Authentication token is no longer valid

Linux: Authentication token is no longer valid

Problem:

Authentication token is no longer valid; new one required

You (zabbix) are not allowed to access to (crontab) because of pam configuration.

PAM Configuration

The /etc/pam.d/ directory contain the PAM configuration files for each PAM-aware application.Each service has file in the /etc/pam.d which has the same name as the service.

For Instance, the crond service pam file is below:

  1. [/etc/pam.d]$more crond
  2. #
  3. # The PAM configuration file for the cron daemon
  4. #
  5. #
  6. # No PAM authentication called, auth modules not needed
  7. account required pam_access.so
  8. account include password-auth
  9. session required pam_loginuid.so
  10. session include password-auth
  11. auth include password-auth

PAM Configuration File Format

Module_interface control_flag module_name module_argument

  1. account required pam_access.so
  2. account include password-auth
  3. session required pam_loginuid.so
  4. session include password-auth
  5. auth include password-auth

Module_interface:

auth: This module interface authenticates use. For example, it request and verifies the validity of a password.

account: This module interface verified whether the access is allowed. For example, it check if a user account has expired of if a user is allowed to log in at a partical time of day.

password: This module interfce is used to changing user passwords.

session:This module interface configure and manager user sessions.

PAN Control Flag

required:The module result must be successful for authentication to continue. If the test fails at this point, the users will not be notified.

requisite:Unlike required,if the test fails, the user will be notified immediately with a message reflectin the first failed required or requisite module test.

optional:The result is ignored.

include:Unlike the other controls,it does not relate to how the module result is handled.

Solution

Because the crond service must authenticate the user’s password.

So we can check the user password information:

  1. chage -l username
  2. Last password change : May 05, 2016
  3. Password expires : Nov 01, 2016
  4. Password inactive : never
  5. Account expires : never
  6. Minimum number of days between password change : 0
  7. Maximum number of days between password change : 180
  8. Number of days of warning before password expires : 30

If you find the password has expired, you can change the password and set the maxdays to 9999.

  1. password username:
  2. Command : chage -M 9999 username

After that ,you can check if the file /etc/shadow has updated the maxdays for the specified user.Just like this:

  1. username:$6$EZ2LtFaZ$l6cUrKMIYW..37AStpjDYlal215FZg3NoKM0SgsUClsllKjVwkxsR4lFtWbNGvaGZkGwi5orqWziDMpfGGhvh/:17107:0:9999:30:::

After all, it will be ok.

来自为知笔记(Wiz)

时间: 2024-11-11 18:57:13

Authentication token is no longer valid的相关文章

解决passwd: Authentication token manipulation error

passwd 命令修改用户密码出现passwd: Authentication token manipulation error 今天,在测试用户文件属性的时候,修改用户密码发现报此错误. 百度上搜结果: /etc/passwd 文件被锁定 /etc/passwd  /etc/shadow 文件不同步 磁盘空间不足 inode 满了 /etc/pam.d/passwd 相关动态库文件问题 结果,我都试过了,最后发现问题了,我之前不小心把 /etc/pam.d/文件夹内容全部删除过,后来进入恢复模

【iOS】The identity used sign the executable is no longer valid.

之前就遇到过这个问题,如图: 今天又遇到了,证书过期的问题. 需要访问苹果开发者的官网 http://developer.apple.com 来解决. 参考:How to fix “The identity used to sign the executable is no longer valid” error in Xcode 待完善...

passwd:Authentication token问题处理

今天在整理服务器的时候突然有程序员给我说他的ftp的账号连接不上,于是就连上服务器找了一圈都正常啊,奇怪是不是账号密码错了于是就用程序员的账号在自己的电脑上试了下,哎呀我去 530 Login incorrect 这个错误不是就是账号密码错误嘛,于是也去上网看了下,网上说各种修改ftp的方法,看了下和我的都一样啊没错啊,不管啦就去重置密码结果在用passwd命令的时候报错了 passwd:Authentication token 怎么回事呢,后来想了下平时有的时候为了方便修改账号的信息都是直接改

authentication token manipulation error

用户服务器中修改密码,输入passwd命令后,报错authentication token manipulation error 发生该错误原因是: 1.分区没有空间导致. 2./etc/passwd 和/etc/shadow不同步 同步/etc/passwd 和/etc/shadow出错 #pwconv pwconv: cannot open /etc/shadow 隐藏属性,是不是你干的?? 执行以下命令: chattr -i /etc/passwd 我会说这样一下就好了嘛

ORA-00980:synonym translation is no longer valid

今天要把测试环境DB的数据更新成最新Production环境的数据,期间发生了一些问题: 1.首先从正式环境exp出想要用户的dmp档 2.drop掉测试环境底下相应用户 3.create测试环境底下相应用户 4.imp 正式环境导出的dmp档 5.在测试环境底下explain plan sql时报:ORA-00980: synonym translation is no longer valid 用以下语句查下失效的synonym select 'drop '        || decode

Xcode真机调试失败:The identity used to sign the executable is no longer valid

在Xcode中突然好久没有使用真机调试了,今天使用真机的时候,出现如下的警告,并真机运行失败: The identity used to sign the executable is no longer valid. Please verify that your device's clock is proprtly set,and that your signing certificate is not expired.(0xE8008018). . 其实这个问题很简单,Xcode是告诉你的身

Authentication token manipulation error报错解决办法

Authentication token manipulation error报错解决办法 #参考http://blog.163.com/junwu_lb/blog/static/1916798920120103647199/ #参考https://www.zhukun.net/archives/5703

解决修改密码报错‘passwd:Authentication token’

 1.修改密码时报错: 错误信息:'passwd: Authentication token manipulation error' [[email protected] test]# echo '12345678' | passwd --stdin ning Changing password for user ning. passwd: Authentication token manipulation error  2.问题原因: 安全加固的时候修改了passwd.shadow 的权限导致

无法修改linux密码Authentication token manipulation error 问题解决

无法修改linux密码Authentication token manipulation error 问题解决 注:本人遇到同样问题,采用的7-8步骤OK. 同事修改linux root密码时出现错误passwd: Authentication token manipulation error发生该错误原因是:1.分区没有空间导致.2./etc/passwd 和/etc/shadow不同步但是这次上面两条却行不通,通过df查看根分区还有40%剩余. 1.尝试修改密码,出现错误# passwdCh