Cron searches /var/spool/cron for crontab files which are named after accounts in /etc/passwd; crontabs found are loaded into memory. Cron also searches for /etc/crontab which is in a different format (see crontab(5)). At startup cron looks in /var/lib/cron.lastrun when it was shut down for the last time, it schedules jobs that occured between then and now (see crontab(5)). Like this it will not get confused on computers that don't run all the time.
Cron then wakes up every minute, examining all stored crontabs, checking each command to see if it should be run in the current minute. When executing commands, any output is mailed to the owner of the crontab (or to the user named in the MAILTO environment variable in the crontab, if such exists).
Additionally, cron checks each minute to see if its spool directory's modtime (or the modtime on /etc/crontab) has changed, and if it has, cron will then examine the modtime on all crontabs and reload those which have changed. Thus cron need not be restarted whenever a crontab file is modified. Note that the Crontab(1) command updates the modtime of the spool directory whenever it changes a crontab.
/var/spool/cron/ /etc/passwd /etc/crontab /var/lib/cron.lastrun
Paul Vixie <paul@vix.com> modifications by Felix Braun <fbraun@po-box.mcgill.ca>