|Do not change file ownership and do not switch user ids.|
|The default is to make ACCT and LOGACCT the owners of JOBDIR, LOGDIR and the file therein, and to switch to ACCT and LOGACCT before running uscheduled and the logging program.|
|With this option the caller will be the owner of all files created and the programs will run with all the rights they inherit.|
|This option was added in version 0.7.0.|
In JOBDIR/env a number of environment variables are set (one file per variable). HOME, SHELL, USER and LOGNAME are set to values taken from the system password database.
The PATH variable is set to /command:/usr/local/bin:/usr/bin/:/bin for any user not having an uid of 0. For users with uid 0 /usr/local/sbin:/usr/sbin:/sbin will be appended.
All these variables may be changed.
Keep the following rules in mind: .TP 3 *
Do not ever create a service directory DIR in an insecure place. Nobody but you - the system administrator - must be able to write to it. Especially do not ever create this directory in the users $HOME. You would be giving away instant root access! .TP 3 *
Do not ever create JOBDIR and LOGDIR in an insecure place. These directories and the content must only be writable by the user for which the service is run. .TP 3 *
Be careful about LOGACCT. If you set up a scheduling service for a user then LOGACCT should be this user. If you are setting up a scheduling service for a system account then you may want to use a different user for logging purposes (while this is local policy i cant think of any reason why the logging should run as root). .TP 3 *
Resource limits may be configured in DIR/run and DIR/log/run. The defaults are most possibly not right for every system. Keep in mind that perl eats lots of resources and that a multilog processor may use perl ...
Create a uschedule service for root, with the service directory /etc/root-schedule and the logging done to /var/log/root-schedule under the "misclog" account.
uscheduleconf /etc/root-schedule root misclog \ /etc/root-schedule/jobs /var/log/root-schedule
Create a schedule service for uwe, having the trusted commands in /etc/uwe-schedule and any parts uwe can change in ~uwe/.uschedule:
uscheduleconf /etc/uwe-schedule uwe uwe \ ~uwe/.uschedule ~uwe/.uschedule/logs
Uwe Ohse, email@example.com
uschedule(1), uschedulecmd(1), uschedule_intro(7).
The homepage may be more up-to-date, see