Is there a way to find bloody crons? Specifically one that are running every minute! Im getting hammered by some jobs that were trying to change permissions on an account, it runs everyminute, i deleted the path where it was trying to edit, i just cant find the source!
If that helps or makes any sense.... i get 1 of those emails in my queue every 30sec-1min. By the end of the day i delete thousands of them. >.< only because it doesnt go anywhere obvously. But a job is still running and i need to find out where it is some how. Any ideas? Thanks in advanced
1GQrpV-0005cn-4w-H root 0 0 <[email protected]> 1158957661 0 -ident root -received_protocol local -body_linecount 2 -auth_id root -auth_sender [email protected] -allow_unqualified_recipient -allow_unqualified_sender -deliver_firsttime -local XX 1 [email protected] 158P Received: from root by site.mydomain.com with local (Exim 4.52) id 1GQrpV-0005cn-4w for [email protected]; Sat, 23 Sep 2006 06:41:01 +1000 025* From: root (Cron Daemon) 049F From: [email protected] (Cron Daemon) 009* To: root 033T To: [email protected] 099 Subject: Cron <[email protected]> [B]chown root /tmp/pwned; chmod 4755 /tmp/pwned; rm -f[/B] /etc/cron.d/core 028 X-Cron-Env: <SHELL=/bin/sh> 049 X-Cron-Env: <PATH=/usr/bin:/usr/sbin:/sbin:/bin> 025 X-Cron-Env: <HOME=/root> 027 X-Cron-Env: <LOGNAME=root> 024 X-Cron-Env: <USER=root> 056I Message-Id: <[email protected]> 038 Date: Sat, 23 Sep 2006 06:41:01 +1000 --- 1GQrpV-0005cn-4w-D chown: cannot access `/tmp/pwned': No such file or directory chmod: cannot access `/tmp/pwned': No such file or directory