cron not honoring pam_group.so groups
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cron (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
When a job is invoked from cron and the pam_group.so is configured to add supplementary groups it DOES NOT work as expected.
pam_group should provide membership based /etc/security/
After some tests I've compiled pam_group.so in DEBUG and I can confirm that pam_setcred in being called by cron and the module is adding the expected groups membership.
Then, checking do_command.c of cron I found there is need to call pam_setcred(pamh, PAM_REINITIALIZ
the final patch should be something like
#if defined(USE_PAM)
if (pamh != NULL) {
}
#endif
ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: cron 3.0pl1-136ubuntu1
ProcVersionSign
Uname: Linux 5.4.0-65-generic x86_64
ApportVersion: 2.20.11-
Architecture: amd64
CasperMD5CheckR
Date: Mon Mar 1 15:49:42 2021
InstallationDate: Installed on 2021-01-21 (39 days ago)
InstallationMedia: Ubuntu-Server 20.04.1 LTS "Focal Fossa" - Release amd64 (20200731)
ProcEnviron:
TERM=xterm
PATH=(custom, no user)
XDG_RUNTIME_
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: cron
UpgradeStatus: No upgrade log present (probably fresh install)