One can set a password on running the cron.php file in moodlecode/admin/. Have to pass that password in your cron job then. No need to rename the file then.
There really isn't a reason to move the config.php file out.
Upgrade script does the same stuff but there are no browser issues and it's faster - apache server not involved.
Example of a script that uses the 'enablelater' ...
first few lines look like (notice it runs cli/cron first ... in hopes of emptying the trashdir etc.):
php -f admin/cli/cron.php;
php admin/cli/maintenance.php --enablelater=5;
echo 'Given 5 minute warning!';
echo '5 minutes is up! ... executing ...';
That locks all users out of the web interface and they get a Moodle screen notification.
Then once 5 minutes is up ... tar balls the code directory, the data directory, and does an SQL dump of DB.
tar -cvf /savelocation/moodle26code.tar /webroot/moodle26;
mysqldump ... blah, blah, blah
php admin/cli/upgrade.php --non-interactive;
fgrep '$release' version.php;
chown apache:apache * -R;
php admin/cli/maintenance.php --disable;
Then, to check things out ... login with browser.
Script could be written better but am the only one that uses/can access. Same script can use git lines to upgrade to another version higher.
'spirit of sharing', Ken