CRON doesn't run my script



  • I have the following script:

    it reconnects a vpn connection.

    #!/usr/bin/env bash
    SHELL=/bin/sh
    PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/bin/
    _scriptname="pfsense-vpnreset"
    set -u
    set -e
    
    function printusage
    {
    cat - >&2 <<EOF
    
    Description:
      Resets a pfSense VPN client connection
    
    Usage: ${_scriptname} <host> <vpnname>
      host: The name of the pfSense host. Consider using an IP address here if DNS depends on the VPN
      vpnname: The name of the VPN connection, as shown in the web interface "OpenVPN: Client" description field.
    		   The description field is also used to find IPSec connections.   
    		   You can put the vpnname in quotes if you need spaces.
    
    EOF
    }
    
    if (($# != 2)); then
    	printusage
    	exit $(($# == 0 ? 0 : 1))
    fi
    
    host=$1
    shift
    vpnname=$1
    shift
    
    script=$(
    	sed "s/<VPNNAME>/${vpnname}/g" <<-"EOF"
    		<?php
    			# Preload
    			require_once('service-utils.inc');
    			require_once("ipsec.inc");
    
    			# Init
    			function fubar($reason) {print $reason . "\n"; exit(1);}
    			$xml=simplexml_load_file("/cf/conf/config.xml") or fubar("Error: Cannot load config.xml");
    			$found = false;
    
    			# IPsec
    			foreach($xml->ipsec->{'phase1'} as $vpn) {
    				$desc = html_entity_decode((string)$vpn->descr);
    				print "Found IPsec: $desc\n";
    				if (strcasecmp($desc, "VPN_LINK") != 0) continue;
    				if ($found) print "Warning: Multiple matching VPN connections\n";
    				$found = true;
    				print "Restarting VPN with ID " . $vpn->ikeid . "\n";
    
    				# code from /usr/local/www/status_ipsec.php ("ikedisconnect")
    				$_GET = array(ikeid => $vpn->ikeid . "000"); # wtf is up with the zeroes?
    				mwexec_bg("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid']));
    
    				# code from /usr/local/www/status_ipsec.php ("connect")
    				$_GET = array(ikeid => $vpn->ikeid);
    				$ph1ent = ipsec_get_phase1($_GET['ikeid']);
    				if (!empty($ph1ent)) {
    					if (empty($ph1ent['iketype']) || $ph1ent['iketype'] == 'ikev1' || isset($ph1ent['splitconn'])) {
    						$ph2entries = ipsec_get_number_of_phase2($_GET['ikeid']);
    						for ($i = 0; $i < $ph2entries; $i++) {
    							$connid = escapeshellarg("con{$_GET['ikeid']}00{$i}");
    							mwexec_bg("/usr/local/sbin/ipsec down {$connid}");
    							mwexec_bg("/usr/local/sbin/ipsec up {$connid}");
    						}
    					} else {
    						mwexec_bg("/usr/local/sbin/ipsec down con" . escapeshellarg($_GET['ikeid']));
    						mwexec_bg("/usr/local/sbin/ipsec up con" . escapeshellarg($_GET['ikeid']));
    					}
    				}
    			}
    
    			# The End
    			if (!$found) fubar("Error: No VPN with the name '<VPNNAME>'");
    		?>
    	EOF
    )
    
    ssh "$host" /usr/local/bin/php -q <<<"$script"
    
    

    when i run it in the ssh command line :

     /usr/local/bin/php -q /usr/local/bin/pfsense-vpnreset
    

    it runs without an issue.

    However when I create

            • root php /usr/local/bin/pfsense-vpnreset

    nothing happens. my other cron jobs for dyndns.updates work without an issue.

    what am i doing wrong?

    i already tried:

    chmod +rx /usr/local/bin/pfsense-vpnreset 
    chmod a+x /usr/local/bin/pfsense-vpnreset 
    chmod 755 /usr/local/bin/pfsense-vpnreset
    
    

    without success.

    Also tried /usr/local/bin/php -q /usr/local/bin/pfsense-vpnreset as the command in cron job, also without success. what am i doing wrong?


  • Rebel Alliance Developer Netgate

    Use the full path to PHP in the cron definition as you did on the CLI when testing it.



  • @jimp
    Sorry I didn't mention that I had done that already


  • Rebel Alliance Developer Netgate

    Actually I'm a bit blind apparently. The shell script you posted above is not PHP. It's just a plain shell script. I'm surprised that worked in the command prompt if you ran it through PHP.

    Just run it on its own without the extra PHP stuff in front of it.



  • @jimp

    Thanks for your reply. but when i run it with just /usr/local/bin/pfsense-vpnreset it's not working via cron. and when i run it as /usr/local/bin/pfsense-vpnreset in the console, it gives me 'function: not found' error.

    when i use bash infront so bash /usr/local/bin/pfsense-vpnreset, in the console, it throws _scriptname: unbound variable.

    something tells me it does need the php infront of it. or i need to do modifications in my script?


  • Rebel Alliance Developer Netgate

    pfSense does not include the bash shell by default. If that isn't a plain sh script, then you have to install bash and explicitly run it through bash. For example, pkg install -y bash and then change the shabang line to #!/usr/local/bin/bash.



  • This post is deleted!

Log in to reply