October 13, 2012
CRON ERROR: failed to open PAM security session: Protocol not supported
Got an interesting report of an error on one of our servers. I was told crons for a user account on our server weren’t running. I tailed the cron log (/var/log/cron) and came to find these errors:
Oct 13 06:32:01 secure crond[4558]: CRON (clients) ERROR: failed to open PAM security session: Protocol not supported Oct 13 06:32:01 secure crond[4558]: CRON (clients) ERROR: cannot set security context
I’ve never seen the error before. I dug around in various PAM and related security configs, but didn’t see any issues. I then wanted to run the cron manually via the user, and tried to sudo down into the user’s account.
[root@secure~]# sudo su - clients Too many logins for 'clients'. could not open session [root@secure~]#
There is the problem! Cron can’t run because two techs were logged into the ‘clients’ user account and it was being limited. In this case I decided to bump the limit to 5 users. Here is what I did:
[root@secure~]# nano -w /etc/security/limits.conf
Now I added the following line:
clients hard maxlogins 5
The crons were now running, problem solved.