HPE Community
Operating System - HP-UX
1833776 Members
2241 Online
110063 Solutions
New Discussion

Cron

 
SOLVED
Go to solution
Jayson B. Hurd
Advisor

‎07-12-2005 03:02 AM

‎07-12-2005 03:02 AM

Cron

Cron stopped running a particular user's jobs because its password had expired. They now run because I changed the password. What is the best way to keep this from happening again?
0 Kudos
Reply
12 REPLIES 12
TwoProc
Honored Contributor

‎07-12-2005 03:07 AM

‎07-12-2005 03:07 AM

Re: Cron

Maybe make it a root cron job that runs a script that calls an "su -c" command to run your user's job as your user. This would make the process get kicked off by root's cron list, the su command from root should succeed regardless of user password setting, and would run as the user himself with his/her file permissions so no additional risk would be brought to the system as far as I can see.
We are the people our parents warned us about --Jimmy Buffett
0 Kudos
Reply
Mel Burslan
Honored Contributor

‎07-12-2005 03:17 AM

‎07-12-2005 03:17 AM

Re: Cron

although it is not a good security practice, you can make an exception and set the user's password not to expire at all if this is very critical to run the cron jobs.
________________________________
UNIX because I majored in cryptology...
0 Kudos
Reply
Jayson B. Hurd
Advisor

‎07-12-2005 03:19 AM

‎07-12-2005 03:19 AM

Re: Cron

Where is this done?
0 Kudos
Reply
Pete Randall
Outstanding Contributor

‎07-12-2005 03:22 AM

‎07-12-2005 03:22 AM

Re: Cron

Jayson,

Take a look at "man modprpw".


Pete

Pete
0 Kudos
Reply
DCE
Honored Contributor

‎07-12-2005 03:24 AM

‎07-12-2005 03:24 AM

Re: Cron

If you are asking about John's suggestion:

in the root cron

*4*** su - oracle -c "some command"

An added benefit, you will have better control of which jobs run when (helps avoid conflicts with backup, batch prints,etc)

an added downside - you will be responsible for maintaining it, as it is now in root's cron job
0 Kudos
Reply
Mel Burslan
Honored Contributor

‎07-12-2005 03:30 AM

‎07-12-2005 03:30 AM

Re: Cron

Jayson,

As I am not sure if you are running a trusted or untrusted system, I can not tell you the command syntax but if you go to sam and go to user/group administration, and select this user from the list, then got to action menu item, you will see an item like set users security policies. Select that one and you will find the option you are looking for.

Hope this helps
________________________________
UNIX because I majored in cryptology...
0 Kudos
Reply
Jayson B. Hurd
Advisor

‎07-12-2005 03:31 AM

‎07-12-2005 03:31 AM

Re: Cron

Yikes, it's Solaris. HP is so much better for this!! Solaris is not my choice.
0 Kudos
Reply
Mel Burslan
Honored Contributor

‎07-12-2005 03:37 AM

‎07-12-2005 03:37 AM

Re: Cron

I am not knowledgable in solaris but I think in /etc/default/passwd the following lines exist:

MAXWEEKS=52
WARNWEEKS=2

which in this example means expire password in 52 weeks and give the user 2 weeks advance expiration warning. You can set this value of MAXWEEKS to something obscenely high or if it is like hpux, changing it to 0 may disable expiration totally.

something to investigate...
________________________________
UNIX because I majored in cryptology...
0 Kudos
Reply
Jayson B. Hurd
Advisor

‎07-12-2005 03:55 AM

‎07-12-2005 03:55 AM

Re: Cron

I see that in the file. However, I only want to change the policy for that one user...
0 Kudos
Reply
DCE
Honored Contributor

‎07-12-2005 03:59 AM

‎07-12-2005 03:59 AM

Re: Cron

If I remember right (at least in the hp world) the password entry for the user in /etc/password file (untrusted system),ends with comma followed by some characters. Delete the comma and following characters - this is the aging portion of the password
0 Kudos
Reply
Mel Burslan
Honored Contributor

‎07-12-2005 04:30 AM

‎07-12-2005 04:30 AM

Solution

Re: Cron

As I have indicated I am not even knowledgeable in solaris let alone being an expert but a little googling turned out a document like this:

Title:How to Set Password Aging on a User Account
http://docs.sun.com/app/docs/doc/817-1985/6mhm8o5lt?a=view

As I do not have a decent solaris box under my hand to test it, I hjave no clue if it will work or not, but you may want to glance thru it and see if it serves your purpose.
________________________________
UNIX because I majored in cryptology...
Reply
Cem Tugrul
Esteemed Contributor

‎07-12-2005 05:34 PM

‎07-12-2005 05:34 PM

Re: Cron

/usr/lbin/modprpw -v -m mintm=-1,exptm=-1,expwarn=-1,lftm=-1 $user
Our greatest duty in this life is to help others. And please, if you can't
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.