Truenas middlewared policy plugin failed and spams the console every 5 mins

fungshui · April 28, 2024, 3:59pm

I have just seems this error spamming in the console. Is there a way to debug it?

Apr 28 16:40:02 truenas middlewared[5422]: sudo: pam_open_session: Permission denied
Apr 28 16:40:02 truenas middlewared[5422]: sudo: policy plugin failed session initialization
Apr 28 16:45:01 truenas middlewared[5422]: sudo: pam_open_session: Permission denied
Apr 28 16:45:01 truenas middlewared[5422]: sudo: policy plugin failed session initialization
Apr 28 16:45:01 truenas middlewared[5422]: sudo: pam_open_session: Permission denied
Apr 28 16:45:01 truenas middlewared[5422]: sudo: policy plugin failed session initialization
Apr 28 16:50:01 truenas middlewared[5422]: sudo: pam_open_session: Permission denied
Apr 28 16:50:01 truenas middlewared[5422]: sudo: policy plugin failed session initialization
Apr 28 16:50:01 truenas middlewared[5422]: sudo: pam_open_session: Permission denied
Apr 28 16:50:01 truenas middlewared[5422]: sudo: policy plugin failed session initialization
Apr 28 16:55:01 truenas middlewared[5422]: sudo: pam_open_session: Permission denied
Apr 28 16:55:01 truenas middlewared[5422]: sudo: policy plugin failed session initialization
Apr 28 16:55:01 truenas middlewared[5422]: sudo: pam_open_session: Permission denied
Apr 28 16:55:01 truenas middlewared[5422]: sudo: policy plugin failed session initialization

winnielinnie · April 28, 2024, 4:05pm

SCALE? Core? Version? After an update? Non-root admin user created?

fungshui · April 28, 2024, 10:57pm

Sorry, I should have provided more information.

It is TrueNAS SCALE 24.04.0.

A single non-root admin user is created.

It was updated yesterday. I didn’t notice these errors before. They might or might not be there.

winnielinnie · April 28, 2024, 11:31pm

Can you share that user’s config? (You can censor out the name or any personal information.)

What group(s) are they in? Are they granted sudo privileges?

Do these particular spammed messages in the log only occur during the periods you’re logged into the GUI?

As a test: If you log out of the GUI (all sessions), and remain logged out for one hour, does that one-hour period omit such events in the log?

Are you using any Apps? Official? TrueCharts? Custom?

The more a system strays away from a “vanilla” installation of SCALE, the more variables may be at play.

fungshui · April 29, 2024, 1:08pm

Sure, for user’s config, do you mean the user pane of the WebUI?

Here is the values:

GID:
3000

Home Directory:
/mnt/tank/home/<username>

Shell:
/usr/bin/bash

Email:
<user>@gmail.com

Password Disabled:
No

Lock User:
No

Samba Authentication:
Yes

SSH:
Key set

Allowed Sudo Commands:
ALL

sudo? yes.

groups:

$ id
uid=3000(<user>) gid=3000(<user>) groups=3000(<user>),0(root),544(builtin_administrators),545(builtin_users),568(apps),5003(readers),5004(writers)

where group readers and writers have read and/or write access to some shared directories.

No App nor TrueChart installed but I have a lxc created by jailmaker running.

Let me log off the WebUI for awhile and come back later.

fungshui · April 29, 2024, 2:30pm

I have logged off the WebUI for an hour but the warnings are still showing up.

Apr 29 15:20:02 truenas middlewared[5422]: sudo: pam_open_session: Permission denied
Apr 29 15:20:02 truenas middlewared[5422]: sudo: policy plugin failed session initialization
Apr 29 15:20:02 truenas middlewared[5422]: sudo: pam_open_session: Permission denied
Apr 29 15:20:02 truenas middlewared[5422]: sudo: policy plugin failed session initialization
Apr 29 15:25:01 truenas middlewared[5422]: sudo: pam_open_session: Permission denied
Apr 29 15:25:01 truenas middlewared[5422]: sudo: policy plugin failed session initialization
Apr 29 15:25:01 truenas middlewared[5422]: sudo: pam_open_session: Permission denied
Apr 29 15:25:01 truenas middlewared[5422]: sudo: policy plugin failed session initialization

winnielinnie · April 29, 2024, 2:39pm

I’d file a bug report then. Though I don’t believe this has any performance impacts?

fungshui · April 29, 2024, 3:08pm

Ok, thanks for your help.

Let me file a bug report.

fungshui · April 29, 2024, 7:10pm

In case you are interested, I have found the cause of the messages.

They are produced by Cron Jobs defined in the WebUI. Any single cron job produce no message but when more than 1 cron job are running on the same minute, it generates the above messages. There were 3 cron jobs running every 5 minutes. That’s why they triggered the messages. No more message when I spread them out.