FWIW, this bug is the same as one reported in Red Hat in https://bugzilla.redhat.com/show_bug.cgi?id=165571 (they 'fixed' this through PAM, see below)
Since the 3.0pl1-107 package release of cron cron uses
'common-session-noninteractive' in its PAM configuration instead of
'common-session'.
I see several ways to prevent cron logs from generating auth.log entries:
- Remove the pam_unix call in common-session-noninteractive, so that
NO logging is produced when cron starts up a job
- (better yet) Use a PAM configuration that will avoid cron from generating
any logging but will log for other (non-interactive) programs. This
is what Red Hat does.
In Debian, to do this add the following line before the pam_unix.so call
in /etc/pam.d/common-session-noninteractive:
------------------------------------------------------------------------------------
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet
use_uid
------------------------------------------------------------------------------------
- Use a syslog daemon that supports filtering (such as rsyslog or syslog-ng)
and filter out these messages.
For example, with syslog-ng it looks like this can be done with
------------------------------------------------------------------
# all messages from the auth and authpriv facilities
filter f_auth { facility(auth, authpriv);};
#filter the CRON messages
filter f_cron_msgs { not match("CRON*"); };
# auth,authpriv.* /var/log/auth.log
# + filter the CRON messages out
log {
source(s_all);
filter(f_auth);
filter(f_cron_msgs);
destination(df_auth);
};
------------------------------------------------------------------
Hope this helps.
Regards
Javier
signature.asc
Description: Digital signature
