Ok, here's the situation (you're welcome for the earworm):
I am running a multi-server RHEL 7 environment with SELinux enabled. Due to DoD STIG controls, I do not have root access, but I do have a few local accounts that I can sudo as to do the work on the servers. These local accounts have passwords set, but the accounts have been locked. Due to a STIG control, the account passwords cannot be set to not expire even though the accounts are locked.
The issue that I run into is that the passwords in the local accounts expire every 60 days which causes all the tasks scheduled via crontab to stop running and causes the following error to display when I try to run the crontab command:
You (localaccount) are not allowed to access to (crontab) because of
pam configuration.
Does anyone have any idea how I can get this fixed permanently? Currently, whenever the tasks stop working, I have to submit a ticket to have the Linux admins reset the password on each server (40+). This is less than optimal, to say the least.
Thanks in Advance!
Best Answer
Edit
/etc/pam.d/crondto change the line:to:
Cron jobs will now work for expired user accounts