From: Matthijs Kooijman Date: Tue, 30 Dec 2008 15:50:45 +0000 (+0100) Subject: pam: Fix pam configuration for cron. X-Git-Url: https://git.stderr.nl/gitweb?a=commitdiff_plain;h=74bb11bba73d6b940e1d698794c365ca09a1d359;p=matthijs%2Fservers%2Fdrsnuggles.git pam: Fix pam configuration for cron. This allows non-ldap users (say, root) to use cron. --- diff --git a/etc/pam.d/cron b/etc/pam.d/cron index 2a58ec2..938d30f 100644 --- a/etc/pam.d/cron +++ b/etc/pam.d/cron @@ -2,12 +2,18 @@ # The PAM configuration file for the cron daemon # -@include common-auth -auth required pam_env.so -@include common-account -@include common-session +auth sufficient pam_unix.so +@include common-auth + +# This is required instead of sufficient, since pam_unix mostly does checks +# based on NSS, so this will also work for ldap users. +account required pam_unix.so +# We use a custom control spec so we won't fail on user_unknown special +account [success=ok new_authtok_reqd=ok user_unknown=ignore ignore=ignore default=bad] pam_ldap.so + + +@include common-session + # Sets up user limits, please define limits for cron tasks # through /etc/security/limits.conf session required pam_limits.so - -