I have about 50 Debian Linux servers with a bad cron job:
0 * * * * ntpdate 10.20.0.1
I want to configure ntp sync with ntpd and so I need to delete this cron job. For configuring I use Ansible. I have tried to delete the cron entry with this play:
tasks:
- cron: name="ntpdate" minute="0" job="ntpdate 10.20.0.1" state=absent user="root"
Nothing happened.
Then I run this play:
tasks:
- cron: name="ntpdate" minute="0" job="ntpdate pool.ntp.org" state=present
I see new cron job in output of "crontab -l":
...
# m h dom mon dow command
0 * * * * ntpdate 10.20.0.1
#Ansible: ntpdate
0 * * * * ntpdate pool.ntp.org
but /etc/cron.d
is empty! I don't understand how the Ansible cron module works.
How can I delete my manually configured cron job with Ansible's cron module?
User's crontab entries are held under /var/spool/cron/crontab/$USER
, as mentioned in the crontab man page:
Crontab is the program used to install, remove or list the tables used to drive the cron(8) daemon. Each user can have their own crontab, and though these are files in /var/spool/ , they are not intended to be edited directly. For SELinux in mls mode can be even more crontabs - for each range. For more see selinux(8).
As mentioned in the man page, and the above quote, you should not be editing/using these files directly and instead should use the available crontab
commands such as crontab -l
to list the user's crontab entries, crontab -r
to remove the user's crontab or crontab -e
to edit the user's crontab entries.
To remove a crontab entry by hand you can either use crontab -r
to remove all the user's crontab entries or crontab -e
to edit the crontab directly.
With Ansible this can be done by using the cron module's state: absent
like so:
hosts : all
tasks :
- name : remove ntpdate cron entry
cron :
name : ntpdate
state : absent
However, this relies on the comment that Ansible puts above the crontab entry that can be seen from this simple task:
hosts : all
tasks :
- name : add crontab test entry
cron :
name : crontab test
job : echo 'Testing!' > /var/log/crontest.log
state : present
Which then sets up a crontab entry that looks like:
#Ansible: crontab test
* * * * * echo Testing > /var/log/crontest.log
Unfortunately if you have crontab entries that have been set up outside of Ansible's cron module then you are going to have to take a less clean approach to tidying up your crontab entries.
For this we will simply have to throw away our user's crontab using crontab -r
and we can invoke this via the shell with a play that looks something like following:
hosts : all
tasks :
- name : remove user's crontab
shell : crontab -r
We can then use further tasks to set the tasks that you wanted to keep or add that properly use Ansible's cron module.