[Bug 27520] Re: cron daemon caches user-non-existent lookup results, causing "ORPHAN" message and skipping jobs for all LDAP/NIS-defined users

Barry Warsaw 27520 at bugs.launchpad.net
Fri Feb 24 17:21:13 UTC 2012 

All three uploads are sponsored now.

** Changed in: cron (Ubuntu Lucid)
       Status: In Progress => Fix Committed

** Changed in: cron (Ubuntu Maverick)
       Status: In Progress => Fix Committed

** Changed in: cron (Ubuntu Natty)
       Status: In Progress => Fix Committed

** Changed in: cron (Ubuntu Lucid)
    Milestone: None => lucid-updates

** Changed in: cron (Ubuntu Maverick)
    Milestone: None => maverick-updates

** Changed in: cron (Ubuntu Natty)
    Milestone: None => natty-updates

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/27520

Title:
  cron daemon caches user-non-existent lookup results, causing "ORPHAN"
  message and skipping jobs for all LDAP/NIS-defined users

Status in “cron” package in Ubuntu:
  Fix Released
Status in “cron” source package in Lucid:
  Fix Committed
Status in “cron” source package in Maverick:
  Fix Committed
Status in “cron” source package in Natty:
  Fix Committed
Status in “cron” package in Debian:
  Fix Released

Bug description:
  == SRU Justification ==

  * Impact: users being defined on remote user databases such as LDAP
  will not be able to access to their cron jobs and these will be marked
  as orphaned unless cron is restarted. The impact is severe for users
  relying on cron and using LDAP.

  * Fix:
    The fix was implemented in Fedora's cronie. It implements a list orphan which allows to describe jobs as being orphaned or not depending on whether the owner is found or not.

  * Test case: 
    How to reproduce:
       1. Setup an LDAP remote directory and add a user to test.
       2. Create a crontab for this user with some jobs.
       3. When a reboot happens, this user will have its jobs orphaned.
    Expected results:
       - the cron table is read and jobs are to be executed when required.
    Actual results:
       - the cron table / jobs are marked as orphaned.

  * Regression potential: very minimal, the fix only adds a list adding
  a new description to the jobs, these are described as orphans and are
  checked when necessary.

  * Original bug description:

  We had a server which was happily running Hoary. It authenticated to our AD2003
  domain using winbind, and winbind was in the nsswitch.conf. However, after
  upgrading to Breezy, cron no longer works properly, in that it doesn't respect
  accounts from winbind as being valid accounts. My logs are filling up with
  messages like:

  Dec 22 09:52:01 thorin /usr/sbin/cron[28207]: (user1) ORPHAN (no passwd entry)
  Dec 22 09:52:01 thorin /usr/sbin/cron[28207]: (user2) ORPHAN (no passwd entry)
  Dec 22 09:55:01 thorin /usr/sbin/cron[28207]: (user3) ORPHAN (no passwd entry)
  Dec 22 09:55:01 thorin /usr/sbin/cron[28207]: (user4) ORPHAN (no passwd entry)

  If you do "id user1", their information shows up perfectly fine, so it seems
  like cron has been changed to not respect this source of information.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cron/+bug/27520/+subscriptions

More information about the Ubuntu-sponsors mailing list