[SOLVED] /etc/cron.d/debsecan generates error

The cron file /etc/cron.d/debsecan tries to run a command as user ‘daemon’:

22 * * * * daemon test -x /usr/bin/debsecan && /usr/bin/debsecan --cron

This is generating the following error:

22:22 pam_access(cron:account): access denied for user daemon' from cron’ CRON

How can this be corrected?

Please try creating a file /etc/security/access.d/my-debsecan.conf with the following contents:


I tried your version, and I also tried:
+:daemon:cron :0 tty1
Neither worked in access.d/.

However, when I put my version in /etc/security/access.conf, it did eliminate the error.

(I tried it both ways twice to verify that access.conf works, but access.d/my-debsecan.conf doesn’t.)

What distribution is this on? What is the version of libpam-modules?

I have a Pioneer Edition FreedomBox. You are running Debian GNU/Linux 10 (buster) and FreedomBox version 20.12. FreedomBox is up to date.

Package: libpam-ldapd
Version: 0.9.10-2

Package: libpam-modules
Version: 1.3.1-5

Package: libpam-modules-bin
Version: 1.3.1-5

Package: libpam-runtime
Version: 1.3.1-5

Package: libpam-systemd
Version: 241-7~deb10u4

Package: libpam0g
Version: 1.3.1-5

I was able to eliminate the error message with a .conf file in access.d by giving it higher precedence in the parsing order than the two files I found there.

dog@freedombox:/etc/security/access.d$ ls -l
total 12
-rw-r--r-- 1 root root 14 Sep 14 13:34 00my_freedombox.conf
-rw-r--r-- 1 root root 11 May 21 04:06 10freedombox-performance.conf
-rw-r--r-- 1 root root 48 Mar 18 18:58 50freedombox.conf
dog@freedombox:/etc/security/access.d$ cat 00my_freedombox.conf