CRON

Blog

The cron in Linux is very handy for scheduling all sorts of regular maintenance jobs. There are lots of guides on how to configure it, so I won’t go into detail here.

If you are running scripts kept in a GIT repository, it is generally a good idea to not include any secrets in them. Something like HashiCorp vault works well, but for simple secrets that don’t give significant access and are easy to replace if compromised, a file in the home directory with access permissions only for the user will do (The file just assigns the secrets to variables). I would previously just do a dot space at the start of the script to get the secrets, like this:

# Script
. ~/secrets

I had noticed that the modern way seems to use the source built-in, like this:

# Script
source ~/secrets

That is more readable, so I wrote the script using the modern notation and it worked fine when I tested it. However, it didn’t work when running from the cron. On closer investigation, source is a built-in of the Bash shell (/usr/bin/bash) and not part of the Bourne shell (/usr/bin/sh) which the cron runs by default. It’s possible to get the cron to use bash like this:

#!/usr/bin/bash
# Cron Script
source ~/secrets

However, the Bourne shell is more light-weight and so I just went back to the dot.

Leave a Reply

Your email address will not be published. Required fields are marked *