The following sections describe how to use the at command to perform the following tasks:
Schedule jobs (command and scripts) for execution at a later time
How to display and remove these jobs
How to control access to the at command
By default, users can create, display, and remove their own at job files. To access at files that belong to root or other users, you must have superuser privileges.
When you submit an at job, it is assigned a job identification number along with the .a extension. This designation becomes the job's file name, as well as its queue number.
Submitting an at job file involves these steps:
Invoking the at utility and specifying a command execution time.
Typing a command or script to execute later.
If output from this command or script is important, be sure to direct the output to a file for later examination.
For example, the following at job removes core files from the user account smith near midnight on the last day of July.
$ at 11:45pm July 31 at> rm /home/smith/*core* at> Press Control-d commands will be executed using /bin/csh job 933486300.a at Tue Jul 31 23:45:00 2004 |
You can set up a file to control access to the at command, permitting only specified users to create, remove, or display queue information about their at jobs. The file that controls access to the at command, /etc/cron.d/at.deny, consists of a list of user names, one user name per line. The users who are listed in this file cannot access at commands.
The at.deny file, which is created during SunOS software installation, contains the following user names:
daemon bin smtp nuucp listen nobody noaccess |
With superuser privileges, you can edit the at.deny file to add other user names whose at command access you want to restrict.
Start the at utility, specifying the time you want your job executed.
$ at [-m] time [date] |
Sends you email after the job is completed.
Specifies the hour that you want to schedule the job. Add am or pm if you do not specify the hours according to the 24-hour clock. Acceptable keywords are midnight, noon, and now. Minutes are optional.
Specifies the first three or more letters of a month, a day of the week, or the keywords today or tomorrow.
At the at prompt, type the commands or scripts that you want to execute, one per line.
You may type more than one command by pressing Return at the end of each line.
Exit the at utility and save the at job by pressing Control-D.
Your at job is assigned a queue number, which is also the job's file name. This number is displayed when you exit the at utility.
The following example shows the at job that user jones created to remove her backup files at 7:30 p.m. She used the -m option so that she would receive an email message after her job completed.
$ at -m 1930 at> rm /home/jones/*.backup at> Press Control-D job 897355800.a at Thu Jul 12 19:30:00 2004 |
She received a email message which confirmed the execution of her at job.
Your “at” job “rm /home/jones/*.backup” completed. |
The following example shows how jones scheduled a large at job for 4:00 a.m. Saturday morning. The job output was directed to a file named big.file.
$ at 4 am Saturday at> sort -r /usr/dict/words > /export/home/jones/big.file |
To check your jobs that are waiting in the at queue, use the atq command. This command displays status information about the at jobs that you have created.
$ atq |
To verify that you have created an at job, use the atq command. In the following example, the atq command confirms that at jobs that belong to jones have been submitted to the queue.
$ atq Rank Execution Date Owner Job Queue Job Name 1st Jul 12, 2004 19:30 jones 897355800.a a stdin 2nd Jul 14, 2004 23:45 jones 897543900.a a stdin 3rd Jul 17, 2004 04:00 jones 897732000.a a stdin |
To display information about the execution times of your at jobs, use the at -l command.
$ at -l [job-id] |
where the -l job-id option identifies the identification number of the job whose status you want to display.
The following example shows output from the at -l command, which provides information on the status of all jobs submitted by a user.
$ at -l 897543900.a Sat Jul 14 23:45:00 2004 897355800.a Thu Jul 12 19:30:00 2004 897732000.a Tue Jul 17 04:00:00 2004 |
The following example shows the output that is displayed when a single job is specified with the at -l command.
$ at -l 897732000.a 897732000.a Tue Jul 17 04:00:00 2004 |
Become superuser or assume an equivalent role to remove an at job that belongs to root or another user. Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map) in System Administration Guide: Security Services.
You do not need to become superuser or assume an equivalent role to remove your own at job.
Remove the at job from the queue before the job is executed.
$ at -r [job-id] |
where the -r job-id option specifies the identification number of the job you want to remove.
Verify that the at job is removed by using the at -l (or the atq) command.
The at -l command displays the jobs remaining in the at queue. The job whose identification number you specified should not appear.
$ at -l [job-id] |
In the following example, a user wants to remove an at job that was scheduled to execute at 4 a.m. on July 17th. First, the user displays the at queue to locate the job identification number. Next, the user removes this job from the at queue. Finally, the user verifies that this job has been removed from the queue.
$ at -l 897543900.a Sat Jul 14 23:45:00 2003 897355800.a Thu Jul 12 19:30:00 2003 897732000.a Tue Jul 17 04:00:00 2003 $ at -r 897732000.a $ at -l 897732000.a at: 858142000.a: No such file or directory |
Become superuser or assume an equivalent role.
Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map) in System Administration Guide: Security Services.
Edit the /etc/cron.d/at.deny file and add the names of users, one user name per line, that will be prevented from using the at commands.
daemon bin smtp nuucp listen nobody noaccess username1 username2 username3 . . . |
The following example shows an at.deny file that has been edited so that the users smith and jones cannot access the at command.
$ cat at.deny daemon bin smtp nuucp listen nobody noaccess jones smith |
To verify that a username was added correctly to the /etc/cron.d/at.deny file, use the at -l command while logged in as the user. If the user smith cannot access the at command, the following message is displayed.
# su smith Password: $ at -l at: you are not authorized to use at. Sorry. |
Likewise, if the user tries to submit an at job, the following message is displayed:
$ at 2:30pm at: you are not authorized to use at. Sorry. |
This message confirms that the user is listed in the at.deny file.
If at command access is allowed, then the at -l command returns nothing.