My personal web site and other web sites that I operate have been hosted on various servers running Plesk since 2002. I’m comfortable with the platform, and usually upgrade to new versions after experimenting with them in my lab.
This past week I made the decision to migrate all my sites from the current machine (running Plesk 10.3.1) to a new machine (also running Plesk 10.3.1).
Using the Plesk Migration Manager the migration went smoothly, but after a few days I noticed that my cron jobs weren’t running. Usually the type of cron jobs I run are the “set and forget” type so once I’m satisfied they’re working I send any output straight to /dev/null.
The first thing I did to test was run the tasks from the command line as the user that owns them. The tasks executed normally, so I went back to the drawing board.
The next step was to direct the cron output to my email address, and soon I started receiving errors like the following:
-: /usr/bin/php: No such file or directory
This looked like an error that one might expect when the user is restricted to a chroot jail, but where the php binary doesn’t exist within that jail. On my own server however I do not run users in a chroot environment and was surprised to see it.
Armed with the latest copy of the Plesk 10.3.1 Administrator’s Guide I started searching for a solution to this problem and on page 150 I discovered it: “Execution of Scripts via Cron Task Scheduler (Linux Hosting)”.
In previous versions of Plesk, the users who were granted the permission to schedule tasks with cron but were not allowed access to server shell, could still run scripts in the shell under which the cron was running. This allowed them to gain access to the data that could be potentially used to compromise the server. Starting from Parallels Plesk Panel 10.1, execution of cron tasks is automatically restricted to the chrooted shell environment.
To fix the problem and restore behaviour to how it worked in previous versions of Plesk, all you need to do is run the following command:
/usr/local/psa/bin/server_pref -u -crontab-secure-shell "/bin/sh"
Note that as of writing the documentation refers to the script being located at “/usr/local/psa/admin/bin/server_pref” but this is incorrect. The script is located at “/usr/local/psa/bin/server_pref”.
Once you have changed the parameter your cron jobs should function normally.