5
root的crontab由于root密码失效导致不能正常工作
source link: https://bajie.dev/posts/20231211-crontab_root/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Root的crontab由于root密码失效导致不能正常工作
2023-12-11
1 分钟阅读
数据库管理员的 172.18.20.10 和 172.18.20.25 数据库备份脚本是以 root 身份运行的,在 crontab 里跑:
26 11 * * * /root/scripts/mysql_backup_full_3306.sh > /dev/null 2>&1
但是由于 root 密码会每三个月变更一次,如果没有及时变更,会导致 root 密码失效,从而 crontab 无法正常运行。
解决方法很简单: 找到 /etc/pam.d/password-auth , 其中 account 的有四行
account required pam_unix.so
account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid < 1000 quiet
account required pam_permit.so
在前面增加两行:
account required pam_access.so
account [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
account required pam_unix.so
account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid < 1000 quiet
account required pam_permit.so
这样就可以了,不用重启任何服务。
pam 验证的时候,即使密码过期,crond 依然正常跑,就 ok 了。
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK