Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 246396 - CRON chdir(HOME) failed: (Permission denied)
CRON chdir(HOME) failed: (Permission denied)
Product: Fedora
Classification: Fedora
Component: vixie-cron (Show other bugs)
All Linux
low Severity urgent
: ---
: ---
Assigned To: Marcela Mašláňová
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2007-07-01 14:48 EDT by Julien Dumont
Modified: 2007-11-30 17:12 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-07-02 06:29:42 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Julien Dumont 2007-07-01 14:48:13 EDT
Description of problem:

On Fedore Releases 7, It's impossible for an user to run a job by cron when his
home directory is set to 700 ( drwx------ )
It was working on Fedora Core 6.

error reported in /var/log/cron :

Jul  1 20:16:01 XXXX crond[16131]: (CRON) chdir(HOME) failed: (Permission denied)
Jul  1 20:16:01 XXXX crond[16131]: (CRON) /home/yyyy (Permission denied)
Jul  1 20:16:01 XXXX crond[16131]: CRON (yyyy) ERROR: failed to open PAM
security session: Permission denied
Jul  1 20:16:01 XXXX crond[16131]: CRON (yyyy) ERROR: cannot set security context

Version-Release number of selected component (if applicable):

[root@gXXXX ]# rpm -q --qf "%{SOURCERPM}\n" -f /usr/sbin/crond

Steps to Reproduce:
1. chmod 700 user's homedir
2. create a cron for this user ( every minutes for examples )
3. look error reported in /var/log/cron
Actual results:
cron job not running

Expected results:
Cron job running

Additional info:

After some search on it, I found several links about this bugs.

It seems to be introduced by the vixie-cron-4.1-_60-SELinux-contains-range.patch
according to ( http://bugs.centos.org/view.php?id=2101 )
Comment 1 Julien Dumont 2007-07-01 15:25:16 EDT
I forget to mention something, in my case, selinux is totaly disable.

[root@gXXXX ]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - SELinux is fully disabled.
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.

# SETLOCALDEFS= Check local definition changes
Comment 2 Marcela Mašláňová 2007-07-02 06:29:42 EDT
Thanks for suggestion, fixed in devel, I'll update F-7 soon.

Note You need to log in before you can comment on or make changes to this bug.