fcron 1 is integral part of IPFire and it controls the job scheduling of the system.
Tutorial on how to configure fcron to run custom scripts
This section was lifted from a post in IPFire forum 2, with slight modifications.
This tutorial follow the approach of setting up a separate user, here called
fcronuser, and use it for running scripts, including those that require root permissions. This keeps the custom scripts separated from the system scripts to prevent any loss during an IPFire update.
- Create a non-login system user with the following command:
useradd -r -U -d / -s /bin/false -c "non root fcrontab user" fcronuser.
Explanation for the switches:
-rspecifies that it is a system user;
-Utells it to also create a group with the same name;
-ddefines the home directory as /, although no home directory is created for system users it is specified in the passwd file;
-sdefines the login shell, in this case /bin/false means the user cannot log in;
-cis a comment about the user. It can be any string you want.
fcronuser is a logical name but it can be whatever you want, as long as it is not already in use.
The entry in the
/etc/passwd file should look something like:
fcronuser:x:998:998:non root fcrontab user:/:/bin/false
The uid and gid will be dependent on what other users are already created on your system.
- Create a
sudoersfile for the
/etc/sudoers.d/. It can be called whatever you want but the simplest is to name it the same as the user, therefore
fcronusercontents should be:
## Allow fcronuser to use sudo without a password
fcronuser ALL=(ALL) NOPASSWD:ALL
This will allow the
fcronuser to run scripts that require root permissions by using
sudo without needing to use a password.
- Then you need to add the new user to the
fcronuserto the list, which will only include
rootunless you have already added another user to it.
After editing it should contain at lease the following lines:
- Create the fcrontab for your new user 3:
fcrontab -u fcronuser -e
fcrontabto use the user
-esays to edit the
Enter whatever scripts you want run with
fcronand save the file.
Most scripts will be able to run successfully with the native rights of the
For those that do not run successfully due to permissions, you will need to add
sudoat the front.
Below is an example of
fcrontab. Three entries run fine as they are. One of them has to have
# crontab for fcronuser
# Restart rhea at 07:30 each day
30 7 * * * /home/fcronuser/scripts/wol_rhea.sh
# Run iapetus backup each Saturday at 21:00
0 21 * * 6 "sudo /home/fcronuser/scripts/iapetus_backup.sh"
# Run speedtest at 06:10, 10:10, 14:10, 18:10 & 22:10
10 2,6,10,14,18,22 * * * /home/fcronuser/scripts/speed_test.sh
# Run the DNS SERVFAIL count script on each Sunday at 01:10
10 1 * * 0 /home/fcronuser/scripts/DNS-SERVFAIL-count.sh
If you create your own script to be called by
fcron, make sure to use any system binary command with the full path specified, as
fcron might refuse to follow a path instruction.
The fcrontabs are stored under
/var/spool/cron/ and you should find in that directory
fcronuser as well as, after some editing,
To ensure that you backup those files in your IPFire backup routine add the line
var/spool/cron/fcronuser* to the
/var/ipfire/backup/include.user file (see Backup for the documentation of
Is something with fcron/fcrontab not working and it is time to debug? Edit the file
/etc/rc.d/init.d/fcron and look for these lines:
loadproc /usr/sbin/fcron -y
# remove -y to reenable fcron logging
As the comment states, remove the
-y to enable fcron logging. There is also a debug
-d option if needed. After completing the issue review make sure to replace the
After changing the
/etc/rc.d/init.d/fcron file make sure to enter:
to restart fcron.