몇 달 동안 방치한 후 루트 계정에서 SSH를 통해 일부 유지 관리를 수행했습니다. 나는 그것을 종료했다가 시작한 후 나는루트 계정에 로그인할 수 없습니다tty 또는 ssh를 통해. 다행스럽게도,스도 님의 작품내 사용자 계정을 통해 루트 작업을 수행합니다. 가지다설치는 특별한 것이 없습니다. 말하자면, 기본적으로 작동합니다. 루트는 로컬 인증을 사용합니다.
먼저 루트 비밀번호를 변경해 보았습니다. 비밀번호 변경도 성공했습니다.루트 계정에 대해 인증with: authconfig --test, sudo/su 외부의 루트 비밀번호가 필요합니다.
권한 재설정및 소유자/그룹rpm -a --setperms coreutils
PAM 디버깅존재하다 pam_succeed_if.so. 이것은 pam 디버그 플래그를 사용하여 마지막으로 중단된 세션입니다.
Jul 27 18:29:18 mrwizard sshd[2054]: Server listening on 0.0.0.0 port 22.
Jul 27 18:29:18 mrwizard sshd[2054]: Server listening on :: port 22.
Jul 27 18:32:51 mrwizard login: pam_succeed_if(login:session): 'service' resolves to 'login'
Jul 27 18:32:51 mrwizard login: pam_succeed_if(login:session): requirement "service in crond" not met by user "root"
Jul 27 18:32:51 mrwizard login: pam_unix(login:session): session opened for user root by LOGIN(uid=0)
Jul 27 18:32:51 mrwizard login: ROOT LOGIN ON tty1
Jul 27 18:32:52 mrwizard login: pam_succeed_if(login:session): 'service' resolves to 'login'
Jul 27 18:32:52 mrwizard login: pam_succeed_if(login:session): requirement "service in crond" not met by user "root"
Jul 27 18:32:52 mrwizard login: pam_unix(login:session): session closed for user root
Jul 27 18:32:56 mrwizard login: pam_succeed_if(login:session): 'service' resolves to 'login'
Jul 27 18:32:56 mrwizard login: pam_succeed_if(login:session): requirement "service in crond" not met by user "root"
requirement "service in crond" TMI는 평범해 보이는데
// 요청대로:
Jul 27 18:29:27 mrwizard crond[2271]: (CRON) STARTUP (1.4.4)
Jul 27 18:29:27 mrwizard crond[2271]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 34% if used.)
Jul 27 18:29:27 mrwizard crond[2271]: (CRON) INFO (running with inotify support)
Jul 27 18:30:01 mrwizard CROND[2479]: (root) CMD (/usr/lib/sa/sa1 1 1)
Jul 27 18:40:01 mrwizard CROND[5021]: (root) CMD (/usr/lib/sa/sa1 1 1)
Jul 27 18:50:01 mrwizard CROND[7503]: (root) CMD (/usr/lib/sa/sa1 1 1)
Jul 27 19:00:01 mrwizard CROND[10985]: (root) CMD (/usr/lib/sa/sa1 1 1)
Jul 27 19:01:01 mrwizard CROND[11232]: (root) CMD (run-parts /etc/cron.hourly)
Jul 27 19:01:01 mrwizard run-parts(/etc/cron.hourly)[11232]: starting 0anacron
Jul 27 19:01:01 mrwizard run-parts(/etc/cron.hourly)[11241]: finished 0anacron
Jul 27 19:10:01 mrwizard CROND[13425]: (root) CMD (/usr/lib/sa/sa1 1 1)
Jul 27 19:20:01 mrwizard CROND[16899]: (root) CMD (/usr/lib/sa/sa1 1 1)
Jul 27 19:30:01 mrwizard CROND[19324]: (root) CMD (/usr/lib/sa/sa1 1 1)
Jul 27 19:40:01 mrwizard CROND[21719]: (root) CMD (/usr/lib/sa/sa1 1 1)
Jul 28 18:14:45 mrwizard crond[2317]: (CRON) STARTUP (1.4.4)
Jul 28 18:14:45 mrwizard crond[2317]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 45% if used.)
Jul 28 18:14:45 mrwizard crond[2317]: (CRON) INFO (running with inotify support)
$ cat /etc/pam.d/crond
# The PAM configuration file for the cron daemon
# No PAM authentication called, auth modules not needed
account required pam_access.so
account include password-auth
session required pam_loginuid.so
session include password-auth
auth include password-auth