Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

cannot su to <someone> in cron-job 1

Status
Not open for further replies.
woche

woche

Programmer
Jan 16, 2002
25
CH
hi
I'm trying to run a command through a cron-job. The command executes a REXX-Executable. I'm not quite sure &quot;who I am&quot; when I run the REXX as cron (->root?). Anyway, I try to set my environment variables to those required by running '.profile' at the beginning of my REXX. That didn't work, because REXX starts a new process for all environment commands and closes them afterwards - so '.profile' is ineffective for all following UNIX-commands. Then I tried to set the correct environment by specifying a 'su <someone> -c <command>'. I get the following message:
3004-501 Cannot su to &quot;<someone>&quot; : Authentication is denied. This someone is in the cron.allow - I have done other cron-jobs with this user, just never a REXX.

well, anyone still following an even got an idea?
thanks!
 
Sort by date Sort by votes
It sounds like you are not root when you try to su. Who's crontab is the cron job in? It needs to be in root's crontab.

crowe
 
Upvote 0 Downvote
That's correct, I'm UNIX-user 'wald' (belonging to groups security and dba). The job I'm trying to start is in the crontab of 'wald'.
My understanding was such, that when wald is in the cron.allow file, then he can submit any kind of cron-jobs which then will be executed with root-authority (because cron executes it's jobs as 'root'). Obviousely that's not the case.

Is there another possibility to submit my command in my (='wald') crontab file, without having to 'su' in the crontabfile and still being able to influence my environment-variables on UNIX?

thanks crowe for your help!

p.s.: I tried the '.profile' at the beginning of my REXX (didn't work - see above)
 
Upvote 0 Downvote
If your desired job can be run from root's crontab file, I believe you will get the desired results. Otherwise, you might inquire to see if ou have sudo installed on the system, if so sudo will allow you to &quot;be root&quot; for that one cron job.
The cron.allow file is just another layer of security for users who are allowed to use cron.

crowe
 
Upvote 0 Downvote
I guess that's the point: I didn't understand, that the cron.allow file was just another layer of security.

thanks a lot for your help
woche
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

E
  • Locked
  • Question
AIX Power5 on 5.3- On varyonvg error "cannot be varied on because no good copies of the descriptor area"
Replies
1
Views
419
JenLM
J
A
  • Locked
  • Question
Adding Existing LUN to New LPAR AIX
Replies
0
Views
370
Alvinghost
A
E
  • Locked
  • Question
9133 55A suddenly down
Replies
0
Views
295
emze
E
mar3i
  • Locked
  • Question
Cannot inrease var filesystem 1
Replies
2
Views
220
pa2nc
pa2nc
HariharanER
  • Locked
  • Question
Current versions are used in AIX
Replies
0
Views
301
HariharanER
HariharanER

Part and Inventory Search

Sponsor

Back
Top