Date: Mon, 23 Apr 2012 19:50:59 -0700 From: Tim Gustafson <tjg@tgustafson.com> To: freebsd-questions@freebsd.org Subject: Cron Problems Message-ID: <CACMcHMcOV%2Btdaz1UKCrttHhu8DAhjPDSVC-93SXMCB%2B033BDfQ@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
I've recently installed a FreeBSD 9.0 jail server, and inside each of my jails I am getting the following errors in my log about every 5 minutes: cron[7635]: NSSWITCH(_nsdispatch): ldap, group, setgrent, not found, and no fallback provided cron[7635]: NSSWITCH(_nsdispatch): ldap, group, getgrent_r, not found, and no fallback provided cron[7635]: NSSWITCH(_nsdispatch): ldap, group, endgrent, not found, and no fallback provided cron[7635]: NSSWITCH(_nsdispatch): ldap, passwd, endpwent, not found, and no fallback provided /usr/sbin/cron[7673]: (CRON) WARNING (madvise() failed) I'm using nss_ldap and pam_ldap on these systems, so I suspect and error in my /etc/pam.d configuration or my nsswitch.conf configuration. I've added some configuration to /etc/pam.d/sshd and /etc/pam.d/other but have left the other files unmolested. Now, this seems like an nsswitch problem, but my nsswitch.conf is fairly straightforward: group: files ldap hosts: files dns networks: files passwd: files ldap shells: files services: files protocols: files rpc: files I'm able to get user ID information without a problem using "id" or "finger". Authentication is working. LDAP groups are working. Pretty much everything seems like it ought to work, except for those error messages. I don't think this is a PAM issue, but just in case, here's my /etc/pam.d/sshd: auth sufficient /usr/local/lib/pam_ldap.so auth required pam_unix.so account required pam_nologin.so account required pam_login_access.so account required pam_unix.so session required pam_permit.so password required pam_unix.so no_warn try_first_pass And here is /etc/pam.d/other: auth sufficient /usr/local/lib/pam_ldap.so auth required pam_unix.so no_warn try_first_pass account required pam_nologin.so account required pam_login_access.so account required pam_unix.so session required pam_permit.so password required pam_permit.so I note that there is an /etc/pam.d/cron but it's not clear to me what I might add to this file, as it is quite different than the others: account required pam_nologin.so account required pam_unix.so So, what am I missing? -- Tim Gustafson tjg@tgustafson.com http://tgustafson.com/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CACMcHMcOV%2Btdaz1UKCrttHhu8DAhjPDSVC-93SXMCB%2B033BDfQ>