Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Cron job will run via shell but not the user account

Discussion in 'General Discussion' started by Luke Jones, Nov 13, 2018.

  1. Luke Jones

    Luke Jones Registered

    Joined:
    Nov 13, 2018
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    England
    cPanel Access Level:
    Root Administrator
    Hi All hope you can help i have hit a bit of a confusing issue.

    I have a cron job setup on a user that does not seem to run, if I apply shell access to the user then the cron will run fine however with jailed shell or no shell it will not run. The same cron is in place on other users without shell access and runs fine on another server.

    Both servers run on the same ESXi platform with the same configuration of virtual hardware

    I have checked file permissions to ensure they match, as well as server configuration for pretty much everything i can think of, both servers are on v76.0.6

    If i manually edit the cd /var/spool/cron/USERNAME file and exchange the line:

    SHELL="/usr/local/cpanel/bin/jailshell"

    for:

    SHELL="/bin/bash"

    this allows the cron to run however as soon as this is updated via cPanel this line reverts and the cron ceases to work again

    Any help would be greatly appreciated.
     
  2. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,456
    Likes Received:
    503
    Trophy Points:
    263
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @Luke Jones


    Can you provide an idea of what the cron is doing? You could even add it here just remove anything account specific. Also would it be possible to provide some information on the system you're running (OS, cPanel version, PHP version etc.)?

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Luke Jones

    Luke Jones Registered

    Joined:
    Nov 13, 2018
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    England
    cPanel Access Level:
    Root Administrator
    System information:

    Code:
    $ uname -a
    Linux XXXXXXXXRedactedXXXXXXXX 3.10.0-862.14.4.el7.x86_64 #1 SMP Wed Sep 26 15:12:11 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
    Code:
    $ cat /etc/redhat-release
    CentOS Linux release 7.5.1804 (Core)
    Code:
    $ df -h
    Filesystem      Size  Used Avail Use% Mounted on
    /dev/sda2       843G  289G  520G  36% /
    devtmpfs        7.8G     0  7.8G   0% /dev
    tmpfs           7.8G  4.0K  7.8G   1% /dev/shm
    tmpfs           7.8G  814M  7.0G  11% /run
    tmpfs           7.8G     0  7.8G   0% /sys/fs/cgroup
    tmpfs           1.6G     0  1.6G   0% /run/user/1317
    The server has php 5.6, 7.0 and 7.2 installed however this user is using 7.0 (have tested this with 7.2 with the same issue)

    The cron:
    Code:
    30 * * * * /usr/local/bin/php /home/USER/public_html/includes/cron/cron.php ecommerce.php
    Contents of cron.php:

    Code:
    <?php
    require_once(__DIR__.'/../classes/classes_core.php');
    // Create Empty Databases Object
    $Databases       = new stdClass();
    // Pre-Load Website Data
    $Website        = new Website();
    $Website->URI   = 'CRON';
    // Get Languages
    if(!$_SESSION[$Website->DB]->Languages) {
       $Languages = new Language();
       $Languages->GetRecords();
       $_SESSION[$Website->DB]->Languages = array();
       foreach($Languages->Items as $Language) {
           $Key = reset(explode('_',$Language->Code));
           if($Language->IsDefault) {
               $_SESSION[$Website->DB]->DefaultLanguage = $Key;
           }
           $Language->GetPhrases();
           $_SESSION[$Website->DB]->Languages[$Key] = $Language;
       }
       unset($Languages);
    }
    // Process CRON
    $Website->ProcessCRON($argv[1] ? $argv[1] : $_GET['File']);
    // Unset Website & Database
    unset($Website,$Databases);
    ?>
    Contents of ecommerce.php:

    Code:
    <?php
    global $argv;
    
    ini_set('max_execution_time',0);
    ini_set('memory_limit',-1);
    
    $this->Language       = $_SESSION[$this->DB]->Languages[$_SESSION[$this->DB]->DefaultLanguage];
    $this->Products       = new Product();
    
    $Directory           = __DIR__.'/ecommerce/'.($argv[1] ? 'php' : 'curl').'/';
    $Files               = scandir($Directory);
    
    echo "\n".'Ecommerce CRON Started...'."\n\n";
    
    foreach($Files as $File) {
     
       if(substr($File,-4) === '.php') {
        
           $ExecutionTimes = explode(',',$this->Products->Config->CRON->$File);
    
           if($ExecutionTimes && in_array(date('H'),$ExecutionTimes)) {
               require($Directory.$File);
               echo 'CRON Complete: "'.$File.'"'."\n";
           }
           elseif(!array_filter($ExecutionTimes)) {
               echo 'No Execution Time(s) Set For: "'.$File.'"'."\n";
           }
        
       }
    
    }
    ?>
     
    #3 Luke Jones, Nov 15, 2018
    Last edited by a moderator: Nov 15, 2018
  4. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,456
    Likes Received:
    503
    Trophy Points:
    263
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @Luke Jones

    Thank you so much for all the information! This is really helpful. Two things:

    1. Can you tell me which PHP handler you're using?

    2. Can you show me the output when you run the cron manually (as the user) with and without JailShell enabled?


    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,456
    Likes Received:
    503
    Trophy Points:
    263
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @Luke Jones

    Another thing that just came to my attention. You noted the following:
    How are you editing? Can you confirm that /var/spool/cron/$user is owned by user:user?

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. Luke Jones

    Luke Jones Registered

    Joined:
    Nov 13, 2018
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    England
    cPanel Access Level:
    Root Administrator
    Hi cPanelLauren,

    The php Handlers are all set to cgi however the system is configured using PHP-FPM which i believe is used instead?

    When running the cron manually with full shell access it prints to the screen and it then pauses there for a while whilst the database is populated (i am dumping the table contents in between tests currently for testing purposes so can see all the new entries) before returning to the prompt. When running as the cron instead of manually via shell it sends the email to.

    Code:
    $ /usr/local/bin/php /home/USER/public_html/includes/cron/cron.php ecommerce.php
    
    Ecommerce CRON Started...
    
    $
    When shell access is set to jailed shell it does nothing.

    Code:
    $ /usr/local/bin/php /home/USER/public_html/includes/cron/cron.php ecommerce.php
    $
    Nothing on the screen just straight to the prompt again and when running as the cron instead of manually via shell no email.

    Regards
     
    #6 Luke Jones, Nov 15, 2018
    Last edited: Nov 15, 2018
  7. Luke Jones

    Luke Jones Registered

    Joined:
    Nov 13, 2018
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    England
    cPanel Access Level:
    Root Administrator
    All files in /var/spool/cron/ look to be owned by root:root

    Code:
    $ cd /var/spool/cron/
    $ ls -al
    -rw-------.  1 root root   215 Nov 15 16:41 USER

    I did most of the editing via the user cPanel account. It was only after finding that it ran via shell with full access that I compared the file using VIM with the account set to full shell and then again set to jailed shell and disabled shell. I edited it to give it the full shell access after setting the user back to disabled shell to try and make the account as secure as I could whilst implementing the "/bin/bash" entry to allow the cron to run as a temporary work around
     
    #7 Luke Jones, Nov 15, 2018
    Last edited: Nov 15, 2018
  8. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,456
    Likes Received:
    503
    Trophy Points:
    263
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Is anything added to the php-fpm error logs? You can find them at
    Code:
    /opt/cpanel/ea-php70/usr/var/log/php-fpm/error.log
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice