Scheduler issue

harry66 · February 12, 2020, 8:56am

Hi,

I have created some scripts, really tiny ones, that are meant to disable certain network interfaces when not in the office.
The scripts themselves are just simple one liners that are working well when started by manually. For some reason the scheduler does not start them reliable.
Please have a look at the screenshot to see the summary of it.
Bildschirmfoto zu 2020-02-12 08-56-25.png
I followed the guidelines and do not see, where I have made a mistake. Permissions should be fine, clock is set, syntax should be okay, manual trigger works. But the scheduler is not reliable.
What is really confusing: OVPN_an is triggered by the scheduler, but OVPN_aus is not. Does anybody see the difference? I feel like blind…

If somebody has an idea that would make my day…

BR
Uwe

WeWiNet · February 12, 2020, 9:15am

Try with all the standard permissions set (when you click add new srcipt).
You launching a script is different than the router…

My scripts/schedule use all the standard permissions enabled as by default.

WeWiNet · February 12, 2020, 9:19am

also add a log entry into each script/schedule to see when/if they were executed/triggered:

:log warning (" XYZ happened ")

PS: I use “Warning” as is stands out (blue colored) from all the other log entries but you can use also “info”

harry66 · February 12, 2020, 12:46pm

Thanks for the hints.
I experimented with the permissions already, starting from default, going to everything and nothing.
The settings now reflect what makes sense to me and what is working on manual trigger. Following the rule that the scheduler should have the same permissions as the script.
Still OVPN_an is working and OVPN_aus is not. This seems to be not logical at all.

I included the logging thing, even though the scheduler and script reports run times.

/Uwe

harry66 · February 13, 2020, 8:11am

Hi,
I am more and more confused:

I have two very similar scripts: One is enabling and interface and one is disabling the interface
Both scripts have exactly the same permissions
One script runs and the other is not because of permissions
I can’t find any explanation, what permissions would be needed
I find recommendations to just grant all permissions
I can find recommendations to set “dont-require-permissions=yes” http://forum.mikrotik.com/t/script-permissions/123518/1

This is not bringing security forward.
It makes scripting an adventure with a huge security risk. Ouch! In the end I need to protect my firewall with a firewall…

/Uwe

harry66 · February 18, 2020, 6:54pm

Okay, I surrender on the permissions.
If I grant all permissions to the script and the scheduler, it works.

Anybody a hint, how to find out, what permissions are needed for what?

Thank you!
/Uwe

CZFan · February 18, 2020, 9:27pm

You should only need “read” & “write” permissions

Try and add below before the script name in the scheduler

/system script run <NameOfScript>