I created a cron job file with the following contents:
#!/bin/bash
/var/www/chkrootkit-0.46a/chkrootkit -q | mail -s "Daily chkrootkit Output" email here address here


I than put that file into /etc/crond.daily folder.


I have the cron service running btw. Im wondering if thats all i have to do? I also tried to add the cron through webmin but i got the following error:


Failed to save cron job : An error was detected in the new Cron configuration :

cron/usernamehere: Permission denied

@daily /etc/cron.daily/chkrootkit #root checker


How would i get rid of this "permission dened" problem. I tried chmod the file to 755 and 777 and i tried chaning the user to root, but than i got the same error.

cron/usernamehere: Permission denied

What happens when you type (as root)

su - usernamehere
/var/www/chkrootkit-0.46a/chkrootkit -q

Could it be that config file for chkrootkit is not at the right permissions?

BTW: chkrootkit isn't really a web page, it should probably go into /usr/local/bin or something without creating a directory.

as root:


-sh-3.00$ /var/www/chkrootkit-0.46a/chkrootkit -q
/var/www/chkrootkit-0.46a/chkrootkit need root privileges
-sh-3.00$

as root:

-sh-3.00$ /var/www/chkrootkit-0.46a/chkrootkit -q
/var/www/chkrootkit-0.46a/chkrootkit need root privileges
-sh-3.00$Well, that's not as root....

Change to root like this:$ su -
Password: <enter root password here>

Which Distro are you using in your VPS?
Which cron? Vixiecron?

We should check what user your cron service is running as. I would have thought it would execute that cron.daily task as root, but maybe it's not. Try this (This is Gentoo's but yours should be close I'll highlight in red what to check/change leave everything not in red the same):# cat /etc/crontab

SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/

# check scripts in cron.hourly, cron.daily, cron.weekly and cron.monthly
# MIN HOUR MDAY MON DOW COMMAND
0 * * * * root rm -f /var/spool/cron/lastrun/cron.hourly
1 3 * * * root rm -f /var/spool/cron/lastrun/cron.daily
15 4 * * 6 root rm -f /var/spool/cron/lastrun/cron.weekly
30 5 1 * * root rm -f /var/spool/cron/lastrun/cron.monthly

If you were wondering by the way... here is a fairly good guide to cron (http://www.unixgeeks.org/security/newbie/unix/cron-1.html).

Hi, In the past I had cron jobs not operate as expected or as they do from the normal cli. Turns out they relied on some environment variable. prepend this command in the program column of the crontab event:

source /etc/profile

so, it would look something like this.

*/5 * * * * source /etc/profile; sh /path/to/script.sh

Give it a shot, I have seen it fix quirks in the past.

my crontab folder is not readable by nano or any editor on my pc.

Heres some contents of my crontab file:

^E^H^G^P^@^@ð^F^E^H^G^Q^@^@ô^F^E^H^G^R^@^@ø^F^E^H^ G^S^@^@ü^F^E^H^G^T^@^@$
m^@^@^Ë^Óüÿÿÿ^ÅÒt^Eè¨ÿÿÿX[ÉÃU^Éå^Ãì^H^À=^Ô ^E^H^@t^Oë^_^Ív^@^ÃÀ^D£(^H^E^HÿÒ¡(^H^E^H^Ë^P^ÅÒuëÆ ^E^Ô ^E^H^$
^Ãì^Lh¤^E^E^HÿÐ^ÃÄ^PÉÃ^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^ÐU^ Éå^Ãì^X^ÉD$^P¡d^H^E^H^ÉD$^LÇD$^Hßá^D^HÇD$^


Also, the vps has fedora 4 and whatever cron came installed on it. Thanks for the cron link.. ill give it a look.


Im still going over Rick's post to see if that could fix the problem.







Thanks for the replies.

crontab -l


displays crotnab events for the user you are....

I giess cron doesnt like me lol:


[root@www html]# crontab -l
cron/root: Permission denied
[root@www html]#

I have direct root disabled. However i SU into root thru putty.

[root@www html]# crontab -l
cron/root: Permission denied

Now, that is not good. As root (assuming your prompt is displaying the username and not a fixed string) you should be able to do pretty much anything as far as I knew with my limited knowledge.

I have direct root disabled. However i SU into root thru putty.

This is a good thing generally, but maybe just for testing you need to turn this off to rule out faulty privelidge escalation.

Well, that's what I'd do.

BTW my hints are only things I would try to start ruling things out, others (like Rick) are far more experienced than I am and can probably pin-point the problem far quicker. I tend to take the long route. :o

Maybe wait to see if there is another option I don't know of.