LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices



Reply
 
Search this Thread
Old 05-19-2008, 11:57 PM   #1
chakkerz
Member
 
Registered: Dec 2002
Location: Brisbane, Australia
Distribution: RedHat (RHEL, FC, CentOS), openSuSE, Mac OS X
Posts: 653

Rep: Reputation: 32
cron job as a non-privileged user do not run


I'm running on CentOS 5.1 and RHEL 5.1 same problem in both locations (though the cron jobs are different)

Let's go with CentOS because it's the one i need to get working

the error i'm getting in my /var/log/cron file is:
Code:
2008-05-20T13:34:01.191785+10:00 fact crond[8444]: Permission denied
2008-05-20T13:34:01.192261+10:00 fact crond[8444]: CRON (logcluster) ERROR: failed to open PAM security session: Success
2008-05-20T13:34:01.192306+10:00 fact crond[8444]: CRON (logcluster) ERROR: cannot set security context
the user is logcluster and the crontab for that user looks as follows:

Code:
[root@fact cron]# su - logcluster
-bash-3.1$ crontab -l
#
# synchronize after they are cycled every 15 minutes
#
02,17,32,47 * * * * /logCluster/bin/synchronizeLogs | mail -s "LogCluster log synchronization status" me@whereiswork.edu.au

#
# compact the logs once daily after the day clicks over
#
05 0 * * * /logCluster/bin/compactLogs | mail -s "LogCluster log compression" me@whereiwork.edu.au

* * * * * touch ~/this
I found one source that tells me that the error in the log is indicative of a SE Linux error, but i'm pretty sure it ain't it:

Code:
[root@fact cron]# getenforce 
Permissive
i do not have a cron.allow file, but i do have a cron.deny file:

Code:
[root@fact etc]# ls cron.allow
ls: cron.allow: No such file or directory
[root@fact etc]# ls cron.deny
cron.deny
[root@fact etc]# cat cron.deny
[root@fact etc]#
the scripts work on their own when running as logcluster and eitherway `touch ~/this` should have no issues, besides the error in the log is not indicative of something not being found but relating to PAM...

I've looked around a bit and talked to some people but am not getting any further... any help would be great.

chakkerz
 
Old 05-20-2008, 07:52 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,777
Blog Entries: 54

Rep: Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978
Quote:
Originally Posted by chakkerz View Post
2008-05-20T13:34:01.192306+10:00 fact crond[8444]: CRON (logcluster) ERROR: cannot set security context

I found one source that tells me that the error in the log is indicative of a SE Linux error, but i'm pretty sure it ain't it
Can you reproduce https://bugzilla.redhat.com/show_bug.cgi?id=241877 as described there?
 
Old 06-02-2008, 05:11 PM   #3
chakkerz
Member
 
Registered: Dec 2002
Location: Brisbane, Australia
Distribution: RedHat (RHEL, FC, CentOS), openSuSE, Mac OS X
Posts: 653

Original Poster
Rep: Reputation: 32
Nope, it sure sounded like it, though i'm not using SELinux nor am i using NFS to do something quite like what they describe.

No, the problem ended up being:

/etc/security/access.conf was missing

Code:
+ : ALL : cron crond
One of the team (who had been playing with access.conf) found that my minutely cronjob was interrupting his testing on another issue we were having (RHEL 5.2 has become vicious about UID's being below 500) and since he knew all about access.conf he fixed it

Thanks for that link though

chakkerz
 
Old 06-03-2008, 07:06 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,777
Blog Entries: 54

Rep: Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978
Well, I *never* could have diagnosed it as a problem with /etc/security/access.conf. Allowing user cron through it doesn't look like a standard solution to me, maybe it's a local modification to do with your cluster stuff or something?
 
Old 06-03-2008, 08:30 PM   #5
chakkerz
Member
 
Registered: Dec 2002
Location: Brisbane, Australia
Distribution: RedHat (RHEL, FC, CentOS), openSuSE, Mac OS X
Posts: 653

Original Poster
Rep: Reputation: 32
hmm ... yes i've just taken a look at a clean install and you're right, it is a local issue...
 
Old 06-03-2008, 09:28 PM   #6
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,777
Blog Entries: 54

Rep: Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978Reputation: 2978
Thanks for confirming!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Can't get a cron job to run derzok Linux - General 10 12-16-2007 05:00 AM
script does not run in cron job kashyapvirgo Linux - General 8 03-20-2007 11:55 AM
how to run this cron job ashley75 Linux - General 5 05-24-2004 12:20 PM
Did my Cron job run? ryedunn Linux - Newbie 2 02-25-2004 09:59 AM
Cron job does not run brentos Linux - General 6 12-12-2003 03:37 PM


All times are GMT -5. The time now is 01:09 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration