On Sat March 11 2006 07:44, Russell Kliese wrote:
> >> >> >> >On 3/9/06, Russell Kliese <[EMAIL PROTECTED]> wrote:
> >> >> >> >
> >> >> >> >
> >> >> >> >>I have a problem with the find cron job inside a debian vserver.
> >> >> >> >>
> >> >> >> >>The find cron job runs the updatedb script as follows:
> >> >> >> >>
> >> >> >> >>#! /bin/sh
> >> >> >> >>#
> >> >> >> >># cron script to update the `locatedb' database.
> >> >> >> >>#
> >> >> >> >># Written by Ian A. Murdock <[EMAIL PROTECTED]> and
> >> >> >> >># Kevin Dalley <[EMAIL PROTECTED]>
> >> >> >> >>
> >> >> >> >>LOCALUSER="nobody"
> >> >> >> >>export LOCALUSER
> >> >> >> >>if [ -f /etc/updatedb.conf ]; then
> >> >> >> >> . /etc/updatedb.conf
> >> >> >> >>fi
> >> >> >> >>
> >> >> >> >>if getent passwd $LOCALUSER > /dev/null ; then
> >> >> >> >> cd / && nice -n ${NICE:-10} updatedb 2>/dev/null
> >> >> >> >> # cd / && updatedb 2>/dev/null
> >> >> >> >>else
> >> >> >> >> echo "User $LOCALUSER does not exist."
> >> >> >> >> exit 1
> >> >> >> >>fi
> >> >> >> >>
> >> >> >> >>The updatedb script tries to su to the nobody user, but this
> >> fails
> >> >> >> with
> >> >> >> >>the following messages logged in /var/log/auth.log
> >> >> >> >>
> >> >> >> >>Mar 10 14:55:02 secure su[26501]: + pts/1 root:nobody
> >> >> >> >>Mar 10 14:55:02 secure su[26501]: (pam_unix) session opened for
> >> >> user
> >> >> >> >>nobody by root(uid=0)
> >> >> >> >>Mar 10 14:55:02 secure su[26501]: pam_open_session: Permission
> >> >> denied
> >> >> >> >>
> >> >> >> >>
> >> >> >> >>If I comment in the line with the # in the above script (and
> >> >> comment
> >> >> >> out
> >> >> >> >>the line above), things work fine (i.e. I don't get the
> >> >> >> >>"pam_open_session: Permission denied" logged in the auth.log).
> >> So
> >> >> it
> >> >> >> >>seems to be something to do with nice. Note that even if I
> >> remove
> >> >> the
> >> >> >> >>"-n ${NICE:-10}" things still don't work.
> >
> > what does the $NICE contain here? maybe a negative value?
>
> $NICE is set to 10 in /etc/updatedb.conf, so -n ${NICE:-10} is the same as
> -n 0.
>
In a shell script? Doesn't ":-" set a default value if the variable is
not already set?
Mike
>
> > could you add some output to the log before that?
>
> Sorry, I'm not sure what you mean.
>
> >> >> >> >>Would enabling CAP_SYS_NICE help in this case even though a
> >> lower
> >> >> >> >>priority is being set? Or is there something else causing this
> >> >> >> problem?
>
> _______________________________________________
> Vserver mailing list
> Vserver@list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
>
>
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
