similar to: Cron set_loginuid failed opening loginuid errors.

All of a sudden I can no longer ssh into my server running CentOS 4.5 This is what happens: [john at lt-131-jdl-f7 ~]$ ssh -Y -p 2222 192.168.0.1 john at 192.168.0.1's password: Connection to 192.168.0.1 closed by remote host. Connection to 192.168.0.1 closed. And yes, the account does exist and the password is correct! Looking at the logs, I see this: Jun 7 18:51:37 moray1

Hi When I enable a box to do authentication using LDAP it breaks cron for users like jboss. I get the following in /var/log/secure Sep 14 15:25:01 exoipatest01 crond[7214]: pam_access(crond:account): access denied for user `jboss' from `cron' I have the following in /etc/ldap.conf nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,tomcat,radiusd,news,mailman,nscd,jboss

Hi all, When I create a LXC guest(RHEL5.4) via libvirt, the guest could boot successfully. I could ping to guest, but can not ssh into the it. The secure log in the guest shows that this is due to lack of '/dev/tty' device: # tail /path/to/rootfs/of/container/var/log/secure Jul 27 04:25:25 xen2143v sshd[671]: Accepted password for zhangyufang from 10.0.0.1 port 34102 ssh2 Jul 27 04:25:25

Centos 4.2 Dec 29 10:04:10 z9m9z dbus: Can't send to audit system: USER_AVC pid=1997 uid=81 loginuid=-1 message=avc: denied { send_msg } for scontext=root:system_r:unconfined_t tcontext=user_u:system_r:initrc_t tclass=dbus Dec 29 10:04:45 z9m9z last message repeated 7 times Dec 29 10:05:50 z9m9z last message repeated 13 times Dec 29 10:06:55 z9m9z last message repeated 13 times Dec 29

I am getting tons of these messages since I updated to 4.2 Nov 12 12:21:39 srv1 dbus: Can't send to audit system: USER_AVC pid=2839 uid=81 loginuid=-1 message=avc: denied { send_msg } for scontext=user_u:system_r:unconfined_t tcontext=user_u:system_r:initrc_t tclass=dbus Now I can see this process... # ps aux|grep 2839 dbus 2839 0.0 0.3 16168 1888 ? Ssl Nov11 0:13 dbus-

Hi all, let me describe my environment and problem. System is RHEL 5.6 with latest stable OpenSSH. In sshd_config is defined "AllowGroups sshusers" but I need limitation to some of users in group to have access only from defined IP address. As I know this can be setup in sshd_config only for AllowUsers, but users in group are changed so I must use allowgroups instead of allowusers.

Hi all, I'm using samba with winbind which has been integrated with Active Directory. In the smb.conf file, I have template shell = /bin/bash winbind use default domain = yes to allow ssh but I don't want all the domain users to be able to ssh. Is there a way to only allow for example) domain\ssh_group which is an active directory group to be able to ssh into the server? This is my

Hi folks, I can't seem to log into my system via vsftpd. All other services using PAM are fine...Am I missing something simple? ftp> user (username) user 331 Please specify the password. Password: 530 Login incorrect. # getenforce Permissive here is the event in /var/log/audit/audit.log: type=USER_AUTH msg=audit(1247235151.569:9781): user pid=21052 uid=0 auid=0

Thanks to Anthony Ciarochi at Centeris for this solution. I have a Centos (Red Hat-based) server that is now accessible to AD users AND local users via ssh. I can control which AD groups can login using the syntax below. Red Hat-based distros use "pam_stack" in pam.d which is quite different than Debian's "include" based pam.d, cat /etc/pam.d/sshd #

I've got a fresh RHEL AS 4-U2 installation on a Dell PE2850 server. I downloaded and installed the latest RPMs: ocfs2-2.6.9-22.ELsmp-1.0.7-1.i686.rpm ocfs2-tools-1.0.2-1.i386.rpm ocfs2console-1.0.2-1.i386.rpm I was able to start the console, but when I try to run cluster->configure_nodes, I get the following error message: Could not start cluster stack. This must be resolved before any

Hi, I'm trying to remove any limit on open files for a user; I've set username nofiles to unlimited in /etc/security/logins.conf, but now I get "could not open session" if I try to su to the user. singhh - nofile unlimited I think this is related to PAM, so I've modifed /etc/pam.d/su and /etc/pam.d/login to use pam_limits.so: # cat /etc/pam.d/su

CentOS 4 - updated to current, rebooted to new kernel and now I can't get mysqld to start... # service mysqld start Timeout error occurred trying to start MySQL Daemon #tail -n 4 /var/log/messages Nov 12 00:48:56 srv1 kernel: audit(1131781736.221:4): avc: denied { write } for pid=4874 comm="mysqld" name="tmp" dev=dm-0 ino=2894305 scontext=root:system_r:mysqld_t

Hi, I am not very experienced with SELinux and I have a problem which I can't track down. Any help would be really appreciated. I have an 'install everything' Centos 4.2 system which I am using as a workstation. Before anyone tells me off for installing everything, I have done this in order to get used to CentOS before using it on live servers. Anyway when I log into X (gnome, gdm)

Anyone know how to supress all the audit(1127753401.267:0): user pid=1449 uid=0 length=104 loginuid=4294967295 msg=''PAM session close: user=root exe="/usr/sbin/crond" (hostname=?, addr=?, terminal=cron result=Success) type logging? A real pita, I don''t have auditd installed or selinux, wouldn''t let me remove audit-libs and the deps lead me to some pam

I have a couple of workstations that are perfect candidates for Linux at a client's location. The only think i am shaky on is getting CentOS 4.4 to integrate into the AD domain. Any tips links would be highly appreciated. -- My "Foundation" verse: Isa 54:17 No weapon that is formed against thee shall prosper; and every tongue that shall rise against thee in judgment thou

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, This may or may not be a bug. However, it is DEFINITELY NOT how I would expect and want to see sshd work! If you run lsof against sshd on a privilege separated user, it shows that sshd's CWD is /. I would hope that the CWD would be at a minimum /var/empty/sshd and I would really have thought it would be something along the lines of

passwd: Authentication token manipulation error smbpasswd: machine 127.0.0.1 rejected the password change: Error was : Wrong Password best regards [FACILITY/btombul at samba ~]$ passwd Changing password for user FACILITY/btombul. Changing password for FACILITY/btombul (current) NT password: New password: Retype new password: passwd: Authentication token manipulation error [FACILITY/btombul at

On 04/26/2017 04:22 AM, Gordon Messmer wrote: > On 04/25/2017 03:25 PM, Robert Moskowitz wrote: >> This made the same content as before that caused problems: > > I still don't understand, exactly. Are you seeing *new* problems > after installing a policy? What are the problems? > >> #!!!! The file '/var/lib/mysql/mysql.sock' is mislabeled on your system.

I have a RHEL 6.3 machine successfully bound to AD using winbind, and commands like wbinfo -u and wbinfo -g output the users and groups. I can also log in as any AD user. The problem is, I can log on as any AD user. require_membership_of is being ignored. I can put in a valid group with no spaces in the name, a group by SID, and either way, everyone can log in. I've put this option in both

This is annoying. I ssh to a server, then, it doesn't matter if I su - or sudo -s, I start a service (motion, if it matters), and when the service sends an email, it's from me, not from root, or the user the service runs as. I've dumped my environment, I've just dumped service's environment. I've set SUDO_USER to root, and SUDO_UID to 0, and restarted the service, and