… which can be hard to spot, since in most places you never use root’s password anywhere (you “sudo su” to root using your user‘s password).
Today’s story:
- server has a logfile of several GB;
- head logfile shows it hasn’t been rotated in more than a year;
- running logrotate /etc/logrotate.conf manually works;
- /var/log/cron includes entries like:
Mar 22 14:10:01 xxxxxxxx crond[26561]: (root) PAM ERROR (Authentication token is no longer valid; new one required)
Mar 22 14:10:01 xxxxxxxx crond[26561]: (root) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
- chage -l root shows that its password has expired…
Now, why did root have password expiration enabled? It’s a mystery 🙂 — probably someone ran a script configuring password expiration for all users and forgot to add some exceptions to it, root among them. Anyway,
chage -E -1 -M -1 root ; passwd root
solved the problem. Hope this is useful. 🙂