Re: [Freeipa-users] freeIPA user can not use cron
I think this is related to diferent names on different systems. RHEL and CentOS are using crond Ubuntu and similar are using cron From: Karl Forner [karl.for...@gmail.com] Sent: Thursday, October 15, 2015 16:24 To: Zoske, Fabian Cc: freeipa-users@redhat.com Subject: Re: [Freeipa-users] freeIPA user can not use cron Yes it works !!! Maybe this should be documented somewhere ? Thanks. On Thu, Oct 15, 2015 at 4:20 PM, Zoske, Fabian wrote: > Hi, > > we just had the same problem. > > You need to add a new service "cron" and assign this to the user/group. > > Best regards, > Fabian > > -Ursprüngliche Nachricht- > Von: freeipa-users-boun...@redhat.com > [mailto:freeipa-users-boun...@redhat.com] Im Auftrag von Karl Forner > Gesendet: Donnerstag, 15. Oktober 2015 15:53 > An: freeipa-users@redhat.com > Betreff: [Freeipa-users] freeIPA user can not use cron > > Hi, > > cron jobs do no work using a freeIPA user account. > > the cron job: > */1 * * * * echo coucou > > in /var/log/syslog: > Oct 15 15:48:02 asgard CRON[9779]: Permission denied > > in /var/log/auth.log: > Oct 15 15:48:02 asgard CRON[9779]: pam_sss(cron:account): Access denied for > user qbuser: 6 (Permission denied) > > in freeIPA I setup an hbac rule for this user and host that allow the > services: > ftp > login > sshd > gdm-password > crond > gdm > > What did I miss ? > > Thanks. > > Karl Forner > > -- > Manage your subscription for the Freeipa-users mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-users > Go to http://freeipa.org for more info on the project -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] freeIPA user can not use cron
ok, makes sense. And ubuntu users are quite rare... On Thu, Oct 15, 2015 at 4:26 PM, Zoske, Fabian wrote: > I think this is related to diferent names on different systems. > > RHEL and CentOS are using crond > Ubuntu and similar are using cron > > > From: Karl Forner [karl.for...@gmail.com] > Sent: Thursday, October 15, 2015 16:24 > To: Zoske, Fabian > Cc: freeipa-users@redhat.com > Subject: Re: [Freeipa-users] freeIPA user can not use cron > > Yes it works !!! Maybe this should be documented somewhere ? > Thanks. > > On Thu, Oct 15, 2015 at 4:20 PM, Zoske, Fabian wrote: >> Hi, >> >> we just had the same problem. >> >> You need to add a new service "cron" and assign this to the user/group. >> >> Best regards, >> Fabian >> >> -Ursprüngliche Nachricht- >> Von: freeipa-users-boun...@redhat.com >> [mailto:freeipa-users-boun...@redhat.com] Im Auftrag von Karl Forner >> Gesendet: Donnerstag, 15. Oktober 2015 15:53 >> An: freeipa-users@redhat.com >> Betreff: [Freeipa-users] freeIPA user can not use cron >> >> Hi, >> >> cron jobs do no work using a freeIPA user account. >> >> the cron job: >> */1 * * * * echo coucou >> >> in /var/log/syslog: >> Oct 15 15:48:02 asgard CRON[9779]: Permission denied >> >> in /var/log/auth.log: >> Oct 15 15:48:02 asgard CRON[9779]: pam_sss(cron:account): Access denied for >> user qbuser: 6 (Permission denied) >> >> in freeIPA I setup an hbac rule for this user and host that allow the >> services: >> ftp >> login >> sshd >> gdm-password >> crond >> gdm >> >> What did I miss ? >> >> Thanks. >> >> Karl Forner >> >> -- >> Manage your subscription for the Freeipa-users mailing list: >> https://www.redhat.com/mailman/listinfo/freeipa-users >> Go to http://freeipa.org for more info on the project -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] freeIPA user can not use cron
Yes it works !!! Maybe this should be documented somewhere ? Thanks. On Thu, Oct 15, 2015 at 4:20 PM, Zoske, Fabian wrote: > Hi, > > we just had the same problem. > > You need to add a new service "cron" and assign this to the user/group. > > Best regards, > Fabian > > -Ursprüngliche Nachricht- > Von: freeipa-users-boun...@redhat.com > [mailto:freeipa-users-boun...@redhat.com] Im Auftrag von Karl Forner > Gesendet: Donnerstag, 15. Oktober 2015 15:53 > An: freeipa-users@redhat.com > Betreff: [Freeipa-users] freeIPA user can not use cron > > Hi, > > cron jobs do no work using a freeIPA user account. > > the cron job: > */1 * * * * echo coucou > > in /var/log/syslog: > Oct 15 15:48:02 asgard CRON[9779]: Permission denied > > in /var/log/auth.log: > Oct 15 15:48:02 asgard CRON[9779]: pam_sss(cron:account): Access denied for > user qbuser: 6 (Permission denied) > > in freeIPA I setup an hbac rule for this user and host that allow the > services: > ftp > login > sshd > gdm-password > crond > gdm > > What did I miss ? > > Thanks. > > Karl Forner > > -- > Manage your subscription for the Freeipa-users mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-users > Go to http://freeipa.org for more info on the project -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] freeIPA user can not use cron
%ipa hbactest User name: qbuser Target host: asgard Service: crond Access granted: True On Thu, Oct 15, 2015 at 3:53 PM, Karl Forner wrote: > Hi, > > cron jobs do no work using a freeIPA user account. > > the cron job: > */1 * * * * echo coucou > > in /var/log/syslog: > Oct 15 15:48:02 asgard CRON[9779]: Permission denied > > in /var/log/auth.log: > Oct 15 15:48:02 asgard CRON[9779]: pam_sss(cron:account): Access > denied for user qbuser: 6 (Permission denied) > > in freeIPA I setup an hbac rule for this user and host that allow the > services: > ftp > login > sshd > gdm-password > crond > gdm > > What did I miss ? > > Thanks. > > Karl Forner -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] freeIPA user can not use cron
Hi, we just had the same problem. You need to add a new service "cron" and assign this to the user/group. Best regards, Fabian -Ursprüngliche Nachricht- Von: freeipa-users-boun...@redhat.com [mailto:freeipa-users-boun...@redhat.com] Im Auftrag von Karl Forner Gesendet: Donnerstag, 15. Oktober 2015 15:53 An: freeipa-users@redhat.com Betreff: [Freeipa-users] freeIPA user can not use cron Hi, cron jobs do no work using a freeIPA user account. the cron job: */1 * * * * echo coucou in /var/log/syslog: Oct 15 15:48:02 asgard CRON[9779]: Permission denied in /var/log/auth.log: Oct 15 15:48:02 asgard CRON[9779]: pam_sss(cron:account): Access denied for user qbuser: 6 (Permission denied) in freeIPA I setup an hbac rule for this user and host that allow the services: ftp login sshd gdm-password crond gdm What did I miss ? Thanks. Karl Forner -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] freeIPA user can not use cron
On Thu, Oct 15, 2015 at 03:53:07PM +0200, Karl Forner wrote: > Hi, > > cron jobs do no work using a freeIPA user account. > > the cron job: > */1 * * * * echo coucou > > in /var/log/syslog: > Oct 15 15:48:02 asgard CRON[9779]: Permission denied > > in /var/log/auth.log: > Oct 15 15:48:02 asgard CRON[9779]: pam_sss(cron:account): Access > denied for user qbuser: 6 (Permission denied) > > in freeIPA I setup an hbac rule for this user and host that allow the > services: > ftp > login > sshd > gdm-password > crond > gdm > > What did I miss ? does ipa hbactest say the service should be permitted? -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
