Re: cron syslog entries since FC4 -> FC6 upgrade.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



crond is generated those messages.  You should be checking all the
crontabs that run as root.

On 12/6/06, Styma, Robert E (Robert) <stymar@xxxxxxxxxxxxxxxxxx> wrote:

To Those who know syslog well:

I upgraded from FC4 -> FC6 via CD's in upgrade
mode and now I am getting lots of cron entries
in /var/log/secure.  Comparisons between the FC4
/etc/syslog.conf file and the current copy show
it was not updated.

I see lots of entries like the following:
Dec  6 13:04:01 styma8 crond[29897]: pam_unix(crond:session): session opened for user root by (uid=0)
Dec  6 13:04:02 styma8 crond[29897]: pam_unix(crond:session): session closed for user root
Dec  6 13:05:01 styma8 crond[29913]: pam_unix(crond:session): session opened for user root by (uid=0)
Dec  6 13:05:02 styma8 crond[29913]: pam_unix(crond:session): session closed for user root

My /etc/syslog.conf file is pretty simple (see below).  The only thing
I am directing to /var/log/secure is authpriv.* which I believe is the
default.  I would prefer to send these cron messages to either /var/log/cron
or the bit bucket.  This leaves /var/log/secure more uncluttered.

Can someone suggest a change to /etc/syslog.conf which would affect the
change I want?  Thank you for your time.

Bob Styma

#-----   /etc/syslog.conf

# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.*                                                 /dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none;auth.!=info            /var/log/messages

# The authpriv file has restricted access.
authpriv.*                                              /var/log/secure

# Log all the mail messages in one place.
mail.*                                                  -/var/log/maillog


# Log cron stuff
cron.*                                                  /var/log/cron

# Everybody gets emergency messages
*.emerg                                                 *

# Save news errors of level crit and higher in a special file.
uucp,news.crit                                          /var/log/spooler

# Save boot messages also to boot.log
local7.*                                                /var/log/boot.log

auth.=info              /var/log/cron

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
L. Friedman                                    netllama@xxxxxxxxx
LlamaLand                       http://netllama.linux-sxs.org


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux