apparmor.d icon indicating copy to clipboard operation
apparmor.d copied to clipboard
verified publisher icon roddhjav

crontab cannot be edited by user

Open Stoppedpuma opened this issue 1 year ago • 0 comments

crontab -e cannot be used by the user and will spit the following error:

You (user) are not allowed to access to (crontab) because of pam configuration.

DENIED crontab open owner /etc/security/access.conf comm=crontab requested_mask=r denied_mask=r DENIED crontab capable comm=crontab capability=12 capname=net_admin DENIED crontab open owner /etc/login.defs comm=crontab requested_mask=r denied_mask=r DENIED crontab exec owner @{bin}/unix_chkpwd comm=crontab requested_mask=x denied_mask=x DENIED crontab open owner /etc/security/time.conf comm=crontab requested_mask=r denied_mask=r DENIED crontab create comm=crontab family=netlink sock_type=raw protocol=9 requested_mask=create denied_mask=create

Complain logs: ALLOWED crontab open owner /etc/security/access.conf comm=crontab requested_mask=r denied_mask=r ALLOWED crontab capable comm=crontab capability=12 capname=net_admin ALLOWED crontab open owner /etc/login.defs comm=crontab requested_mask=r denied_mask=r ALLOWED crontab exec owner @{bin}/unix_chkpwd -> crontab//null-@{bin}/unix_chkpwd comm=crontab requested_mask=x denied_mask=x ALLOWED crontab//null-@{bin}/unix_chkpwd file_mmap owner @{bin}/unix_chkpwd comm=unix_chkpwd requested_mask=r denied_mask=r ALLOWED crontab//null-@{bin}/unix_chkpwd open owner @{PROC}/sys/kernel/cap_last_cap comm=unix_chkpwd requested_mask=r denied_mask=r ALLOWED crontab//null-@{bin}/unix_chkpwd getattr owner /etc/nsswitch.conf comm=unix_chkpwd requested_mask=r denied_mask=r ALLOWED crontab//null-@{bin}/unix_chkpwd getattr owner / comm=unix_chkpwd requested_mask=r denied_mask=r ALLOWED crontab//null-@{bin}/unix_chkpwd open owner /etc/nsswitch.conf comm=unix_chkpwd requested_mask=r denied_mask=r ALLOWED crontab//null-@{bin}/unix_chkpwd open owner /etc/passwd comm=unix_chkpwd requested_mask=r denied_mask=r ALLOWED crontab//null-@{bin}/unix_chkpwd getattr owner /etc/passwd comm=unix_chkpwd requested_mask=r denied_mask=r ALLOWED crontab//null-@{bin}/unix_chkpwd open owner /etc/shadow comm=unix_chkpwd requested_mask=r denied_mask=r ALLOWED crontab//null-@{bin}/unix_chkpwd getattr owner /etc/shadow comm=unix_chkpwd requested_mask=r denied_mask=r ALLOWED crontab open owner /etc/security/time.conf comm=crontab requested_mask=r denied_mask=r ALLOWED crontab create comm=crontab family=netlink sock_type=raw protocol=9 requested_mask=create denied_mask=create ALLOWED crontab sendmsg comm=crontab family=netlink sock_type=raw protocol=9 requested_mask=send denied_mask=send ALLOWED crontab capable comm=crontab capability=29 capname=audit_write ALLOWED crontab recvmsg comm=crontab family=netlink sock_type=raw protocol=9 requested_mask=receive denied_mask=receive ALLOWED crontab open owner /etc/security/pam_env.conf comm=crontab requested_mask=r denied_mask=r ALLOWED crontab open owner /etc/environment comm=crontab requested_mask=r denied_mask=r ALLOWED crontab capable comm=crontab capability=2 capname=dac_read_search ALLOWED crontab open /var/spool/cron/user comm=crontab requested_mask=r denied_mask=r ALLOWED crontab mknod owner /tmp/crontab.hJ6tur comm=crontab requested_mask=c denied_mask=c ALLOWED crontab open owner /tmp/crontab.hJ6tur comm=crontab requested_mask=wrc denied_mask=wrc ALLOWED crontab exec @{bin}/nvim -> crontab//null-@{bin}/nvim comm=sh requested_mask=x denied_mask=x ALLOWED crontab//null-@{bin}/nvim file_inherit owner /tmp/crontab.hJ6tur comm=nvim requested_mask=wr denied_mask=wr ALLOWED crontab//null-@{bin}/nvim file_mmap @{bin}/nvim comm=nvim requested_mask=r denied_mask=r ALLOWED crontab//null-@{bin}/nvim open @{lib}/lua/5.1/lpeg.so comm=nvim requested_mask=r denied_mask=r ALLOWED crontab//null-@{bin}/nvim getattr @{lib}/lua/5.1/lpeg.so comm=nvim requested_mask=r denied_mask=r ALLOWED crontab//null-@{bin}/nvim file_mmap @{lib}/lua/5.1/lpeg.so comm=nvim requested_mask=rm denied_mask=rm ALLOWED crontab//null-@{bin}/nvim getattr /usr/share/nvim/runtime/ comm=nvim requested_mask=r denied_mask=r ALLOWED crontab//null-@{bin}/nvim getattr @{lib}/nvim/ comm=nvim requested_mask=r denied_mask=r ALLOWED crontab//null-@{bin}/nvim getattr owner @{user_state_dirs}/nvim/ comm=nvim requested_mask=r denied_mask=r ALLOWED crontab//null-@{bin}/nvim open owner @{user_state_dirs}/nvim/log comm=nvim requested_mask=ac denied_mask=ac ALLOWED crontab//null-@{bin}/nvim getattr owner /tmp/crontab.hJ6tur comm=nvim requested_mask=r denied_mask=r ALLOWED crontab//null-@{bin}/nvim exec @{bin}/nvim -> crontab//null-@{bin}/nvim//null-@{bin}/nvim comm=nvim requested_mask=x denied_mask=x

Stoppedpuma avatar Jul 25 '24 15:07 Stoppedpuma