I just get Jun 24 21:00:00 [atd] Authentication failure in the logs. /etc/at/at.allow is non-existent, /etc/at/at.deny is untouched and does not contain my username. Reproducible: Always Steps to Reproduce: echo "command" | at <time> Actual Results: Job goes into queue, everything seems to be ok... but at <time> 'Authentication failure' gets logged, "command" doesn't get executed.
Looks like the new version detects and uses PAM. Following PAM-conf works for me. Taken from debian-subdir and modified for gentoo. I'm definitly *not* a PAM wizard, so plz, plz someone more knowingly really should have a look at this before inclusion! --- snip --- michael@azrael ~ $ cat /etc/pam.d/atd auth required pam_env.so auth include system-auth account include system-auth session include system-auth session required pam_limits.so --- snap ---
flameeyes, could you advise on the PAM config issue? thanks
pam_limits goes before the include, for session. For the rest it looks correct (for the little I know). If you need to add further prerequisites like being in a given group or stuff like that you'll need some extra lines. Make sure you got a pam USE flag to enable/disable the PAM support though, lots of people don't like that. As for the ebuild side, if anything links to pam_misc.so (with --as-needed enabled) then it should depend on >=sys-libs/pam-0.78 if it only links to libpam, then it's probably building with OpenPAM too so virtual/pam looks cool. To install the pamd file use the dopamd function from pam.eclass.
thanks flameeyes! a fix for this is at-3.1.10.2. please reopen if problem persists... thank you.