Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 454292 - cron does not work for ldap users.
Summary: cron does not work for ldap users.
Keywords:
Status: CLOSED DUPLICATE of bug 448014
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: nss_ldap
Version: 5.2
Hardware: x86_64
OS: Linux
low
high
Target Milestone: rc
: ---
Assignee: Nalin Dahyabhai
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-07-07 15:05 UTC by Bogdan Sandu
Modified: 2010-06-30 15:23 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2010-06-30 15:23:54 UTC


Attachments (Terms of Use)

Description Bogdan Sandu 2008-07-07 15:05:39 UTC
Cron does not work for ldap users.

I Think the problem is related to Bug 448016: su does not work in 5.2

Starting nscd does not solve the problem, as it does with bug 448016.

We've also experienced bug 448016: su does not work in 5.2, and we've applied
the workaround with nscd, and now su works with ldap users.

But cron still does not work with ldap users.

Here is out /etc/pam.d/system-auth:
#%PAM-1.0
# This file is managed using cfengine
# User changes will be destroyed the next time cfagent is run.

auth        required      /lib/security/$ISA/pam_env.so
auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
auth        sufficient    /lib/security/$ISA/pam_ldap.so use_first_pass
auth        required      /lib/security/$ISA/pam_deny.so

account     required      /lib/security/$ISA/pam_unix.so
account     required      /lib/security/$ISA/pam_ldap.so ignore_unknown_user
ignore_authinfo_unavail

password    required      /lib/security/$ISA/pam_cracklib.so retry=3 type=
password    sufficient    /lib/security/$ISA/pam_unix.so nullok use_authtok md5
shadow
password    sufficient    /lib/security/$ISA/pam_ldap.so use_authtok
password    required      /lib/security/$ISA/pam_deny.so

session     required      /lib/security/$ISA/pam_limits.so
session     optional      /lib/security/$ISA/pam_unix.so
session     optional      /lib/security/$ISA/pam_ldap.so


,and our /etc/pam.d/crond file:
#
# The PAM configuration file for the cron daemon
#
#
auth       sufficient pam_rootok.so
auth       required   pam_env.so
auth       include    system-auth
account    required   pam_access.so
account    include    system-auth
session    required   pam_loginuid.so
session    include    system-auth

Thanks

Comment 1 Nalin Dahyabhai 2010-06-30 15:23:54 UTC
This looks like a duplicate of bug #448014, which was fixed in
nss_ldap-253-13.el5_2.1.  Please reopen this report if this update did not
resolve the problem.  Thanks!

*** This bug has been marked as a duplicate of bug 448014 ***


Note You need to log in before you can comment on or make changes to this bug.