今天一同事报告Linux服务器上的crontab作业没有运行,检查/var/log/cron日志后发现下面错误信息
Jan 19 16:30:01 xxxx crond[31399]: Authentication token is no longer valid; new one required
Jan 19 16:30:01 xxxx crond[31400]: Authentication token is no longer valid; new one required
Jan 19 16:30:01 xxxx crond[31401]: Authentication token is no longer valid; new one required
Jan 19 16:30:01 xxxx crond[31398]: Authentication token is no longer valid; new one required
Jan 19 16:30:01 xxxx crond[31400]: CRON (oracle) ERROR: failed to open PAM security session: Success
Jan 19 16:30:01 xxxx crond[31400]: CRON (oracle) ERROR: cannot set security context
Jan 19 16:30:01 xxxx crond[31401]: CRON (oracle) ERROR: failed to open PAM security session: Success
Jan 19 16:30:01 xxxx crond[31401]: CRON (oracle) ERROR: cannot set security context
Jan 19 16:30:01 xxxx crond[31402]: Authentication token is no longer valid; new one required
Jan 19 16:30:01 xxxx crond[31398]: CRON (root) ERROR: failed to open PAM security session: Success
Jan 19 16:30:01 xxxx crond[31399]: CRON (oracle) ERROR: failed to open PAM security session: Success
Jan 19 16:30:01 xxxx crond[31402]: CRON (oracle) ERROR: failed to open PAM security session: Success
Jan 19 16:30:01 xxxx crond[31398]: CRON (root) ERROR: cannot set security context
Jan 19 16:30:01 xxxx crond[31399]: CRON (oracle) ERROR: cannot set security context
Jan 19 16:30:01 xxxx crond[31402]: CRON (oracle) ERROR: cannot set security context
Jan 19 16:35:01 xxxx crond[31431]: Authentication token is no longer valid; new one required
Jan 19 16:35:01 xxxx crond[31431]: CRON (oracle) ERROR: failed to open PAM security session: Success
Jan 19 16:35:01 xxxx crond[31431]: CRON (oracle) ERROR: cannot set security context
恰好出现问题前,我在这台服务器上用chage命令设置了root、oracle等账号的密码过期策略。导致该账号oracle密码过期(Password expires),所以出现"Authentication token is no longer valid; new one required"等这类错误信息。
解决方案:
1:用SecureCRT以oracle用户登录系统,修改账号密码后,这个权限认证问题立马解决。
2:使用chage命令让对应账号密码永不过期。当然一般不建议使用该策略解决问题。