On a new Centos5 installation I was having trouble with my logging failing to run.
I eventually found the reason in /var/log/secure:
Jun 26 16:36:01 nepenthes crond[5737]: pam_access(crond:account): access denied for user `zimbra' from `cron'
Jun 26 16:36:01 nepenthes crond[5737]: pam_unix(crond:session): session closed for user zimbra
It ties into the fact that we use pam_access to keep "regular" users from logging into our servers with ssh. The issue can be solved by simply removing
Code:
account required pam_access.so
from /etc/pam.d/crond
It may be specific to our configuration, but just in case it isn't I wanted to document it here.