Sharing Knowledge | System Admin Articles

Enable cron for a locked account in Linux



In some environments, there are times when locked application/databases accounts need to run some cron jobs. In linux, by default, a locked account can not run the cron job.


We can enable this  by editing a specific setting is disabled in /etc/pam.d/crond file. 


Here is the details:



# cat /etc/pam.d/crond 


#
# The PAM configuration file for the cron daemon
#
auth       sufficient pam_rootok.so
auth       required   pam_stack.so service=system-auth
auth       required   pam_env.so
account    required   pam_stack.so service=system-auth
# account    required   pam_access.so
session    required   pam_limits.so
session    required   pam_loginuid.so

This example is working in Redhat Linux. In the /etc/pam.d/crond file, if we disable "account required pam_access.so" line the cron started working again for the locked account as well.


Labels: Cron, Linux, Quick HOWTO, Tips

My Profile PhotoAbout the Author

I'm Parthiban, An UNIX System Admin by Profession. I'm Experienced in Linux/Unix System Administration and Scripting. I have done lot of work on the infrastructure Mgmt side in Linux, UNIX and Windows system administration, Hardware, Storage and Data center. I'm blogging since 2008.
Follow Me On Twitter or On Facebook

0 Comments for "Enable cron for a locked account in Linux"

What do you think about this Article? Add your Opinion..!

Back To Top