When looking at /var/log/auth.log PAM seems to be logging a large
amount. For example, every 30 minutes cron runs a script as root. It
appears to me that each time the script is run, PAM adds 4 entries to
auth.log, recording a the session open and close along with 2 other
failures. Here's a snip from auth.log:
Jan 3 13:30:01 hostname CRON[31753]: (pam_unix) session opened for user
root by (uid=0)
Jan 3 13:30:01 hostname pam_limits[31753]: setrlimit limit #11 to
soft=-1, hard=-1 failed: Operation not permitted; uid=0 euid=0
Jan 3 13:30:01 hostname pam_limits[31753]: setrlimit limit #12 to
soft=-1, hard=-1 failed: Operation not permitted; uid=0 euid=0
Jan 3 13:30:01 hostname CRON[31753]: (pam_unix) session closed for user
root
Does anyone know why PAM fails twice every time a script is run from cron?
I'm running Debian 4.0.
Many thanks,
Craig.
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
01-03-2008, 03:10 PM
"Douglas A. Tutty"
PAM failure?
On Thu, Jan 03, 2008 at 02:26:20PM +0000, Craig Hurley wrote:
>
> When looking at /var/log/auth.log PAM seems to be logging a large
> amount. For example, every 30 minutes cron runs a script as root. It
> appears to me that each time the script is run, PAM adds 4 entries to
> auth.log, recording a the session open and close along with 2 other
> failures. Here's a snip from auth.log:
>
> Jan 3 13:30:01 hostname CRON[31753]: (pam_unix) session opened for user
> root by (uid=0)
> Jan 3 13:30:01 hostname pam_limits[31753]: setrlimit limit #11 to
> soft=-1, hard=-1 failed: Operation not permitted; uid=0 euid=0
> Jan 3 13:30:01 hostname pam_limits[31753]: setrlimit limit #12 to
> soft=-1, hard=-1 failed: Operation not permitted; uid=0 euid=0
> Jan 3 13:30:01 hostname CRON[31753]: (pam_unix) session closed for user
> root
>
> Does anyone know why PAM fails twice every time a script is run from cron?
>
> I'm running Debian 4.0.
Find out what script it is and read it. See what this setrlimit is.
Doug.
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
01-03-2008, 04:04 PM
Craig Hurley
PAM failure?
On 03/01/2008 16:10, Douglas A. Tutty wrote:
Find out what script it is and read it. See what this setrlimit is.
Doug.
Hi Doug,
Here's the script. It's very basic; it recreates a folder if it has
been accidentally deleted.
#!/bin/bash
vpath="/path/to/folder"
if [ $# -ne 0 ] ; then
echo Usage: $0
exit 1
fi
#
# make sure folder structure is intact
#
if [ ! -d $vpath ] ; then
mkdir $vpath
chown root:www-data $vpath
chmod 770 $vpath
fi
exit 0
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
01-03-2008, 07:13 PM
Jeff D
PAM failure?
Craig Hurley wrote:
Hello,
When looking at /var/log/auth.log PAM seems to be logging a large
amount. For example, every 30 minutes cron runs a script as root. It
appears to me that each time the script is run, PAM adds 4 entries to
auth.log, recording a the session open and close along with 2 other
failures. Here's a snip from auth.log:
Jan 3 13:30:01 hostname CRON[31753]: (pam_unix) session opened for user
root by (uid=0)
Jan 3 13:30:01 hostname pam_limits[31753]: setrlimit limit #11 to
soft=-1, hard=-1 failed: Operation not permitted; uid=0 euid=0
Jan 3 13:30:01 hostname pam_limits[31753]: setrlimit limit #12 to
soft=-1, hard=-1 failed: Operation not permitted; uid=0 euid=0
Jan 3 13:30:01 hostname CRON[31753]: (pam_unix) session closed for user
root
Does anyone know why PAM fails twice every time a script is run from cron?
I'm running Debian 4.0.
Many thanks,
Craig.
do you have anything specific listed in:
/etc/security/limits.conf
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
01-03-2008, 07:48 PM
Craig Hurley
PAM failure?
On 03/01/2008 20:13, Jeff D wrote:
> do you have anything specific listed in:
>
> /etc/security/limits.conf
>
>
There's nothing in /etc/security/limits.conf.
Regards,
Craig.
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
01-03-2008, 08:54 PM
"Douglas A. Tutty"
PAM failure?
On Thu, Jan 03, 2008 at 05:04:34PM +0000, Craig Hurley wrote:
> On 03/01/2008 16:10, Douglas A. Tutty wrote:
> >Find out what script it is and read it. See what this setrlimit is.
>
> Hi Doug,
>
> Here's the script. It's very basic; it recreates a folder if it has
> been accidentally deleted.
By what user is this script run. The pam documentation for the limits
module says that root is not affected by this limit.
>
>
> #!/bin/bash
>
> vpath="/path/to/folder"
>
> if [ $# -ne 0 ] ; then
> echo Usage: $0
> exit 1
> fi
>
> #
> # make sure folder structure is intact
> #
>
> if [ ! -d $vpath ] ; then
> mkdir $vpath
> chown root:www-data $vpath
> chmod 770 $vpath
> fi
>
> exit 0
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
>
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
01-03-2008, 08:55 PM
"Douglas A. Tutty"
PAM failure?
On Thu, Jan 03, 2008 at 08:48:39PM +0000, Craig Hurley wrote:
> On 03/01/2008 20:13, Jeff D wrote:
> > do you have anything specific listed in:
> >
> > /etc/security/limits.conf
> >
> >
>
> There's nothing in /etc/security/limits.conf.
>
Be specific. Is it an empty file or is it the default Etch file with
everything commented-out? The /etc/scurity/limits.conf file should be
owned root.root with permissions -rw-r--r--
Doug.
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
01-03-2008, 09:28 PM
Craig Hurley
PAM failure?
On 03/01/2008 21:54, Douglas A. Tutty wrote:
>
> By what user is this script run. The pam documentation for the limits
> module says that root is not affected by this limit.
>
~# ls -lA /etc/cron.d/script
-rw------- 1 root root 190 Jan 2 18:23 /etc/cron.d/script
The contents of /etc/cron.d/script looks like this:
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
01-03-2008, 09:33 PM
Craig Hurley
PAM failure?
On 03/01/2008 21:55, Douglas A. Tutty wrote:
>
> Be specific. Is it an empty file or is it the default Etch file with
> everything commented-out? The /etc/scurity/limits.conf file should be
> owned root.root with permissions -rw-r--r--
>
> Doug.
>
>
~# ls -lA /etc/security/limits.conf
-rw-r--r-- 1 root root 1802 Oct 23 2006 /etc/security/limits.conf
Yes, it's the default etch file with everything commented out.
Regards,
Craig.
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
PAM failure?
