Define which users on the system are allowed to run cron jobs by using configuration files to set allowlists and denylists.

The following configuration files manage access control for running cron jobs:

• /etc/cron.allow contains a list of users that are allowed to run cron jobs.
• /etc/cron.deny contains a list of users that aren't allowed to run cron jobs.

If only the /etc/cron.deny configuration file exists, then every user on the system can run cron jobs so long as they haven't been listed in that file.

If both configuration files exist, then /etc/cron.allow takes precedence and only users that have been listed in that file are allowed to run cron jobs. The /etc/cron.deny file is ignored in this scenario.

If neither of those configuration files exist, then only the system root user can run cron jobs.