The following sections describe how to use the at command to perform the following tasks:
Schedule jobs (command and scripts) for execution at a later time
Display and remove jobs
Control access to the at command
By default, users can create, display, and remove their own at job files. To access at files that belong to root or other users, you must assume the root role.
When you submit an at job, it is assigned a job identification number along with the .a extension. This designation becomes the job's file name as well as its queue number.
Submitting an at job file involves these steps:
Invoking the at utility and specifying a command execution time.
Typing a command or script to execute later.
For example, the following at job removes core files from the user account smith near midnight on the last day of July.
$ at 11:45pm July 31 at> rm /home/smith/*core* at> Press Control-d commands will be executed using /bin/csh job 933486300.a at Tue Jul 31 23:45:00 2004
The following task describes how to create and at job.
$ at [-m] time [date]
Specifies to send you an email after the job is completed.
Specifies the hour that you want to schedule the job. Add am or pm if you do not specify the hours according to the 24-hour clock. Acceptable keywords are midnight, noon, and now. Minutes are optional.
Specifies the first three or more letters of a month, a day of the week, or the keywords today or tomorrow.
You may type more than one command by pressing Return at the end of each line.
Your at job is assigned a queue number, which is also the job's file name. This number is displayed when you exit the at utility.
The following example shows the at job that user jones created to remove her backup files at 7:30 p.m. She used the –m option so that she would receive an email message after her job completed.
$ at -m 1930 at> rm /home/jones/*.backup at> Press Control-D job 897355800.a at Thu Jul 12 19:30:00 2004
She received a email message which confirmed the execution of her at job.
Your “at” job “rm /home/jones/*.backup” completed.
The following example shows how jones scheduled a large at job for 4:00 a.m. Saturday morning. The job output was directed to a file named big.file.
$ at 4 am Saturday at> sort -r /usr/dict/words > /export/home/jones/big.file
To check your jobs that are waiting in the at queue, use the atq command.
$ atq
This command displays status information about the at jobs that you have created.
To verify that you have created an at job, use the atq command. In the following example, the atq command confirms that at jobs that belong to jones have been submitted to the queue.
$ atq Rank Execution Date Owner Job Queue Job Name 1st Jul 12, 2004 19:30 jones 897355800.a a stdin 2nd Jul 14, 2004 23:45 jones 897543900.a a stdin 3rd Jul 17, 2004 04:00 jones 897732000.a a stdin
To display information about the execution times of your at jobs, use the at -l command.
$ at -l [job-id]
where –l job-id is the optional identification number of a specific job whose status you want to display. Without an ID, the command displays the status of all jobs submitted by a user.
Example 4-8 Displaying at JobsThe following example shows sample output from the at -l command, which provides information about the status of all jobs submitted by a user.
$ at -l 897543900.a Sat Jul 14 23:45:00 2004 897355800.a Thu Jul 12 19:30:00 2004 897732000.a Tue Jul 17 04:00:00 2004
The following example shows sample output that is displayed when a single job is specified with the at -l command.
$ at -l 897732000.a 897732000.a Tue Jul 17 04:00:00 2004
Before You Begin
Assume the root role to remove an at job that belongs to root or another user. See Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.2 .
You do not need to assume the root role to remove your own at job.
# at -r [job-id]
where the –r job-id option specifies the identification number of the job you want to remove.
The at -l command displays the jobs remaining in the at queue. The job whose identification number you specified should not appear.
$ at -l [job-id]
In the following example, a user wants to remove an at job that was scheduled to execute at 4 a.m. on July 17th. First, the user displays the at queue to locate the job identification number. Next, the user removes this job from the at queue. Finally, the user verifies that this job has been removed from the queue.
$ at -l 897543900.a Sat Jul 14 23:45:00 2003 897355800.a Thu Jul 12 19:30:00 2003 897732000.a Tue Jul 17 04:00:00 2003 $ at -r 897732000.a $ at -l 897732000.a at: 858142000.a: No such file or directory
You can set up a file to control access to the at command, permitting only specified users to create, remove, or display queue information about their at jobs. The file that controls access to the at command, /etc/cron.d/at.deny, consists of a list of user names, one user name per line. The users who are listed in this file cannot access at commands.
The at.deny file, which is created during Oracle Solaris software installation, contains the following user names:
daemon bin smtp nuucp listen nobody noaccess
With superuser privileges, you can edit the at.deny file to add other user names whose at command access you want to restrict.
As root, edit the /etc/cron.d/at.deny file to add the names of users, one user name per line, that you want to prevent from using the at commands.
daemon bin smtp nuucp listen nobody noaccess username1 username2 username3 . . .Example 4-10 Denying at Access
The following example shows an at.deny file that has been edited so that the users smith and jones cannot access the at command.
$ cat at.deny daemon bin smtp nuucp listen nobody noaccess jones smith
To verify that a username was added correctly to the /etc/cron.d/at.deny file, use the at -l command while logged in as the user. For example, if the logged-in user smith cannot access the at command, the following message is displayed:
# su smith Password: # at -l at: you are not authorized to use at. Sorry.
Likewise, if the user tries to submit an at job, the following message is displayed:
# at 2:30pm at: you are not authorized to use at. Sorry.
This message confirms that the user is listed in the at.deny file.
If at command access is allowed, then the at -l command returns nothing.