FWIW, this bug is the same as one reported in Red Hat in https://bugzilla.redhat.com/show_bug.cgi?id=165571 (they 'fixed' this through PAM, see below)
Since the 3.0pl1-107 package release of cron cron uses 'common-session-noninteractive' in its PAM configuration instead of 'common-session'. I see several ways to prevent cron logs from generating auth.log entries: - Remove the pam_unix call in common-session-noninteractive, so that NO logging is produced when cron starts up a job - (better yet) Use a PAM configuration that will avoid cron from generating any logging but will log for other (non-interactive) programs. This is what Red Hat does. In Debian, to do this add the following line before the pam_unix.so call in /etc/pam.d/common-session-noninteractive: ------------------------------------------------------------------------------------ session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid ------------------------------------------------------------------------------------ - Use a syslog daemon that supports filtering (such as rsyslog or syslog-ng) and filter out these messages. For example, with syslog-ng it looks like this can be done with ------------------------------------------------------------------ # all messages from the auth and authpriv facilities filter f_auth { facility(auth, authpriv);}; #filter the CRON messages filter f_cron_msgs { not match("CRON*"); }; # auth,authpriv.* /var/log/auth.log # + filter the CRON messages out log { source(s_all); filter(f_auth); filter(f_cron_msgs); destination(df_auth); }; ------------------------------------------------------------------ Hope this helps. Regards Javier
signature.asc
Description: Digital signature