I'm trying to work out why my VPN won't connect when the command is initiated from a cron triggered script when that same script and command otherwise work as expected.
I have a remote server which uses a secure VPN tunnel (pptp) to connect to a database behind our firewall. It's quite a stable system (especially with the persistent
option set), and generally runs without any issue. However, from time to time the connection from our ISP to our office drops out, and this disconnect is long enough to prevent the VPN tunnel from staying open.
I've set up a simple script to detect if the firewalled database is still available over the VPN and, if not, it attempts to reopen the VPN.
#!/bin/bash
DATE=`date`
HOST=10.1.2.1
PING_RESULT=`ping -c4 $HOST`
# gets the percentage of lost packets
PING_LOSS=`echo $PING_RESULT : | grep -oP '\d+(?=% packet loss)'`
echo "$DATE : Loss Result : $PING_LOSS"
# if 100% packet loss on the ping - assume connection lost
if [ "100" -eq "$PING_LOSS" ];
then
echo "$DATE : Connection Lost"
pon VPN_TUNNEL
echo "$DATE : Restarted Connection"
else
echo "$DATE : Connection OK"
fi
I've saved the script as /root/cron/pptp-monitor
and set the permissions as -rwxr--r-- root root
The script works great when run manually (using sudo) - but the cron I've configured doesn't work properly:
*/5 * * * * root [ -x /root/cron/pptp-monitor ] && /root/cron/pptp-monitor >> /var/log/pptp-monitor.log 2>&1
The monitor script runs - I see the log entries every 5 minutes - but the pon
command doesn't actually seem to fire off.
In the syslog, I see this every 5 minutes:
Apr 17 08:45:01 bombur CRON[774]: (root) CMD ( [ -x /root/cron/pptp-monitor ] && /root/cron/pptp-monitor >> /var/log/pptp-monitor.log 2>&1)
Apr 17 08:45:14 bombur pppd[784]: pppd 2.4.5 started by root, uid 0
Apr 17 08:45:14 bombur pppd[784]: Using interface ppp0
Apr 17 08:45:14 bombur pppd[784]: Connect: ppp0 <--> /dev/pts/0
Apr 17 08:45:14 bombur pppd[784]: Modem hangup
Apr 17 08:45:14 bombur pppd[784]: Connection terminated.
The lines "using interface ppp0" to "connection terminated" are repeated 10 times before exit
- indicating that the tunnel is trying to reopen unsuccessfully. Note - the network connection is fine by this time, and as soon as I run the command manually, it connects on the first attempt.
What did I miss that is causing the cron trigger to prevent the VPN connection?
You need to declare the
PATH
variable in your scripts, afterwards it will work. At the top of the files (both thecrontab
and the script that's going to be executed):I'd prefer run this:
Than run this:
Because pppd will run pptp, but pptp was located in `/usr/sbin/', so set $PATH can be necessary.