from small one page howto to huge articles all in one place

search text in:

Which kernel version do you use?

poll results

Last additions:
using iotop to find disk usage hogs

using iotop to find disk usage hogs






average rating: 1.7 (82 votes) (1=very good 6=terrible)

May 25th. 2007:




why adblockers are bad

Workaround and fixes for the current Core Dump Handling vulnerability affected kernels

Workaround and fixes for the current Core Dump Handling vulnerability affected kernels






average rating: 1.3 (27 votes) (1=very good 6=terrible)

April, 26th. 2006:

You are here: manpages


Section: Maintenance Commands (8)
Updated: 1 May 2011
Index Return to Main Contents


crond - dillon's lightweight cron daemon  


B]crond [-s dir] [-c dir] [-t dir] [-m user@host] [-M mailhandler] [-S|-L file] [-l loglevel] [-b|-f|-d]]  


B]crond] is a background daemon that parses individual crontab files and executes commands on behalf of the users in question.

-s dir
directory of system crontabs (defaults to /etc/cron.d)
-c dir
directory of per-user crontabs (defaults to /var/spool/cron/crontabs)
-t dir
directory of timestamps for @freq and FREQ=... jobs (defaults to /var/spool/cron/cronstamps)
-m user@host
where should the output of cronjobs be directed? (defaults to local user) Some mail handlers (like msmtp) can't route mail to local users. If that's what you're using, then you should supply a remote address using this switch. Cron output for all users will be directed to that address. Alternatively, you could supply a different mail handler using the -M switch, to log or otherwise process the messages instead of mailing them. Alternatively, you could just direct the stdout and stderr of your cron jobs to /dev/null.
-M mailhandler
Any output that cronjobs print to stdout or stderr gets formatted as an email and piped to C]/usr/sbin/sendmail -t -oem -i]. Attempts to mail this are also logged. This switch permits the user to substitute a different mailhandler, or a script, for sendmail. That custom mailhandler is called with no arguments, and with the mail headers and cronjob output supplied to stdin. When a custom mailhandler is used, mailing is no longer logged (have your mailhandler do that if you want it). When cron jobs generate no stdout or stderr, nothing is sent to either sendmail or a custom mailhandler.
log events to syslog, using syslog facility LOG_CRON and identity `crond' (this is the default behavior).
-L file
log to specified file instead of syslog.
-l loglevel
log events at the specified, or more important, loglevels. The default is `notice'. Valid level names are as described in logger(1) and syslog(3): alert, crit, debug, emerg, err, error (deprecated synonym for err), info, notice, panic (deprecated synonym for emerg), warning, warn (deprecated synonym for warning).
run B]crond] in the background (default unless -d or -f is specified)
run B]crond] in the foreground. All log messages are sent to stderr instead of syslog or a -L file.
turn on debugging. This option sets the logging level to `debug' and causes B]crond] to run in the foreground.


B]crond] is responsible for scanning the crontab files and running their commands at the appropriate time. It always synchronizes to the top of the minute, matching the current time against its internal list of parsed crontabs. That list is stored so that it can be scanned very quickly, and B]crond] can deal with several hundred crontabs with several thousand entries without using noticeable CPU.

Cron jobs are not re-executed if a previous instance of them is still running. For example, if you have a crontab command C]sleep 70], that you request to be run every minute, B]crond] will skip this job when it sees it is still running. So the job won't be run more frequently than once every two minutes. If you do not like this feature, you can run your commands in the background with an C]&].

B]crond] automatically detects when the clock has been changed, during its per-minute scans. Backwards time-changes of an hour or less won't re-run cron jobs from the intervening period. B]crond] will effectively sleep until it catches back up to the original time. Forwards time-changes of an hour or less (or if the computer is suspended and resumed again within an hour) will run any missed jobs exactly once. Changes greater than an hour in either direction cause B]crond] to re-calculate when jobs should be run, and not attempt to execute any missed commands. This is effectively the same as if B]crond] had been stopped and re-started.

For example, suppose it's 10 am, and a job is scheduled to run every day at 10:30 am. If you set the system's clock forward to 11 am, crond will immediately run the 10:30 job. If on the other hand you set the system's clock forward to noon, the 10:30 am job will be skipped until the next day. Jobs scheduled using @daily and the like work differently; see crontab(1) for details.

B]crond] has a number of built in limitations to reduce the chance of it being ill-used. Potentially infinite loops during parsing are dealt with via a failsafe counter, and non-root crontabs are limited to 256 crontab entries. Crontab lines may not be longer than 1024 characters, including the newline.

Whenever B]crond] must run a job, it first creates a daemon-owned temporary file O_EXCL and O_APPEND to store any output, then fork()s and changes its user and group permissions to match that of the user the job is being run for, then B]exec]s B]/bin/sh -c ] to run the job. The temporary file remains under the ownership of the daemon to prevent the user from tampering with it. Upon job completion, B]crond] verifies the secureness of the mail file and, if it has been appended to, mails the file to the specified address. The B]sendmail] program (or custom mail handler, if supplied) is run under the user's uid to prevent mail related security holes.

When a user edits their crontab, B]crontab] first copies the crontab to a user owned file before running the user's preferred editor. The suid B]crontab] keeps an open descriptor to the file which it later uses to copy the file back, thereby ensuring the user has not tampered with the file type.

B]crontab] notifies B]crond] that a user's crontab file has been modified (or created or deleted) through the [lq]cron.update[rq] file, which resides in the per-user crontabs directory (usually /var/spool/cron/crontabs). B]crontab] appends the filename of the modified crontab file to [lq]cron.update[rq]; and B]crond] inspects this file to determine when to reparse or otherwise update its internal list of parsed crontabs.

Whenever a [lq]cron.update[rq] file is seen, B]crond] also re-reads timestamp files from its timestamp directory (usually /var/spool/cron/cronstamps). Normally these will just mirror B]crond]'s own internal representations, but this mechanism could be used to manually notify B]crond] that you've externally updated the timestamps.

The [lq]cron.update[rq] file can also be used to ask B]crond] to schedule a [lq]named[rq] cron job. To do this, append a line of the form:

clio job1 !job2

to [lq]cron.update[rq]. This request that user clio's job1 should be scheduled (waiting first for the successful completion of any jobs named in job1's AFTER= tag), and job2 should also be scheduled (without waiting for other jobs). See crontab(1) for more about tags and named jobs.

The directory of per-user crontabs is re-parsed once every hour in any case. Any crontabs in the system directory (usually /etc/cron.d) are parsed at the same time. This directory can be used by packaging systems. When you install a package foo, it might write its own foo-specific crontab to /etc/cron.d/foo.

The superuser has a per-user crontab along with other users. It usually resides at /var/spool/cron/crontabs/root.

Users can only have a crontab if they have an entry in /etc/passwd; however they do not need to have login shell privileges. Cron jobs are always run under /bin/sh; see crontab(1) for more details.

Unlike B]crontab], the B]crond] program does not keep open descriptors to crontab files while running their jobs, as this could cause B]crond] to run out of descriptors.  




Matthew Dillon ( original developer Jim Pryor ( current developer




Please read "Why adblockers are bad".

Other free services
Shorten long
URLs to short
links like
Reverse DNS lookup
Find out which hostname(s)
resolve to a
given IP or other hostnames for the server
rdf newsfeed | rss newsfeed | Atom newsfeed
- Powered by LeopardCMS - Running on Gentoo -
Copyright 2004-2013 Sascha Nitsch Unternehmensberatung UG(haftungsbeschränkt)
Valid XHTML1.1 : Valid CSS : buttonmaker
- Level Triple-A Conformance to Web Content Accessibility Guidelines 1.0 -
- Copyright and legal notices -
Time to create this page: 3.5 ms