经过几个月的疏忽,我通过 root 帐户通过 ssh 进行了一些维护。我关机,启动后我无法登录root账户在 tty 或通过 ssh。幸运的是,须藤作品通过我的用户帐户执行 root 操作。有安装没有什么特别的。可以说,它是开箱即用的。 root 使用本地身份验证。
我首先尝试更改root密码。密码更改成功,因为我也能够针对 root 帐户进行身份验证with: authconfig --test,它要求在 sudo/su 之外输入 root 密码。
重置权限和所有者/组rpm -a --setperms coreutils
PAM调试在pam_succeed_if.so。这是使用 pam 调试标志的最后一个中断会话:
Jul 27 18:29:18 mrwizard sshd[2054]: Server listening on 0.0.0.0 port 22.
Jul 27 18:29:18 mrwizard sshd[2054]: Server listening on :: port 22.
Jul 27 18:32:51 mrwizard login: pam_succeed_if(login:session): 'service' resolves to 'login'
Jul 27 18:32:51 mrwizard login: pam_succeed_if(login:session): requirement "service in crond" not met by user "root"
Jul 27 18:32:51 mrwizard login: pam_unix(login:session): session opened for user root by LOGIN(uid=0)
Jul 27 18:32:51 mrwizard login: ROOT LOGIN ON tty1
Jul 27 18:32:52 mrwizard login: pam_succeed_if(login:session): 'service' resolves to 'login'
Jul 27 18:32:52 mrwizard login: pam_succeed_if(login:session): requirement "service in crond" not met by user "root"
Jul 27 18:32:52 mrwizard login: pam_unix(login:session): session closed for user root
Jul 27 18:32:56 mrwizard login: pam_succeed_if(login:session): 'service' resolves to 'login'
Jul 27 18:32:56 mrwizard login: pam_succeed_if(login:session): requirement "service in crond" not met by user "root"
requirement "service in crond" 看起来很正常 TMI
// 按照要求:
Jul 27 18:29:27 mrwizard crond[2271]: (CRON) STARTUP (1.4.4)
Jul 27 18:29:27 mrwizard crond[2271]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 34% if used.)
Jul 27 18:29:27 mrwizard crond[2271]: (CRON) INFO (running with inotify support)
Jul 27 18:30:01 mrwizard CROND[2479]: (root) CMD (/usr/lib/sa/sa1 1 1)
Jul 27 18:40:01 mrwizard CROND[5021]: (root) CMD (/usr/lib/sa/sa1 1 1)
Jul 27 18:50:01 mrwizard CROND[7503]: (root) CMD (/usr/lib/sa/sa1 1 1)
Jul 27 19:00:01 mrwizard CROND[10985]: (root) CMD (/usr/lib/sa/sa1 1 1)
Jul 27 19:01:01 mrwizard CROND[11232]: (root) CMD (run-parts /etc/cron.hourly)
Jul 27 19:01:01 mrwizard run-parts(/etc/cron.hourly)[11232]: starting 0anacron
Jul 27 19:01:01 mrwizard run-parts(/etc/cron.hourly)[11241]: finished 0anacron
Jul 27 19:10:01 mrwizard CROND[13425]: (root) CMD (/usr/lib/sa/sa1 1 1)
Jul 27 19:20:01 mrwizard CROND[16899]: (root) CMD (/usr/lib/sa/sa1 1 1)
Jul 27 19:30:01 mrwizard CROND[19324]: (root) CMD (/usr/lib/sa/sa1 1 1)
Jul 27 19:40:01 mrwizard CROND[21719]: (root) CMD (/usr/lib/sa/sa1 1 1)
Jul 28 18:14:45 mrwizard crond[2317]: (CRON) STARTUP (1.4.4)
Jul 28 18:14:45 mrwizard crond[2317]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 45% if used.)
Jul 28 18:14:45 mrwizard crond[2317]: (CRON) INFO (running with inotify support)
$ cat /etc/pam.d/crond
# The PAM configuration file for the cron daemon
# No PAM authentication called, auth modules not needed
account required pam_access.so
account include password-auth
session required pam_loginuid.so
session include password-auth
auth include password-auth