I've been working on configuring pam_access to restrict access to cron jobs. There is an example config file included that contains this line:
#+ : root : cron crond :0 tty1 tty2 tty3 tty4 tty5 tty6
However, nowhere in the documentation is it explained where the strings 'cron' and 'crond' come from. The origins field is specified as containing tty names, host names, domain names, host addresses, internet network numbers, internet network addresses with network mask, ALL, or LOCAL. Nowhere is it mentioned that other things can be in there, such as for cron is this the service name?#+ : root : cron crond :0 tty1 tty2 tty3 tty4 tty5 tty6
P.S. The example line above is also pretty bad since the :0 for X Windows contains a ':', which is also the field separator, so it makes it look like it's an additional undocumented forth field in the line, only adding more confusion to the undocumented use of 'cron crond'.
❧ Brian Mathis
@orev_______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list