Server :: Cron Reporting User Account Expired, Chage -l Shows It Never Expires?
Jan 4, 2010
I've got a server running CentOS 4.8 (binary compatible RHEL 4.8 clone) that's decided all the accounts are expired.I've tried this on multiple accounts so far, to no avail.chage -l <username>Shows that the account never expires. In this case the problem was first noticed with the root account, then I tested it with my user account, and got the same answer, the account never expires.For the test I added a crontab to my account, and to roots, ever minute run "whoami"In the log I get (once for each crontab):rond[]: User account has expiredRecycling crond doesn't help, and I can't recycle the box itself as I've got users on it (pounding away at the poor box at that).
Several searches so far have only turned up that locked root accounts (ala debian/ubuntu) can cause this, and check or correct the age of the account using chage.Comparing entries in /etc/shadow to other boxes where everything is kosher doesn't seem to help either: the important bits are identical.
Working box:
kschmitt:$1$QykLetnt$ynSZ.7uKQSRnS3lsYe01w1:14613:0:99999:7:::
Screwie box:
two days before I have formatted my / partition and everything seems to working fine. Next day I came to office and try to login as root through ssh. I am getting the error: [sunheer@svn ~]$ ssh root@192.10.10.23
I thought the password were wrong and I rebooted the server in to run level 1 and reset the password and it started to work. Again on next day the account got same problem.his started to happen after formatting the / partition
We have one ftp server. Number of users are using it remotly. My requirement is that suppose any user is not connecting to the server using FTP for 15 days then account should get expired/locked automatically. Is it possible?
Apache is run as www as is all the files/folders. People are uploading via FTP, scp, so the problem is if I chmod so everyone can read, then rsync as a user it works until new files are added which then my ; if rsync fails with a permission denied. Now I can add a chmod in the script so everyone can read, but since www can already read, I figured I would just change my script to use www. I added the ssh key to his authorized_keys file, but when I try to just ssh in I see this in the secure file;
server sshd[29539]: User www not allowed because account is locked sshd[29539]: Failed none for invalid user www from ip port 54983 ssh2
Now I read a few places already saying I need to add a password to the account, etc. but before I jump and try all I read, 1st major one, will this now break apache? Will this affect any startup things, etc. and .... will that unlock that user for ssh in or is there another preferred method?
We've got crontabs set up in /etc/cron.d to run various things, and we have them running as a specific local user.
Watching the LDAP logs, I can see the servers in question making requests for that username to the LDAP server every time cron runs, even though that user isn't in LDAP and is only local. nsswitch is configured to do "files ldap" as well.
The constant stream of LDAP queries is killing LDAP and making it impossible to log into our boxes.
I have oracle installed on Linux I want to schedule a script "backup.sh" to run in oracle user.
oracle@linux1]crontab -e */2 * * * * /tmp/backup.sh this script does not execute by cron. But oracle@linux1 tmp] ./backup.sh ------executes successfully
I don't know why the script is not being executed by cron.
Recently I started having this problem where most users on the system are unable to log into the system over SSH. Their user name and password is correct, however it shows them as invalid when they are in fact valid. I've tried changing their password but that didn't work. I also tried deleting their account, as well as their home directory, and then recreating the account, but that didn't work. Only root and perhaps one or two other select accounts are able to log in without problems. I even tried a reboot to see if that would fix it, but as I theorized, it wouldn't. I also checked and ensured their home directory was chowned to them, and that they even had a home directory. Any assistance would be greatly appreciated to help me get this issue resolved. As a dsie note, they are showing up as invalid in /vars/logs/auth.log. Running Debian 5.0 Lenny.
I have just installed Centos 5, and created two user account in it. how can i set it up that it will automaticaly boot to one of the user acount upon bootup?
Startx by non-root user account in red hat linux kernel 2.6. How can I use the command "startx" by other user account such as "oracle"? I cannot startx by user account oracle?
Code: [oracle@localhost ~]$ startx
Fatal server error: PAM authentication failed, cannot start X server. Perhaps you do not have console ownership?
Please consult the The X.Org Foundation support at [URL] for help. [1]+ Stopped startx [oracle@localhost ~]$
I am running a mail server with combination of dovecot,sendmail and squirremail as web client. I want to change the password of the user if he/she not logged in for 21 days.
I have just got my Openldap server up and running howerver, I admit I'm a little confused about authenticating a client mechine to the server. When I create an account on the ldap server, does this mean that the server creates a user account in the /etc/passwd, or somewhere else on the server?
I am using NIS and I want to replace this with 389 ds. I have installed 389 ds and configured it. I could create user account from 389-console. But it does not create user home directory. Do I have to create user account and user home directory in linux first?
I've a mail server(Postfix) running on Slackware linux 12.1 . I need to configure a control panel so that one can create/delete/modify an email account as well as manage email alias.
Today morning I logged on to one of our servers (through ssh -X) to perform a routine maintenance. When I tried to open a GUI application, it failed to connect to the X server of the workstation. Eventually I ended up issuing the command
Code:
df -h /
and shockingly it showed that / is 100% used. I checked / using
Code:
du --max-depth=1 -xh /
to check the sizes of the individual directories, which showed that only about 18% of the / is used and that confused me badly. There was no quick solutions when I googled around; but luckily I found the following link which nicely explained the issue I had:
[URL]
All I did was found out the services responsible for those unreleased files (using lsof +L1) and restarted them. That is it. Now df reports only 18% of the disk is used and all my X things started working again, thanks to Walker.
Network server to administer accounts for all users, one login ie at login select or type in user name and password to login - so that I don't have to setup users separately on all PC's so that they can login from any computer.
In the past, I've installed Internet services as daemons and as xinetd.d with no problems. Those approaches do not meet my needs. And, perhaps, nothing will.
- the service was converted from VB-6 to wxPython. It has a GUI which is accessed with either "remote desktop" or VNC. - the wxPython service works on Windows and can be accessed from other hosts on my LAN - the wxPython service works on CentOS and Fedora, but can only be accessed from within the server host. Even from other user-ids. But, I cannot get to it from other hosts. - ipchains AKA firewall ports are marked for INPUT. - The server host uses autologin to fire up a useid in group "user". I do not want it running as "root". the .bash_profile fires the service up. - the service is heavily mult-threaded, and supports devices connected to serial ports asynchronously with the ephemeral port threads (all this works).
There are some programming solutions that I would rather not develop. - a proxy service that runs under xinetd.d. - separate the GUI code from the Internet and serial port code. Allocate a "control" port for remote GUI control. a'la SAMBA & SWAT
Is there any hope, that I can run it as is, by doing some network configuration stuff.
recently i rent a xen vps intended to setup a PPTPD vpn server for me and my friends. so we can by-pass the great firewall in china and get back on ....., facebook and stuff. i have already setup the server and i can connect to it without any problem. but i still want to do some further configuration the server:
1. i want to limit the bandwidth to 400k/s per connection. 2. i also want to limit the max connection per user a/c
i have some thoughts on the 2nd requirement. in the user configuration file of /etc/ppp/chap-secret, you can specify the range of ip the user can get, does it limit the max connection per user a/c? or they can connect anyway, just every now and then a box pop up says conflict in IP address?
I have a problem with the Google search box top right corner in Konqueror, when entering search I recieve an error page "Unsupported Protocol" Google asks for ioslave or kioslave. Also when highlighting text on a page and right clicking with the mouse no search option is given. I created a new user and all works as it should for the new user. What is wrong with my user account? I have reset default values in Konqueror setup.
I am trying to set up SARG to provide reporting from a squid proxy server.After installing Squid & SARG, I am a little confused as to how SARG has configured itself to run.Should this conflict? Or at least create a race condition? In any event SARG and sarg-reports looks like they have not been updated in a few years.is there anything better that offers per-user location reporting?
After doing an install using Redhat 5.6 which a kickstart, it seems the "chage" command is not working properly like it should.I assume it somehow got corrupted during the build and I want to reinstall it through whatever rpm package it came fromDoes anyone know what the command would be to find which rpm package it came from?
I am looking to send emails from cron for backup information. However, all the programs I have found (mail, mutt) require the password in plain text. Does anyone know of a more secure method? In fact, if it is only sending, is there a way to do this without logging into an account? What is the simplest way, without making it check emails too?
eth0: 62.2.2.x (public on the internet) GW: 62.2.2.1 (cisco router)
i want to configure my ppptp server to allow users access internet with their own public ips of class 62.2.3.0 62.2.4.0 62.2.5.0
every time i configure my server all users can get thier IPs but they only go out with my server IP same as NAT not routing.
can you show me the proper configuration to make my users connect with public IP and have internet access. use specific DNS ( i did this but some users can not brows by DNS)
is there any way to specify an expired date for each pptp user.