontab command if one of the following is true:

If neither the cron.allow nor the cron.deny file exists, only someone with root user authority can submit a job with the crontab command.

The crontab File Entry Format

A crontab file contains entries for each cron job. Entries are separated by newline characters. Each crontab file entry contains six fields separated by spaces or tabs in the following form:

 
minute  hour  day_of_month  month  weekday  command

These fields accept the following values:

Item Description
minute 0 through 59
hour 0 through 23
day_of_month 1 through 31
month 1 through 12
weekday 0 through 6 for Sunday through Saturday
command a shell command

You must specify a value for each field. Except for the command field, these fields can contain the following:

Note: Any character preceded by a backslash (including the %) causes that character to be treated literally. The specification of days may be made by two fields (day of the month and day of the week). If you specify both as a list of elements, both are adhered to. For example, the following entry:
0 0 1,15 * 1 command

would run command on the first and fifteenth days of each month, as well as every Monday. To specify days by only one field, the other field should contain an * .

Specifying Commands

The cron daemon runs the command named in the sixth field at the selected date and time. If you include a % (percent sign) in the sixth field, the cron daemon treats everything that precedes it as the command invocation and makes all that follows it available to standard input, unless you escape the percent sign (\%). Blank lines and lines whose first non-blank character is the number sign (#) will be ignored. If the arguments to the command have a backslash ('\'), the backslash should be preceded by another backslash.

Note: The shell runs only the first line of the command field. All other lines are made available to the command as standard input.

The cron daemon starts a subshell from your HOME directory. If you schedule a command to run when you are not logged in and you want commands in your .profile file to run, the command must explicitly read your .profile file.

The cron daemon supplies a default environment for every shell, defining HOME, LOGNAME, SHELL (=/usr/bin/sh), and PATH (=/usr/bin).

Flags

Item Description
-e UserName Edits a copy of the user's crontab file or creates an empty file to edit if the crontab file does not exist for a valid UserName. When editing is complete, the file is copied into the crontab directory as the user's crontab file.
-l UserName Lists the user's crontab file.
-r UserName Removes the user's crontab file from the crontab directory.
-v UserName Lists the status of the user's cron jobs.

Security

Auditing Events

If the auditing subsystem is properly configured and is enabled, the crontab command generates the following audit record (event) every time the command is run:

Event Information
CRON_JobRemove Lists which users removed a crontab file and when.
CRON_JobAdd Lists which users edited a crontab file and when.

Attention RBAC users and Trusted AIX® users: This command can perform privileged operations. Only privileged users can run privileged operations. For more information about authorizations and privileges, see Privileged Command Database in Security. For a list of privileges and the authorizations associated with this command, see the lssecattr command or the getcmdattr subcommand.

Exit Status

This command returns the following exit values:

Item Description
0 Successful completion.
>0 An error occurred.

Examples

  1. To copy a file called mycronjobs into the /var/spool/cron/crontabs directory, enter the following:
    crontab mycronjobs
    The file will be copied as:
    /var/spool/cron/crontabs/<username>
    where <username> is your current user name.
  2. To write the time to the console every hour on the hour, enter:
    0 * * * * echo The hour is `date` . 
    >/dev/console
  3. To run the calendar command at 6:30 a.m. every Monday, Wednesday, and Friday, enter:
    30 6 * * 1,3,5 /usr/bin/calendar
  4. To run the calendar command every day of the year at 6:30, enter the following:
    30 6 * * * /usr/bin/calendar
  5. To run a script called maintenance every day at midnight in August, enter the following:
    0 0 * 8 * /u/harry/bin/maintenance
  6. To define text for the standard input to a command, enter:
    0 16 * 12 5 /usr/sbin/wall%HAPPY HOLIDAY!%Remember to 
    turn in your time card.
    The text following the % (percent sign) defines the standard input to the wall command as:
    HAPPY HOLIDAY!
     
    Remember to turn in your time card.

Files

Item Description
/var/adm/cron/FIFO A named pipe that sends messages to the cron daemon when new jobs are submitted with the crontab or at command.
/var/spool/cron/crontabs Specifies the crontab spool area.
/var/adm/cron/cron.allow Specifies a list of users allowed access to the crontab command.
/var/adm/cron/cron.deny Specifies a list of users denied access to the crontab command.