try su -l nobody and then updatedb
see what errors are dumped then.
On 3/9/06, Russell Kliese <russell@eminence.com.au> wrote:
> I have a problem with the find cron job inside a debian vserver.
>
> The find cron job runs the updatedb script as follows:
>
> #! /bin/sh
> #
> # cron script to update the `locatedb' database.
> #
> # Written by Ian A. Murdock <imurdock@debian.org> and
> # Kevin Dalley <kevin@aimnet.com>
>
> LOCALUSER="nobody"
> export LOCALUSER
> if [ -f /etc/updatedb.conf ]; then
> . /etc/updatedb.conf
> fi
>
> if getent passwd $LOCALUSER > /dev/null ; then
> cd / && nice -n ${NICE:-10} updatedb 2>/dev/null
> # cd / && updatedb 2>/dev/null
> else
> echo "User $LOCALUSER does not exist."
> exit 1
> fi
>
> The updatedb script tries to su to the nobody user, but this fails with
> the following messages logged in /var/log/auth.log
>
> Mar 10 14:55:02 secure su[26501]: + pts/1 root:nobody
> Mar 10 14:55:02 secure su[26501]: (pam_unix) session opened for user
> nobody by root(uid=0)
> Mar 10 14:55:02 secure su[26501]: pam_open_session: Permission denied
>
>
> If I comment in the line with the # in the above script (and comment out
> the line above), things work fine (i.e. I don't get the
> "pam_open_session: Permission denied" logged in the auth.log). So it
> seems to be something to do with nice. Note that even if I remove the
> "-n ${NICE:-10}" things still don't work.
>
> Would enabling CAP_SYS_NICE help in this case even though a lower
> priority is being set? Or is there something else causing this problem?
>
> Cheers,
>
> Russell Kliese
> --
>
> <http://www.eminence.com.au/> Eminence Technology Pty Ltd
> PO Box 118, Moorooka QLD 4105
> Web: www.eminence.com.au <http://www.eminence.com.au/>
> Ph: +61-7-3277-4100
> Fax: +61-7-3105-7484
>
> _______________________________________________
> Vserver mailing list
> Vserver@list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
>
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
Received on Fri Mar 10 08:42:41 2006