User crontab vs system crontab.

The three places cron jobs live

User crontab

$ crontab -e
# Opens YOUR crontab in $EDITOR
0 9 * * * /home/me/script.sh

Runs as the user who edited it. Stored under /var/spool/cron/crontabs/USERNAME (Debian) or /var/spool/cron/USERNAME (RHEL). Don't edit this file directly — always use crontab -e.

To see another user's crontab (root only):

sudo crontab -u www-data -l

/etc/crontab — system crontab

# /etc/crontab — 6 fields, not 5
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

# m h dom mon dow user  command
17 *    * * *   root    cd / && run-parts --report /etc/cron.hourly
25 6    * * *   root    test -x /usr/sbin/anacron || (cd / && run-parts --report /etc/cron.daily)

Note the user field between the schedule and the command. Edit this directly with sudo. Reload isn't usually needed — cron picks up changes automatically.

/etc/cron.d/ — drop-in directory

Same format as /etc/crontab (with the user field), but in separate files. Convention: one file per package or per job category:

# /etc/cron.d/my-app
0 2 * * * myapp /usr/local/bin/myapp-backup.sh
*/5 * * * * myapp /usr/local/bin/myapp-sync.sh

Easier to manage with configuration tools (Ansible, Chef, Puppet) because each file can be deployed independently.

Which to use?

Permissions

To allow or restrict who can use crontab -e:

• /etc/cron.allow — if it exists, only listed users can use crontab
• /etc/cron.deny — if cron.allow doesn't exist, listed users are blocked
• If neither exists, default is usually "all users allowed"

Written by Murugan Vellaichamy. Suggestions or corrections? Get in touch.