Community discussions

MikroTik App
 
talz
newbie
Topic Author
Posts: 49
Joined: Wed Mar 15, 2017 9:01 pm

Is it possible to create a scheduler with full permissions?

Wed Apr 14, 2021 11:26 pm

I have a Mikrotik script that, when first run, creates a scheduler that will run it automatically every 30 seconds.

The code that creates the scheduler is fairly basic right now:

:if ([/len [/system scheduler find name=my_scheduler]] = 0) \
do={
    /system scheduler add name=my_scheduler \
        policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
        start-time=startup interval=00:00:30 on-event="/system script run my_script"
}

The problem I'm seeing is that on old RouterOS versions, there's no policy called "romon", so this will fail to run.
On new RouterOS versions however, if I don't set the "romon" policy, the scheduler won't run my script. The logs say the scheduler didn't have the permissions to run the script.

Besides figuring out which RouterOS version introduced romon, and trying to analyze which version of RouterOS this script code is running on, to see if romon should be there or not, is there a way to just check if the romon policy exists, and should be added to the scheduler? I just need the scheduler to run the script, no matter what. There's only one admin user on the Mikrotik, so I don't really care about permissions. Can I give the scheduler full permissions somehow?

The only thing I can think of right now is to use on-error to try to set it with romon, and if that fails, set it without that policy. Not sure if that would work, or if there's a better solution.

Update: Using on-error does work, but seems a bit hacky. It's not actually testing for a specific thing - it just tests if the first attempt at creating a scheduler failed for some reason, assumes that if the failure happened, it was because of a very specific policy that doesn't exist, and tries again without that one policy:

    :if ([/len [/system scheduler find name=my_scheduler]] = 0) \
    do={
        :do {
            /system scheduler add name=my_scheduler \
                policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
                start-time=startup interval=00:00:30 on-event="/system script run my_script"
        } on-error={
            /system scheduler add name=my_scheduler \
                policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive \
                start-time=startup interval=00:00:30 on-event="/system script run my_script"
        }
    }

A better solution would be just to add all existing policies. Is there a better solution than to use on-error?

Who is online

Users browsing this forum: InfraErik, normis and 93 guests