If this file doesn't exist:
/proc/<pid of crond>/loginuid
It's because the kernel doesn't have AUDIT enabled. So you get a bunch of errors in "/var/log/secure" with "set_loginuid failed opening loginuid".
Recompile kernel with audit support:
CONFIG_AUDIT=y
CONFIG_AUDITSYSCALL=y
If recompiling of kernel is not an option then:
Comment the below lines from all pam.d files.
session required &nbs p; pam_loginuid.so
Find files via:
# grep -l pam_loginuid.so /etc/pam.d/*
/etc/pam.d/atd
/etc/pam.d/crond
/etc/pam.d/login
/etc/pam.d/remote
/etc/pam.d/sshd
- sandip's blog
- Login or register to post comments
Comments
The same goes for "audit_log_user_command(): Connection refused".
https://bugzilla.redhat.com/sh ow_bug.cgi?id=401201
updating sudo, should now fix this issue.