Skip to main content
Engineering LibreTexts

14-A.2: Cron

  • Page ID
  • Cron

    Common (and uncommon) cron Uses

    Administrators use the cron service to schedule obvious things, such as regular backups that occur daily at 2 a.m. It can also be used for less obvious things.

    • The system times (i.e., the operating system time) on my many computers are set using the Network Time Protocol (NTP). While NTP sets the system time, it does not set the hardware time, which can drift. I use cron to set the hardware time based on the system time.
    • I also have a Bash program I run early every morning that creates a new "message of the day" (MOTD) on each computer. It contains information, such as disk usage, that should be current in order to be useful.
    • Many system processes and services, like Logwatch, logrotate, and Rootkit Hunter, use the cron service to schedule tasks and run programs every day.

    The crond daemon is the background service that enables cron functionality.

    The cron service checks for files in the /var/spool/cron and /etc/cron.d directories and the /etc/anacrontab file. The contents of these files define cron jobs that are to be run at various intervals. The individual user cron files are located in /var/spool/cron, and system services and applications generally add cron job files in the /etc/cron.d directory. The /etc/anacrontab is a special case that will be covered later in this article.

    Using crontab

    The cron utility runs based on commands specified in a cron table (crontab). Each user, including root, can have a cron file. These files don't exist by default, but can be created in the /var/spool/cron directory using the crontab -e command that's also used to edit a cron file (see the script below). It is strongly recommended that you do not use any of the standard editors (such as Vi, Vim, Emacs, Nano, or any of the many other editors that are available). Using the crontab command not only allows you to edit the command, it also restarts the crond daemon when you save and exit the editor. The crontab command uses Vi as its underlying editor, because Vi is always present (on even the most basic of installations).

    New cron files are empty, so commands must be added from scratch.The job definition example below is a quick reference, to help remember what the various parts of a command mean.

    # crontab -e
    # For details see man 4 crontabs
    # Example of job definition:
    # .---------------- minute (0 - 59)
    # |  .------------- hour (0 - 23)
    # |  |  .---------- day of month (1 - 31)
    # |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
    # |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
    # |  |  |  |  |
    # *  *  *  *  * user-name  command to be executed
    # backup using the rsbu program to the internal 4TB HDD and then 4TB external
    01 01 * * * /usr/local/bin/rsbu -vbd1 ; /usr/local/bin/rsbu -vbd2
    # Set the hardware clock to keep it in sync with the more accurate system clock
    03 05 * * * /sbin/hwclock --systohc
    # Perform monthly updates on the first of the month
    # 25 04 1 * * /usr/bin/dnf -y update

    The first three lines in the code above set up a default environment. The environment must be set to whatever is necessary for a given user because cron does not provide an environment of any kind. The SHELL variable specifies the shell to use when commands are executed. This example specifies the Bash shell. The MAILTO variable sets the email address where cron job results will be sent. These emails can provide the status of the cron job (backups, updates, etc.) and consist of the output you would see if you ran the program manually from the command line. The third line sets up the PATH for the environment. Even though the path is set here, I always prepend the fully qualified path to each executable.

    There are several comment lines in the example above that detail the syntax required to define a cron job. We'll break those commands down, and add a few more to show some more advanced capabilities of crontab files.

     01 01 * * * /usr/local/bin/rsbu -vbd1 ; /usr/local/bin/rsbu -vbd2 

    This line runs a user-written Bash shell script, rsbu, that backs up all the user's systems. This job kicks off at 1:01 a.m. (01 01) every day. The asterisks (*) in positions three, four, and five of the time specification are like file globs, or wildcards, for other time divisions; they specify "every day of the month," "every month," and "every day of the week." This line runs the backups twice; one backs up to an internal dedicated backup hard drive, and the other backs up to an external USB drive that can be taken to the safe deposit box.

    The following line sets the hardware clock on the computer using the system clock as the source of an accurate time. This line is set to run at 5:03 a.m. (03 05) every day.

     03 05 * * * /sbin/hwclock --systohc 

    The third and final cron job (commented out) is to perform a dnf or yum update at 04:25 a.m. on the first day of each month, but it is currently commented out so it no longer runs.

     # 25 04 1 * * /usr/bin/dnf -y update 

    Other Scheduling Tricks

    Now let's do some things that are a little more interesting than these basics. Suppose you want to run a particular job every Thursday at 3 p.m.:

     00 15 * * Thu /usr/local/bin/ 

    Or, maybe you need to run quarterly reports after the end of each quarter. The cron service has no option for "The last day of the month," so instead you can use the first day of the following month, as shown below. (This assumes that the data needed for the reports will be ready when the job is set to run.)

     02 03 1 1,4,7,10 * /usr/local/bin/ 

    This cron job runs quarterly reports on the first day of the month after a quarter ends.

    The following shows a job that runs one minute past every hour between 9:01 a.m. and 5:01 p.m.

     01 09-17 * * * /usr/local/bin/ 

    There are many other situations where a job needs to run every two, three, or four hours. That can be accomplished by dividing the hours by the desired interval, such as */3 for every three hours, or 6-18/3 to run every three hours between 6 a.m. and 6 p.m. Other intervals can be divided similarly; for example, the expression */15 in the minutes position means "run the job every 15 minutes."

     */5 08-18/2 * * * /usr/local/bin/ 

    One thing to note: The division expressions must result in a remainder of zero for the job to run. That's why, in this example, the job is set to run every five minutes (08:05, 08:10, 08:15, etc.) during even-numbered hours from 8 a.m. to 6 p.m., but not during any odd-numbered hours. For example, the job will not run at all from 9 p.m. to 9:59 a.m.

    Limiting cron access

    Regular users with cron access could make mistakes that, for example, might cause system resources (such as memory and CPU time) to be swamped. To prevent possible misuse, the sysadmin can limit user access by creating a /etc/cron.allow file that contains a list of all users with permission to create cron jobs. The root user cannot be prevented from using cron.

    By preventing non-root users from creating their own cron jobs, it may be necessary for root to add their cron jobs to the root crontab. "But wait!" you say. "Doesn't that run those jobs as root?" Not necessarily. The username field shown in the comments can be used to specify the user ID a job is to have when it runs. This prevents the specified non-root user's jobs from running as root. The following example shows a job definition that runs a job as the user "student":

     04 07 * * * student /usr/local/bin/ 

    If no user is specified, the job is run as the user that owns the crontab file, root in this case.


    The directory /etc/cron.d is where some applications, such as SpamAssassin and sysstat, install cron files. Because there is no spamassassin or sysstat user, these programs need a place to locate cron files, so they are placed in /etc/cron.d.

    The /etc/cron.d/sysstat file below contains cron jobs that relate to system activity reporting (SAR). These cron files have the same format as a user cron file.

    # Run system activity accounting tool every 10 minutes
    */10 * * * * root /usr/lib64/sa/sa1 1 1
    # Generate a daily summary of process accounting at 23:53
    53 23 * * * root /usr/lib64/sa/sa2 -A

    The sysstat package installs the /etc/cron.d/sysstat cron file to run programs for SAR.

    The sysstat cron file has two lines that perform tasks. The first line runs the sa1 program every 10 minutes to collect data stored in special binary files in the /var/log/sa directory. Then, every night at 23:53, the sa2 program runs to create a daily summary.

    Adapted from:
    "How to use cron in Linux" by David Both, is licensed under CC BY-SA 4.0

    • Was this article helpful?