Cron in docker container (Cannot make/remove an entry for the specified session)

I added a template to create a file in /etc/cron.d/ inside my Discourse docker container, but I can’t get the cron job to execute! Instead, I see the following entry in my docker container’s syslog:

==> /var/log/syslog <==
Apr 22 11:45:01 osestaging1-discourse-ose CRON[30055]: Cannot make/remove an entry for the specified session

How can I define a cron job to execute inside my Discourse docker container?

This is the result of a bug in docker and Debian. It’s since been fixed, but apparently not for Discourse’s docker image (yet?).

Per the above link, I used the following template file to both [a] create the /etc/cron.d/ file and [b] fix the bug in the cron pam module:

[root@osestaging1 discourse]# cat /var/discourse/templates/unattended-upgrades.template.yml run:
  - file:
     path: /etc/cron.d/unattended-upgrades
     contents: |+
        ################################################################################
        # File:    /etc/cron.d/unattended-upgrades
        # Version: 0.1
        # Purpose: run unattended-upgrades in lieu of systemd. For more info see
        #           * https://wiki.opensourceecology.org/wiki/Discourse
        #           * https://meta.discourse.org/t/does-discourse-container-use-unattended-upgrades/136296/3
        # Author:  Michael Altfield <michael@opensourceecology.org>
        # Created: 2020-03-23
        # Updated: 2020-03-23
        ################################################################################
        20 04 * * * root /usr/bin/nice /usr/bin/unattended-upgrades --debug
        

  - exec: /bin/echo -e "\n" >> /etc/cron.d/unattended-upgrades
  # fix the Docker cron bug https://stackoverflow.com/questions/43323754/cannot-make-remove-an-entry-for-the-specified-session-cron
  - exec: /bin/sed --in-place=.`date "+%Y%m%d_%H%M%S"` 's%^\([^#]*\)\(session\s\+required\s\+pam_loginuid\.so\)$%\1#\2%' /etc/pam.d/cron
[root@osestaging1 discourse]# 

Unfortunately, I’m not 100% of all the consequences of making this change to the cron pam.d module. But it does seem to me to be the recognized fix upstream :\

See also: Does Discourse container use unattended-upgrades?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.