Cron fails to execute on Ubuntu images.

Problem:

Cron jobs are unable to execute on Ubuntu-based EC2 images.


Symptoms:

The following messages appear in /var/log/syslog:

Mar 21 08:17:01 ip-172-31-42-94 CRON[2030]: Permission denied
Mar 21 08:28:01 ip-172-31-42-94 cron[2030]: Permission denied

And in /var/log/auth.log:

Mar 21 08:17:01 ip-172-31-42-94 CRON[2030]: PAM bad jump in stack
Mar 21 09:17:01 ip-172-31-42-94 CRON[2232]: PAM bad jump in stack

Cause:

There is an error in the /etc/pam.d/common-auth file that is causing the PAM authentication stack to get corrupted in certain use cases.  This is a result of the PKCS#11 modules that are installed as a part of the operating system baselining process.


Solution:

Remove or comment out the last line in /etc/pam.d/common-auth:

ubuntu@ip-172-31-42-94:~$ sudo su -
root@ip-172-31-42-94:~# grep -v pam_pkcs11.so /etc/pam.d/common-auth > /etc/pam.d/common-auth.new
root@ip-172-31-42-94:~# mv /etc/pam.d/common-auth /etc/pam.d/common-auth.old && mv /etc/pam.d/common-auth.new /etc/pam.d/common-auth
root@ip-172-31-42-94:~# tail -3 /etc/pam.d/common-auth
# end of pam-auth-update config
auth required pam_faildelay.so delay=4000000
auth required pam_tally2.so onerr=fail deny=3


This issue will be corrected in subsequent AMI releases.

¿Te ha solucionado tu duda?