A simple script to scan user cron jobs

Are you experiencing issues with unauthorized usage of your cron jobs and struggling to identify the responsible user? Don’t worry, I have a straightforward solution for you. I’ve developed a script that scans through your users’ cron jobs and sends you a detailed report via email. However, please note that this method requires root access. Let’s get started with the process:

  • Login to your server via SSH
  • Type:
    cd /root
  • Create a new file named “scanCron.sh” using the text editor “pico”:
    pico scanCron.sh
    If “pico” is not available, you can use “nano” instead:
    nano scanCron.sh
  • Copy and paste the following code into the file:
    if [ -n "$emailAddress" ] ; then
    for i in `cat /etc/passwd | cut -f1 -d ':' | grep -v '#'`; do
    echo "--------------------------------------------------"
    echo "Username: ${i}"
    echo "--------------------------------------------------"
    crontab -u ${i} -l 2>&1
    echo "--------------------------------------------------"
    done > $mycrontmp
    cat $mycrontmp | mail -s "Cron jobs report for `hostname`" ${emailAddress}
    rm -f $mycrontmp
    echo "Please supply a valid email address."
  • Save the file by pressing “Ctrl” + “O” in the text editor.
  • Grant execution permissions to the script by typing:
    chmod +x scanCron.sh
  • To run it, just type:
    ./scanCron.sh [email protected]
    Replace “[email protected]” with your preferred email address.

If you wish to automate this process, you can add it to a cron job by following these steps:

  • [*] Type:
    crontab -e
  • [*] Insert the following after the last line:
    10 1 * * * /root/scanCron.sh [email protected]
    This will run everyday at 1:10am.

This can be applied to cPanel server.

Good luck!

No Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: