Default Cron Jobs run from /etc/crontab on FreeBSD r4.9

This document describes the default installation of cron jobs on FreeBSD. We'll start at the top and explain the files that control the actions, then follow the chain until every end action is describe (in summary) in the final table.

The cron jobs are run by cron(8). The file controlling the execution and time of the jobs is /etc/crontab. The description of /etc/crontab can be found in the man page, crobtab(5). All jobs run as root, as is specified in /etc/crontab.

An investigation of /etc/crontab will show that every job starts by resetting the environment variables. Then:

• every 5 minutes it executes /usr/libexec/atrun.
• every hour it rotates the 'news' log files, if neccessary.
• daily it runs 'periodic'.
• weekly it runs 'periodic'.
• monthly it runs 'periodic'.
• every half hour it runs 'adjkerntz' to adjust the CMOS clock and adjusts time zone (when needed).

Investigating each subdirectory we will find several files that start with a three digit number and end with some text. The pre-fixed numbers determine (in SystemV style) the execution order of the files. The remainder of the filename is traditionally used as a terse description of it's function. As an example, '100.clean-disks' runs before job '110.clean-tmps'. As such, '100.clean-disks' runs first and cleans the disks. (The specific tasks are described in the table below.)

Next, before executing the task intended, the script "sources", or reads, the default configuration file. If it exists, then it is located in /etc/default/periodic.conf. This file has the DEFAULT configuration values. These default values can be over-ridden by two other files. Those files are /etc/periodic.conf and /etc/periodic.conf.local. Canonically, /etc/periodic.conf over-rides the value stored in /etc/default/periodic.conf. (NOTE: Those files stored in /etc/default/* are not intended to be edited. To change the default values use the over-ride files.)

The other file, /etc/periodic.conf.local, is intended for to work in conjunction with /etc/daily.local, /etc/weekly.local and /etc/monthly.local. These un-created directories are intended for root level cron jobs that are not installed by default.

These non-default (administrator installed) root level cron jobs are then run last by a script called 999.local. Each of the default temporal directories in /etc/periodic/ has a copy of this file. The file, 999.local, then in turn searches it's related directory for scripts. For example, /etc/perodic/daily/999.local searches the directory /etc/daily.local for scripts to run, but not before checking for values it might need for it's scripts from /etc/periodic.conf.local.

Lastly, /etc/default/periodic.conf contains the a variable named local_periodic. It, in turn, stores the locations of other directories for scripts to run. Those directories are /usr/local/etc/periodic and /usr/X11R6/etc/periodic. Those directories are intended for cron jobs needed for third-party applications. However, as of this writing, the variable local_periodic is not used, or listed, in any of the default scripts or files, with the exception /etc/default/periodic.conf.

The Table Below

The reader is cautioned that this table is not a definition of the jobs, but a description of those jobs listed as of the date of this writing. Given the volitale nature of the system, the user is advised, when in doubt, "read the source".

NEW

Special Note:
If you're looking for an answer to user crontab, a common problem is listed in the FAQ under
Why do I keep getting messages like “root: not found” after editing my crontab file?.
http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/admin.html#ROOT-NOT-FOUND-CRON-ERRORS

/etc/periodic/daily:
number of jobs: 22
Job	Runs by Default	What it does
100.clean-disks	NO	Uses find(1) to remove a.out, core dumps (*.core) and some emacs files more than three (3) days old.
110.clean-tmps	NO	Uses find(1) to do some cleanup of temporary files more than three (3) days old. The comments say: Use at your own risk, but for a long-living system, this might come more useful than the boot-time cleaning of /tmp. If /var/tmp and /tmp are symlinked together, only one of the below will actually run.
120.clean-preserve	YES	Uses find(1) to remove files in /var/preserve more than 7 days old.
130.clean-msgs	YES	Uses msgs(1) (-c) to remove system messages more than 21 days old. Note: Documentation is inconsistent. The option used is very easy to miss.
140.clean-rwho	YES	Uses find(1) to removes files from /var/rwho (rwho(1)) that are more than 7 days old.
150.clean-hoststat - NEW	YES	Uses sendmail(8) (-bH) to remove stale entries from sendmail host status cache.
200.backup-passwd	YES	Backs up passwd(5) and group(5) files, if it is different from the last backup. Sends root the diff(1). Verifying group file syntax with chkgrp(8).
210.backup-aliases	YES	Backs up mail aliases(5) (/etc/aliases).
220.backup-distfile	YES	Backs up /etc/distfile, part of rdist(1). See Also: 320.rdist. NOTE: distfile is documented in rdist(1), not section 5.
300.calendar	NO	Processes the calender(1) files for all users and mail the result to them. The comments say: `calendar -a' needs to die. Why? Because it's a bad idea, particular networked home directories, but also in general. If you want the of `calendar' mailed to you, set up a cron job to do it, run it from your ~/.profile or ~/.login. I disagree. Earlier, it seemed to have problems. Now it looks okay. However, the documentation is still fuzzy. NOTE:calendar user file format should be in section five (5), but it is described in calender(1).
310.accounting	YES	Rotates accounting logs in /var/account/ and gathers statistics sa(8)(-s). Three (3) days worth of accounting are kept, and no compression (gzip(1)(-f)) is used by default. The compression tool NOT configurable.
320.rdist	YES	Runs rdist(1)(-f) to distribute files as outlined by /etc/Distfile. NOTE: Distfile is documented in rdist(1), not section 5.
330.news	YES	Expires "news" articles - This is present only for backwards compatibility, usually "news" handles this on its own. Note: This script runs /etc/news.expires, which does not exists by default, so it silently fails. news.expires is not documented. It is assumed this is application specific, since there are so many different programs that do "news".
340.uucp	YES	Local cleanup of UUCP files. This is for backwards compatibility. /etc/uuclean.daily doesn't exist by default, so it silently fails. Note: It is not clear to this author if UUCP is still in general use. uuclean.daily is not documented.
400.status-disks	YES	Reports filesystems capacity df(1)(-k -t nofs), except NFS mounts. Reports files needing dumping by doing dump(8)(-W) (which reads from /etc/dumpdates). /etc/dumpdates is empty by default, so the second part of this script really does nothing. NOTE: dumpdates is documented in dump(1) under the -u option, not section 5.
410.status-uucp	YES	UUCP status - uustat(1)(-a).
420.status-network	YES	Network interface status netstat(1)(-i).
430.status-rwho	YES	Local network system status (ruptime(1)) OR Local system status (uptime(1)). NOTE: Since /var/rwho contains no files ruptime(1) does not get run.
440.status-mailq	YES	Prints a summary of mail messages queued for future delivery. NOTE: Uses perl(1), sort(1), uniq(1), sort(1) and awk(1).
450.status-security	YES	Security check Runs periodic(8) security that: Checks setuid files and devices Checks mounts - NEW Checks uids of zero(0). Checks for passwordless accounts Shows denied, reset or unreached packets for ipfw(8), if running. Shows which rules have reached their log limits for ipfw(8), if running. Checks ip6fw denied - NEW Checks ip6fw limits - NEW Shows kernel log messages Shows login failures Shows tcp_wrapper warning messages, if running. NOTE: Formerly, this ran as a single script, now it has it's own formal directory and multiple scripts.
460.status-mail-rejects	YES	Check for rejected mail hosts in /var/log/maillog and any archived log files.
470.status-named - NEW	YES	Checks for denied zone transfers (AXFR and IXFR)
500.queuerun - NEW	YES	Actually sends emails waiting in the queue to be sent using sendmail(8)(-Ac -q).
999.local	YES	Run the old /etc/daily.local script. This is really for backwards more than anything else.
/etc/periodic/weekly:
number of jobs: 7
Job	Runs by Default	What it does
120.clean-kvmdb	YES	Uses find(1) to delete kernel database files in /var/db more that 7 days old.
300.uucp	YES	Local cleanup of UUCP files. This is for backwards compatibility. /usr/libexec/uucp/clean.weekly doesn't exist by default, so it fails. Note: It is not clear to this author if UUCP is still in general use. uuclean.weekly is not documented.
310.locate	YES	Rebuilds locate(1) database (/var/db/locate.database) by running /usr/libexec/locate.updatedb Note: This author created a printed article for Daemon News (Configuring Locate Issue 5, 2001) on this subject.
320.whatis	YES	Rebuilds whatis(1) database (/var/db/locate.database) by running /usr/libexec/makewhatis.local. Note: See makewhatis(1) for details.
330.catman	NO	Reformats manual pages by running /usr/libexec/catman.local.
340.noid	NO	Check for files belongs to an unknown user or unknown group using the very ubiquitious find(1).
999.local	YES	Runs /etc/weekly.local.
/etc/periodic/monthly:
number of jobs: 2
Job	Runs by Default	What it does
200.accounting	YES	Does accounting (ac(8)(-p -w)) after investigating /var/log/wtmp then reports from the records of individual login and logout.
999.local	YES	Runs /etc/monthly.local.

Refererence:(in order of apperance)

cron(8) - daemon to execute scheduled commands (Vixie Cron)
crontab(5) - tables for driving cron
periodic(8) - run periodic system functions
atrun(8) - run jobs queued for later execution

HOME
Events - SVBUG Events
BABE - Bay Area BSD Events
BSD Developer (Documentation, Mirrors, Benchmarks, Online Tools)
BSD Administrator (Man, Security, Ports)

About SVBUG
Past SVBUG Events
About BSD
History of BSD

Links
Site Map