Ticket #33 (closed Bug: fixed)

Opened 1 year ago

Last modified 1 year ago

kickstart breaks root access to cron

Reported by: bwhalen Assigned to: bwhalen
Priority: High Milestone: 2009 - Release 2
Component: kickstart Keywords:
Cc:

Description

The following seems to break roots access to cron. We have the sysstat.rpm installed to collect performance data, and are getting errors when the root tries to execute the sysstat cron jobs. ## (GEN001020: CAT II) The IAO will enforce users requiring root privileges to ## log on to their personal account and invoke the /bin/su - command to switch ## user to root. # Configure sshd and login to consult pam_access.so sed -i '/account.*auth$/ a\account\t\trequired\tpam_access.so' /etc/pam.d/sshd sed -i '/account.*auth$/ a\account\t\trequired\tpam_access.so' /etc/pam.d/login This is what is actually breaking cron echo "-:ALL EXCEPT users :ALL" >> /etc/security/access.conf

Change History

03/25/09 20:57:21 changed by bwhalen

  • summary changed from RHEL kickstart breaks root access to cron to kickstart breaks root access to cron.

03/26/09 13:14:26 changed by bwhalen

  • status changed from new to closed.
  • resolution set to fixed.

Updated the kickstart: -echo "-:ALL EXCEPT users :ALL" >> /etc/security/access.conf +cat <<-EOF >> /etc/security/access.conf +#only access for root is cron ++:root: cron crond +-:ALL EXCEPT users :ALL +EOF

Also updated the corresponding stig-fix files