crontab, ufw and the missing path

I’ve got a server with a web site which sits behind Cloudflare, so I have a daily script in root’s cron that grabs the current list of Cloudflare IPs and updates the ufw config so only Cloudflare can get to apache2. It’s a wordpress site so I’m a little scared of idiots doing idiot things.

Ever since I ran it, for some reason it throws an error ERROR: problem running sysctl when it runs ufw status verbose. It’s always worked when I run it manually, and doesn’t seem to cause issues - especially since it’s only a final check step. The errors have been bugging me and I’ve got a few seconds at PyConAU2019 so I thought I’d do some more searching.

The post ‘cron - Why crontab sacripts are not working?’ on ask ubuntu cracked it for me… the path when runing from crontab is different. As per the recommended fix, I added * * * * * env > /tmp/env.output to root’s crontab, then waited for the output:

$ cat /tmp/env.output
[email protected]

This’ll do it - sysctl isn’t in that path! :)

I added the following line to the top of my script to make it a little portable: PATH=$PATH:/sbin which sorted the issue out, no more errors!

#linux #troubleshooting #firewalls #ufw