Non-root users are unable to run cronjobs with custom PAM crond configuration on Red Hat Enterprise Linux 5
- Cron not working for anything but root. It used to work. When cron jobs run, the following error is seen:
crond: Permission denied crond: CRON (oracle) ERROR: failed to open PAM security session: Bad file descriptor crond: CRON (oracle) ERROR: cannot set security context crond: pam_access(crond:account): access denied for user `oracle' from `cron'
- Red Hat Enterprise Linux 5 (RHEL5)
- PAM (Pluggable Authentication Modules) changed for some services from defaults to reference different lists in /etc/security/access*.conf
- List of users that should have access to run cronjobs is stored in /etc/security/access-cron.conf:
$ cat /etc/security/access-cron.conf root patrol3 oracle drm1usr
- PAM configuration is the default:
$ cat /etc/pam.d/crond # # The PAM configuration file for the cron daemon # # auth sufficient pam_env.so auth required pam_rootok.so auth include system-auth account required pam_access.so account include system-auth session required pam_loginuid.so session include system-auth
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.