Linux:authentication token is no longer valid
problem:
Authentication token is no longer valid; New one required
You (Zabbix) is not a allowed to access to (crontab) because of Pam configuration.
PAM Configuration
The/etc/pam.d/directory contain the PAM configuration files for each Pam-aware application. Each service has a file in THE/ETC/PAM.D which have the same name as the service.
For Instance, the Crond service Pam file is below:
[/etc/pam.d]$more crond
#
# The PAM configuration file for the cron daemon
#
#
# No PAM authentication called, auth modules not needed
account required pam_access.so
account include password-auth
session required pam_loginuid.so
session include password-auth
auth include password-auth
PAM Configuration File Format
Module_interface Control_flag module_name module_argument
< Span class= "PLN" >account required pam_access so
account include password - auth
Session Required Pam_loginuid so
session include password - auth
Auth include password - auth
Module_interface:
Auth: This module interface the authenticates use. For example, it request and verifies the validity of a password.
Account : This module interface verified whether, the access is allowed. For example, it check if a the user account had expired of if a user is allowed to log in at a partical time of day.
Password: This module INTERFCE are used to changing user passwords.
session: This module interface configure and manager user sessions.
PAN Control Flag
Required: The module result must is successful for authentication to continue. If The test fails at this point, the users won't be notified.
requisite: Unlike required,if the test fails, the user would be notified immediately with a message reflectin the F Irst failed required or requisite module test.
Optional: The result is ignored.
include: Unlike the other controls,it does isn't relate to how the module result is handled.
Solution
Because The Crond service must authenticate the user ' s password.
So we can check the user password information:
chage -l username
Last password change : May 05, 2016
Password expires : Nov 01, 2016
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 180
Number of days of warning before password expires : 30
If you find the password have expired, you can change the password and set the Maxdays to 9999.
password username:
Command : chage -M 9999 username
After this, you can check if the File/etc/shadow have updated the maxdays for the specified user. Just like this:
username:$6$EZ2LtFaZ$l6cUrKMIYW..37AStpjDYlal215FZg3NoKM0SgsUClsllKjVwkxsR4lFtWbNGvaGZkGwi5orqWziDMpfGGhvh/:17107:0:9999:30:::
After all, it'll be OK.
From for notes (Wiz)
Authentication token is no longer valid