Bug 246396 - CRON chdir(HOME) failed: (Permission denied)
Summary: CRON chdir(HOME) failed: (Permission denied)
Alias: None
Product: Fedora
Classification: Fedora
Component: vixie-cron (Show other bugs)
(Show other bugs)
Version: 7
Hardware: All Linux
Target Milestone: ---
Assignee: Marcela Mašláňová
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2007-07-01 18:48 UTC by Julien Dumont
Modified: 2007-11-30 22:12 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-07-02 10:29:42 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Julien Dumont 2007-07-01 18:48:13 UTC
Description of problem:

On Fedore Releases 7, It's impossible for an user to run a job by cron when his
home directory is set to 700 ( drwx------ )
It was working on Fedora Core 6.

error reported in /var/log/cron :

Jul  1 20:16:01 XXXX crond[16131]: (CRON) chdir(HOME) failed: (Permission denied)
Jul  1 20:16:01 XXXX crond[16131]: (CRON) /home/yyyy (Permission denied)
Jul  1 20:16:01 XXXX crond[16131]: CRON (yyyy) ERROR: failed to open PAM
security session: Permission denied
Jul  1 20:16:01 XXXX crond[16131]: CRON (yyyy) ERROR: cannot set security context

Version-Release number of selected component (if applicable):

[root@gXXXX ]# rpm -q --qf "%{SOURCERPM}\n" -f /usr/sbin/crond

Steps to Reproduce:
1. chmod 700 user's homedir
2. create a cron for this user ( every minutes for examples )
3. look error reported in /var/log/cron
Actual results:
cron job not running

Expected results:
Cron job running

Additional info:

After some search on it, I found several links about this bugs.

It seems to be introduced by the vixie-cron-4.1-_60-SELinux-contains-range.patch
according to ( http://bugs.centos.org/view.php?id=2101 )

Comment 1 Julien Dumont 2007-07-01 19:25:16 UTC
I forget to mention something, in my case, selinux is totaly disable.

[root@gXXXX ]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - SELinux is fully disabled.
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.

# SETLOCALDEFS= Check local definition changes

Comment 2 Marcela Mašláňová 2007-07-02 10:29:42 UTC
Thanks for suggestion, fixed in devel, I'll update F-7 soon.

Note You need to log in before you can comment on or make changes to this bug.