Marcin, that's actually a different problem having to do with (I
believe) logging by a PAM module. This seems to be a feature of SELinux.
I solved the problem by turning on the auditd daemon which causes the
messages to be sent to /var/log/audit/audit.log.
Kirk
Marcin Godlewski wrote:
> Kirk Bocek napisa?(a):
>
>>Since updating to 4.2 my Opteron server has been flooded by messages like:
>>
>>audit(1129565701.837:155): user pid=4700 uid=0 auid=4294967295 msg='PAM
>>session open: user=root exe="/usr/sbin/crond" (hostname=?, addr=?,
>>terminal=cron result=Success)'
>>
>>to both /var/log/messages and the kernel ring buffer. Looks like they
>>are being generated by cron jobs being run on the server.
>>
>>Does anyone know how to turn these messages off or to redirect them?
>>
>
> I have exactly the same problem. I've solved this by change in
> syslog.conf to look like:
> *.info;mail.none;authpriv.none;cron.none;auth.!=info
> /var/log/messages
> and adding this line
> auth.info /var/log/cron.auth
>
> It solved my problem byt its temporally, dont know what to do exactly to
> stop it.
>
>
