I noticed for some time now on solaris 8 whenever our root or oracle password expires after 12 weeks the cronjob for the expired user will totally stop working, it will start working again once the password has been changed.
I wonder if anybody encountered this problem and knows of a fix other than extending expiry period.
this is the /var/cron/log
! bad user (oracle) Fri Feb 2 08:00:00 2007
< oracle 3769 c Fri Feb 2 08:00:00 2007 rc=1
this is the /etc/default/passwd #ident "@(#)passwd.dfl 1.3 92/07/14 SMI"
MAXWEEKS=12
MINWEEKS=1
PASSLENGTH=8
Actually I have wondered why Solaris does this for some time. Thanks to Open Solaris I can find the answer. It seems that Sun modified cron to use PAM and introduced this behavior in the process. So I suppose that you could probably write your own PAM module to allow expired users to run cronjobs.
it is not actually a problem, it was designed to run that way. Best way to get around it would turn the password policy off for root to reset every 12 weeks.
Why would you want expired accounts to have access to run things?