RE: cron syslog entries since FC4 -> FC6 upgrade.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> 
> crond is generated those messages.  You should be checking all the
> crontabs that run as root.
> 
> On 12/6/06, Styma, Robert E (Robert) 
> <stymar@xxxxxxxxxxxxxxxxxx> wrote:
> >
> > To Those who know syslog well:
> >
> > I upgraded from FC4 -> FC6 via CD's in upgrade
> > mode and now I am getting lots of cron entries
> > in /var/log/secure.  Comparisons between the FC4
> > /etc/syslog.conf file and the current copy show
> > it was not updated.
> >
> > I see lots of entries like the following:
> > Dec  6 13:04:01 styma8 crond[29897]: 
> pam_unix(crond:session): session opened for user root by (uid=0)
> > Dec  6 13:04:02 styma8 crond[29897]: 
> pam_unix(crond:session): session closed for user root
> > Dec  6 13:05:01 styma8 crond[29913]: 
> pam_unix(crond:session): session opened for user root by (uid=0)
> > Dec  6 13:05:02 styma8 crond[29913]: 
> pam_unix(crond:session): session closed for user root
> >
> > My /etc/syslog.conf file is pretty simple (see below).  The 
> only thing
> > I am directing to /var/log/secure is authpriv.* which I 
> believe is the
> > default.  I would prefer to send these cron messages to 
> either /var/log/cron
> > or the bit bucket.  This leaves /var/log/secure more uncluttered.
> >
> > Can someone suggest a change to /etc/syslog.conf which 
> would affect the
> > change I want?  Thank you for your time.
> >
> > Bob Styma
> >
> > #-----   /etc/syslog.conf
> >
> > # Log all kernel messages to the console.
> > # Logging much else clutters up the screen.
> > #kern.*                                                 /dev/console
> >
> > # Log anything (except mail) of level info or higher.
> > # Don't log private authentication messages!
> > *.info;mail.none;authpriv.none;cron.none;auth.!=info        
>     /var/log/messages
> >
> > # The authpriv file has restricted access.
> > authpriv.*                                              
> /var/log/secure
> >
> > # Log all the mail messages in one place.
> > mail.*                                                  
> -/var/log/maillog
> >
> >
> > # Log cron stuff
> > cron.*                                                  
> /var/log/cron
> >
> > # Everybody gets emergency messages
> > *.emerg                                                 *
> >
> > # Save news errors of level crit and higher in a special file.
> > uucp,news.crit                                          
> /var/log/spooler
> >
> > # Save boot messages also to boot.log
> > local7.*                                                
> /var/log/boot.log
> >
> > auth.=info              /var/log/cron
> 
> -- 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> L. Friedman                                    netllama@xxxxxxxxx
> LlamaLand                       http://netllama.linux-sxs.org
> 
I understand that crond is causing the entries to be generated, however
They pass through the syslog process and I want to route them somewhere
less obtrusive.  /var/log/security shows when someone attempts to access
my machine.  /etc/hosts.allow / deny has so far done it's job, but I like
to keep an eye on this.

Bob

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux