REPOST - cron syslog entries since FC4 -> FC6 upgrade.
Cameron Simpson
cs at zip.com.au
Fri Dec 8 20:51:32 UTC 2006
On 08Dec2006 09:51, Styma, Robert E (Robert) <stymar at alcatel-lucent.com> wrote:
| I upgraded from FC4 -> FC6 via CD's in upgrade
| mode and now I am getting lots of cron entries
| in /var/log/secure. Comparisons between the FC4
| /etc/syslog.conf file and the current copy show
| it was not updated. These crond:session messages are
| not useful to me and they can obscure real security messages.
|
| I see lots of entries like the following:
| Dec 6 13:04:01 styma8 crond[29897]: pam_unix(crond:session):
| session opened for user root by (uid=0)
[...]
| My /etc/syslog.conf file is pretty simple (see below). The only thing
| I am directing to /var/log/secure is authpriv.* which I believe is the
| default. I would prefer to send these cron messages to
| either /var/log/cron
| or the bit bucket. This leaves /var/log/secure more uncluttered.
|
| Can someone suggest a change to /etc/syslog.conf which would
| affect the
| change I want? Thank you for your time.
[...]
| # The authpriv file has restricted access.
| authpriv.* /var/log/secure
[...]
| # Log cron stuff
| cron.* /var/log/cron
Do the messages appear in /var/log/cron also?
If so, does changing the authpriv line like this:
authpriv.*;cron.none /var/log/secure
do anything useful?
--
Cameron Simpson <cs at zip.com.au> DoD#743
http://www.cskk.ezoshosting.com/cs/
You wouldn't... ...but you KNOW you could. - Original V65 Commercial
More information about the fedora-list
mailing list