How to set Cron/At Access Control

Cron stores it's enteries in the crontab (cron table) file. This is generally located in your /etc directory. As well, each user on your system can have their own crontab which would be stored in /var/spool/cron/. To edit a users crontab entry, simply log into your system for that particular user and type crontab -e. The default editor for the 'crontab -e' command is vi. Below is the simple example of crontab entry

0 12  *  *  *  root  php /srv/www/mysar/dump.php >> /dev/null 2>&1

Field	Meaning
1	Minute (0-59)
2	Hour (2-24)
3	Day of month (1-31)
4	Month (1-12, Jan, Feb, etc)
5	Day of week (0-6) 0 = Sunday, 1 = Monday etc or Sun, Mon, etc)
6	Run the command as following user
7	Command to execute

Now to control the access to crontab for particular user you need to edit the required configuration file depending upon your requirement, which are mentioned below.

1.  /etc/cron.allow
      If it exists, a user must be listed in this file in order to use crontab.

2. /etc/cron.deny
      If it exists, a user must not be listed in this file in order to user crontab.

Similary for "at" access control, you can edit the following files depending upon your requirement

1. /etc/at.allow
      Same as cron.allow, only for "at".

2. /etc/at.deny
      Same as cron.deny, only for "at".