suppress success messages from dmesg & co

Stefan stefan at sf-net.com
Fri Jun 16 13:50:44 UTC 2006


Hi,

is it possible to suppress success messages like:

audit(1150460352.961:685): user pid=10323 uid=500 auid=500 msg='PAM:  
setcred acct=root : exe="/bin/su" (hostname=?, addr=?, terminal=pts/0  
res=success)'
audit(1150460352.961:686): user pid=10323 uid=500 auid=500 msg='PAM:  
session close acct=root : exe="/bin/su" (hostname=?, addr=?,  
terminal=pts/0 res=success)'
audit(1150462861.629:687): user pid=10507 uid=0 auid=4294967295  
msg='PAM: accounting acct=root : exe="/usr/sbin/crond" (hostname=?,  
addr=?, terminal=cron res=success)'
audit(1150462861.629:688): login pid=10507 uid=0 old auid=4294967295  
new auid=0
audit(1150462861.629:689): user pid=10507 uid=0 auid=0 msg='PAM:  
session open acct=root : exe="/usr/sbin/crond" (hostname=?, addr=?,  
terminal=cron res=success)'
audit(1150465564.666:694): login pid=10695 uid=0 old auid=4294967295  
new auid=500
audit(1150465564.666:695): user pid=10695 uid=0 auid=500 msg='PAM:  
session open acct=foobar : exe="/usr/sbin/ 
sshd" (hostname=2001:6f8:1294:1::3, addr=?, terminal=ssh res=success)'

Everytime someone uses 'su' or newrole or ... a audit message is  
created. This spams my logfiles so I would like to turn such "success  
messages" of. I'm using FC5 with latest updates and selinux-policy-mls.

Best regards,
Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20060616/ce7f9426/attachment.sig>


More information about the fedora-selinux-list mailing list