Knowledge Base:Cron fails to load in root crontab with message ENTRYPOINT FAILED

Synopsis
Inside the  file you get the following error message:

You also notice that the root users' crontab is not used.

Environment
This article is applicable on Gentoo Linux systems with a SELinux profile:

The user also has  set in his USE flags:

Finally, the users' installed cron system is :

Analysis
When wants to execute a users' crontab (including the root user), it first checks the SELinux user owner of the crontab file to make sure that it is safe to execute. But if you created the root crontab as a regular user (with su or sudo) then the ownership of the file will, SELinux-wise, still be your user (most likely ). Hence, cron (well, actually SELinux) refuses to load in the file.

With  set, access from specific domains towards resources (like files) are only allowed if the source context owner is the same as the target, or when   is involved (this domain is exempt from the User Based Access Controls).

Resolution
Verify that the root user file is indeed not owned by the root SELinux user:

Correct the SELinux owner of the file:

Another solution would be to disable user-based access control by setting, but this reduces one of the access controls in place and as thus not recommended.

Further Resources

 * What is UBAC exactly? in the Gentoo Hardened SELinux FAQ