This one time, at band camp, Peter Hardy wrote: > On Tue, 2005-11-08 at 12:32 +1100, Jamie Wilkinson wrote: >> This one time, at band camp, Simon wrote: >> >Hi all, >> >I get heaps of these in the logs on a FC server and I have no idea what >> >they mean! >> > >> >crond[28991]: pam_succeed_if: requirement "uid < 100" was met by user >> >"root" >> >> In /etc/pam.d/system-auth, or somewhere else in cron's pam chain, you've got >> the pam_succeed_if module, which is granting access to users with a uid less >> than 100. Also looks like it's got the logging option turned on :) >> >> In this case, cron runs as root, so it's allowed to do stuff. >> >> This is part of the default install on RHEL4 and FC3 upwards, iirc. > >Last I looked (admittedly, one of the earlier FCs), Red Hat and friends >started numbering regular user accounts at 100. Numbers below that are >informally reserved for system accounts. Debian does the same thing, >only they start at 1000. > >So, what is pam_succeeed_if there for? To stop regular users from >running cron jobs?
Who knows what the Grand Visirs at Red Hat plan for us? Do we dare question their ways? -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
