Thursday, October 27, 2011

cron jobs - aged passwords

I've never happened to use a linux account with a periodical password change policy before.  I logged in, I was asked to change my password, and realized  one cron job didn't  execute at the scheduled time. First thing that came to mind, was that password expiration issue, and it makes absolute sense to prevent automatic actions from an "invalid" user from taking place.

http://www.unix.com/solaris/34987-cronjob-dies-when-user-password-expires.html

So, as I intent to forget about that cron job once the performance monitoring stage is over, the easiest way is to edit the crontable of the root user , rather than dropping the policy that was set there for a reason.

Though knowing how to do it should the necessity arise, won't kill anybody.

http://www.thegeekstuff.com/2009/04/chage-linux-password-expiration-and-aging/

Whether I agree with the password expiration policy is not an issue, I'm not happy scheduling the job as root either but I least I won't be invalidating a policy that was adopted for security reasons, provided the person entitled with the system admin role knows what is doing.

Grasping more insights into the cron environment:

http://www.rahul.net/raithel/MyBackPages/crontab.html

 

No comments:

Post a Comment