FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 01-03-2008, 01:26 PM
Craig Hurley
 
Default PAM failure?

Hello,

When looking at /var/log/auth.log PAM seems to be logging a large
amount. For example, every 30 minutes cron runs a script as root. It
appears to me that each time the script is run, PAM adds 4 entries to
auth.log, recording a the session open and close along with 2 other
failures. Here's a snip from auth.log:


Jan 3 13:30:01 hostname CRON[31753]: (pam_unix) session opened for user
root by (uid=0)
Jan 3 13:30:01 hostname pam_limits[31753]: setrlimit limit #11 to
soft=-1, hard=-1 failed: Operation not permitted; uid=0 euid=0
Jan 3 13:30:01 hostname pam_limits[31753]: setrlimit limit #12 to
soft=-1, hard=-1 failed: Operation not permitted; uid=0 euid=0
Jan 3 13:30:01 hostname CRON[31753]: (pam_unix) session closed for user
root


Does anyone know why PAM fails twice every time a script is run from cron?

I'm running Debian 4.0.

Many thanks,
Craig.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 01-03-2008, 03:10 PM
"Douglas A. Tutty"
 
Default PAM failure?

On Thu, Jan 03, 2008 at 02:26:20PM +0000, Craig Hurley wrote:
>
> When looking at /var/log/auth.log PAM seems to be logging a large
> amount. For example, every 30 minutes cron runs a script as root. It
> appears to me that each time the script is run, PAM adds 4 entries to
> auth.log, recording a the session open and close along with 2 other
> failures. Here's a snip from auth.log:
>
> Jan 3 13:30:01 hostname CRON[31753]: (pam_unix) session opened for user
> root by (uid=0)
> Jan 3 13:30:01 hostname pam_limits[31753]: setrlimit limit #11 to
> soft=-1, hard=-1 failed: Operation not permitted; uid=0 euid=0
> Jan 3 13:30:01 hostname pam_limits[31753]: setrlimit limit #12 to
> soft=-1, hard=-1 failed: Operation not permitted; uid=0 euid=0
> Jan 3 13:30:01 hostname CRON[31753]: (pam_unix) session closed for user
> root
>
> Does anyone know why PAM fails twice every time a script is run from cron?
>
> I'm running Debian 4.0.

Find out what script it is and read it. See what this setrlimit is.

Doug.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 01-03-2008, 04:04 PM
Craig Hurley
 
Default PAM failure?

On 03/01/2008 16:10, Douglas A. Tutty wrote:

Find out what script it is and read it. See what this setrlimit is.

Doug.




Hi Doug,

Here's the script. It's very basic; it recreates a folder if it has
been accidentally deleted.



#!/bin/bash

vpath="/path/to/folder"

if [ $# -ne 0 ] ; then
echo Usage: $0
exit 1
fi

#
# make sure folder structure is intact
#

if [ ! -d $vpath ] ; then
mkdir $vpath
chown root:www-data $vpath
chmod 770 $vpath
fi

exit 0


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 01-03-2008, 07:13 PM
Jeff D
 
Default PAM failure?

Craig Hurley wrote:

Hello,

When looking at /var/log/auth.log PAM seems to be logging a large
amount. For example, every 30 minutes cron runs a script as root. It
appears to me that each time the script is run, PAM adds 4 entries to
auth.log, recording a the session open and close along with 2 other
failures. Here's a snip from auth.log:


Jan 3 13:30:01 hostname CRON[31753]: (pam_unix) session opened for user
root by (uid=0)
Jan 3 13:30:01 hostname pam_limits[31753]: setrlimit limit #11 to
soft=-1, hard=-1 failed: Operation not permitted; uid=0 euid=0
Jan 3 13:30:01 hostname pam_limits[31753]: setrlimit limit #12 to
soft=-1, hard=-1 failed: Operation not permitted; uid=0 euid=0
Jan 3 13:30:01 hostname CRON[31753]: (pam_unix) session closed for user
root


Does anyone know why PAM fails twice every time a script is run from cron?

I'm running Debian 4.0.

Many thanks,
Craig.




do you have anything specific listed in:

/etc/security/limits.conf


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 01-03-2008, 07:48 PM
Craig Hurley
 
Default PAM failure?

On 03/01/2008 20:13, Jeff D wrote:
> do you have anything specific listed in:
>
> /etc/security/limits.conf
>
>

There's nothing in /etc/security/limits.conf.

Regards,
Craig.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 01-03-2008, 08:54 PM
"Douglas A. Tutty"
 
Default PAM failure?

On Thu, Jan 03, 2008 at 05:04:34PM +0000, Craig Hurley wrote:
> On 03/01/2008 16:10, Douglas A. Tutty wrote:
> >Find out what script it is and read it. See what this setrlimit is.
>
> Hi Doug,
>
> Here's the script. It's very basic; it recreates a folder if it has
> been accidentally deleted.


By what user is this script run. The pam documentation for the limits
module says that root is not affected by this limit.

>
>
> #!/bin/bash
>
> vpath="/path/to/folder"
>
> if [ $# -ne 0 ] ; then
> echo Usage: $0
> exit 1
> fi
>
> #
> # make sure folder structure is intact
> #
>
> if [ ! -d $vpath ] ; then
> mkdir $vpath
> chown root:www-data $vpath
> chmod 770 $vpath
> fi
>
> exit 0
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
>


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 01-03-2008, 08:55 PM
"Douglas A. Tutty"
 
Default PAM failure?

On Thu, Jan 03, 2008 at 08:48:39PM +0000, Craig Hurley wrote:
> On 03/01/2008 20:13, Jeff D wrote:
> > do you have anything specific listed in:
> >
> > /etc/security/limits.conf
> >
> >
>
> There's nothing in /etc/security/limits.conf.
>

Be specific. Is it an empty file or is it the default Etch file with
everything commented-out? The /etc/scurity/limits.conf file should be
owned root.root with permissions -rw-r--r--

Doug.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 01-03-2008, 09:28 PM
Craig Hurley
 
Default PAM failure?

On 03/01/2008 21:54, Douglas A. Tutty wrote:
>
> By what user is this script run. The pam documentation for the limits
> module says that root is not affected by this limit.
>

~# ls -lA /etc/cron.d/script
-rw------- 1 root root 190 Jan 2 18:23 /etc/cron.d/script


The contents of /etc/cron.d/script looks like this:

#!/bin/bash
*/30 9-17 * * 1-5 root /path/to/script > /dev/null 2>&1

Regards,
Craig.




--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 01-03-2008, 09:33 PM
Craig Hurley
 
Default PAM failure?

On 03/01/2008 21:55, Douglas A. Tutty wrote:
>
> Be specific. Is it an empty file or is it the default Etch file with
> everything commented-out? The /etc/scurity/limits.conf file should be
> owned root.root with permissions -rw-r--r--
>
> Doug.
>
>

~# ls -lA /etc/security/limits.conf
-rw-r--r-- 1 root root 1802 Oct 23 2006 /etc/security/limits.conf

Yes, it's the default etch file with everything commented out.

Regards,
Craig.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 08:34 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org