Mailinglist Archive: opensuse (1945 mails)
| < Previous | Next > |
Re: [opensuse] PAM prevents root access to crontab ?
- From: "Carlos E. R." <robin.listas@xxxxxxxxxxxxxx>
- Date: Thu, 17 Dec 2009 18:04:20 +0100 (CET)
- Message-id: <alpine.LSU.2.00.0912171757092.4905@xxxxxxxxxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thursday, 2009-12-17 at 08:46 -0800, Ben DJ wrote:
It is quite different from mine:
bombadillo:~ # cat /etc/pam.d/crond
#
# The PAM configuration file for the cron daemon
#
#
auth sufficient pam_rootok.so
auth include common-auth
account include common-account
password include common-password
session required pam_loginuid.so
session include common-session
And that is the default configuration:
bombadillo:~ # l /etc/pam.d/crond
- -rw-r--r-- 1 root root 287 2009-10-24 06:14 /etc/pam.d/crond
Please give the output of this command:
grep PERMISSION_SECURITY /etc/sysconfig/security
You might have "secure" or "paranoid" in there. Default is "easy local".
No, it is not. This is the output on my system:
bombadillo:~ # crontab
crontab: usage error: file name must be specified for replace
usage: crontab [-u user] file
crontab [-u user] [ -e | -l | -r ]
(default operation is replace, per 1003.2)
-e (edit user's crontab)
-l (list user's crontab)
-r (delete user's crontab)
- -- Cheers,
Carlos E. R.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
iEYEARECAAYFAksqZJcACgkQtTMYHG2NR9W9rgCdEp4pz4aVOwGy4TJHOGLdZL+Z
/LoAn1P+i2RnmgSVxx2kycbJHPBF+JBM
=B/BA
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
Hash: SHA1
On Thursday, 2009-12-17 at 08:46 -0800, Ben DJ wrote:
On Thu, Dec 17, 2009 at 8:28 AM, Jan Ritzerfeld <> wrote:
The file /etc/pam.d/password-auth does not exist on both 11.1 and 11.2.
Furthermore, "grep -r password-auth /etc/pam.d/" does not give any hit for
me. Do you have any line like "...include...password-auth" in your
/etc/pam.d/crond?
as installed -- i.e., I've never touched it,
cat /etc/pam.d/crond
#
# The PAM configuration file for the cron daemon
#
#
# No PAM authentication called, auth modules not needed
account required pam_access.so
account include password-auth
session required pam_loginuid.so
session include password-auth
It is quite different from mine:
bombadillo:~ # cat /etc/pam.d/crond
#
# The PAM configuration file for the cron daemon
#
#
auth sufficient pam_rootok.so
auth include common-auth
account include common-account
password include common-password
session required pam_loginuid.so
session include common-session
And that is the default configuration:
bombadillo:~ # l /etc/pam.d/crond
- -rw-r--r-- 1 root root 287 2009-10-24 06:14 /etc/pam.d/crond
Please give the output of this command:
grep PERMISSION_SECURITY /etc/sysconfig/security
You might have "secure" or "paranoid" in there. Default is "easy local".
Using a fresh 11.2 installation, crontab works. Besides "crontab" alone is
not a valid command, there must be some option.
SYNOPSIS
crontab [-u user] file
crontab [-u user] [-l | -r | -e] [-i] [-s]
the 2nd line looks like all options are optional -- i.e., 'crontab'
alone is fine.
No, it is not. This is the output on my system:
bombadillo:~ # crontab
crontab: usage error: file name must be specified for replace
usage: crontab [-u user] file
crontab [-u user] [ -e | -l | -r ]
(default operation is replace, per 1003.2)
-e (edit user's crontab)
-l (list user's crontab)
-r (delete user's crontab)
- -- Cheers,
Carlos E. R.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
iEYEARECAAYFAksqZJcACgkQtTMYHG2NR9W9rgCdEp4pz4aVOwGy4TJHOGLdZL+Z
/LoAn1P+i2RnmgSVxx2kycbJHPBF+JBM
=B/BA
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |