Bug 587345

Summary: pam_env cannot change PATH for a cronjob
Product: Red Hat Enterprise Linux 5 Reporter: Martin Poole <mpoole>
Component: vixie-cronAssignee: Marcela Mašláňová <mmaslano>
Status: CLOSED INSUFFICIENT_DATA QA Contact: qe-baseos-daemons
Severity: low Docs Contact:
Priority: low    
Version: 5.5CC: ktoyama
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-09-14 11:37:22 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Martin Poole 2010-04-29 16:29:42 UTC 
Description of problem:

The documentation for vixie-cron is unclear on the precise order in which environment variables are accumulated for jobs, and does not mention that certain variables cannot be set from pam_env.

Version-Release number of selected component (if applicable):

vixie-cron-4.1-77.el5_4.1.src.rpm
Comment 1 Martin Poole 2010-04-29 16:31:07 UTC 
For example, from cron(5) man pages (Debian):

 On  the  Debian GNU/Linux system, cron supports the pam_env module,
 and loads the environment specified  by  /etc/security/pam_env.conf.
 How-ever, the PAM setting do NOT override the settings described
 above nor any settings in the crontab file itself. Note in particular
 that if you want a PATH other than "/usr/bin:/bin", you will need to
 set it in the crontab file.
Comment 2 Martin Poole 2010-04-29 16:33:41 UTC 
For clarity the following is my analysis of the current environment generation.

For each crontab file it builds a default list of environment variables similar to the following.

SHELL=/bin/sh
HOME=/home/testuser
PATH=/usr/bin:/bin

It then overlays any environment variables declared in the source crontab file and then sets the two explicit values.

LOGNAME=testuser
USER=testuser

When it comes to running a specific job from a particular crontab file it calls the routine to read the pam environment, it then overlays the environment list built for the crontab above, and then when it finally execs the requested binary it provides this environment for the command.
Comment 6 RHEL Program Management 2010-08-09 19:09:09 UTC 
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.
Comment 11 RHEL Program Management 2011-05-31 13:17:55 UTC 
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.
Comment 12 Marcela Mašláňová 2011-09-14 11:37:22 UTC 
I'm not sure if this bug is only about documentation and if it is, what should be changed there. The problem might be fixed by errata for bug #541189.
Feel free to re-open this bug report if you are not satisfied with current release.