Cron: ERROR: failed to open PAM security session

This issue is related to PAM not authenticating the users correctly anymore because of a few possible modifications, or something got screwed up on your server.

If you get this error you may wan to try and see if the user that is trying to run that cron exists under /etc/shadow file.

As Andrew pointed up in one of the comments you can also get this error if the cron user’s account has expired so you may want to verify that before going ahead.

If you hardened your server security using some of the scripts that are floating around the internet and now get a CRON (username) ERROR: failed to open PAM security session: Success error you may wan to check the /var/log/secure log file and check for any references to cron like:

Jul 7 16:30:01 server crond[9527]: pam_access(crond:account): access denied for user `username' from `cron'

A fix for this is to check the following two files and make sure that the lines in there match the following:

/etc/pam.d/crond file should contain the following lines:

auth sufficient
auth required
auth include system-auth
#account sufficient
account required
account include system-auth
session required
session include system-auth

Check the commented line #account sufficient and if you see this line in there and uncommented the comment it out.

Secondly check the /etc/security/access.conf file and if you see at the end of this file anything that is uncommented like:

+ : ALL : cron crond

then comment this two lines also.

Check your cron log file after this and see if the cron will run correctly.