Skip to content
Snippets Groups Projects
Select Git revision
  • buster
  • stretch default protected
  • master
  • ci-dev
  • jessie
  • bashrc/stretch
  • stockholm
7 results
Blame Permalink
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
freedombone-utils-cron 2.85 KiB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89 






#!/bin/bash
#
# .---.                  .              .
# |                      |              |
# |--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-.
# |    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-'
# '    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'
#
#                    Freedom in the Cloud
#
# Cron functions
#
# License
# =======
#
# Copyright (C) 2014-2016 Bob Mottram <bob@freedombone.net>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

function cron_add_mins {
    if ! grep -q "${2}" /etc/crontab; then
        job_user='root'
        if [ $3 ]; then
            job_user=$3
        fi
        echo "*/${1}            * *   *   *   ${job_user} ${2}" >> /etc/crontab
        systemctl restart cron
    fi
}

function randomize_cron {
    # The predictable default timing of Debian cron jobs might
    # be exploitable knowledge. Avoid too much predictability
    # by randomizing the times when cron jobs run
    if [[ $(is_completed $FUNCNAME) == "1" ]]; then
        return
    fi

    # randomize the day on which the weekly cron job runs
    randdow=$(($RANDOM%6+1))
    sed -i "s|\* \* 7|* * $randdow|g" /etc/crontab

    # randomize the time when the weekly cron job runs
    randmin=$(($RANDOM%60))
    randhr=$(($RANDOM%3+1))
    sed -i "s|47 6|$randmin $randhr|g" /etc/crontab

    # randomize the time when the daily cron job runs
    randmin=$(($RANDOM%60))
    randhr=$(($RANDOM%3+4))
    sed -i "s|25 6\t\* \* \*|$randmin $randhr\t* * *|g" /etc/crontab

    # randomize the time when the hourly cron job runs
    randmin=$(($RANDOM%60))
    sed -i "s|17 \*\t|$randmin *\t|g" /etc/crontab

    # randomize monthly cron job time and day
    randmin=$(($RANDOM%60))
    randhr=$(($RANDOM%22+1))
    randdom=$(($RANDOM%27+1))
    sed -i "s|52 6\t|$randmin $randhr\t|g" /etc/crontab
    sed -i "s|\t1 \* \*|\t$randdom * *|g" /etc/crontab

    systemctl restart cron

    mark_completed $FUNCNAME
}

function schedule_stig_tests {
    echo '#!/bin/bash' > /etc/cron.daily/stig_tests
    echo "pkill ${PROJECT_NAME}-tests" >> /etc/cron.daily/stig_tests
    echo 'rm -rf /tmp/*' >> /etc/cron.daily/stig_tests
    echo "${PROJECT_NAME}-tests --stig yes" >> /etc/cron.daily/stig_tests
    chmod +x /etc/cron.daily/stig_tests
}

# NOTE: deliberately there is no "exit 0"