at: Authentication Failure

rl92694 · 03-09-2009, 09:33 AM

Over my objections, some of our users want to use at on one of the servers. So I put their usernames in the /etc/at.allow file, but when they try to run at, they get:

$ at
PAM authentication failure: Authentication failure
You do not have permission to use at.

The /etc/at.allow file looks fine. Restarting atd doesn't help. No error messages get logged in /var/log/messages.

So questions:

Does anyone know why I would be getting a PAM authentication failure?

Is there any way to configure atd logging so I can trace exactly why it's failing?

Here's the /etc/pam.d/atd file, just in case:

auth sufficient pam_rootok.so
auth required pam_env.so
auth include system-auth
account include system-auth
session include system-auth
session required pam_loginuid.so

Thanks.

rl92694 · 03-09-2009, 12:42 PM

So yeah, I fixed this. It turns out to have nothing at all to do with PAM authentication and everything to do with the sticky bit not being set. So all I did was:

chmod u+s /usr/bin/at

And now everything works.

Hooray for misleading error messages.

pdr33n · 10-21-2009, 07:09 PM

worked for me too.. if anybody knows a better solution.. tell us.

chrism01 · 10-22-2009, 01:57 AM

Actually, that's the setuid bit ... you might not want to do that.