-
Notifications
You must be signed in to change notification settings - Fork 80
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pam_succeed_if.so not worked correctly in auth stack of /etc/pam.d/crond #109
Comments
crond or crontab does not invoke pam_authenticate at all. That is by design. |
Thank you very much for your quick response. #auth include system-auth It worked for me even if I used pam_succeed_if.so in password-auth and/or system-auth. Many thanks. |
There is a reason the auth stack is included - that is for pam_setcred() call which uses the auth stack. |
thank you very much for your response. #auth include system-auth It seems to work for me. |
I have a problem that pam_succeed_if.so always returns a error of ignore for auth stack in /etc/pam.d/crond.
I also found the pam setup in cron_start_pam() in src/security.c didn't call pam_authenticate().
So authentication in pam isn't executed correctly, I think.
It happened for CentOS6.8, CentOS7.3. and CentOS7.8.
To duplicate the issue, I used crontab -l command invoked by not root user.
When root user invoked crontab, it didn't use the pam.
thanks,
The text was updated successfully, but these errors were encountered: