Différences

Ci-dessous, les différences entre deux révisions de la page.

--- raspberry:log [05-07-2013 21:29]
edmc73 [syslog]
+++ raspberry:log [24-06-2014 21:32]
edmc73 [auth.log]
@@ Ligne 135: / Ligne 135: @@
 Inconvénient, plus de trace en cas de piratage, assurez vous d'avoir un bon mot de passe.
+voir aussi dans /etc/rsyslog.conf
+Commenter la ligne suivante pour ne plus rien recevoir dans /var/log/auth.log
+  #auth,authpriv.*                        /var/log/auth.log
+et relancez le service des journaux
+  service rsyslog restart
+---
+Dans auth.log il y a aussi un paquet de ligne venant de cron
+<code>
+Jun 24 20:35:01 edmchome CRON[9024]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:35:01 edmchome CRON[9024]: pam_unix(cron:session): session closed for user root
+Jun 24 20:36:01 edmchome CRON[9040]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:36:01 edmchome CRON[9040]: pam_unix(cron:session): session closed for user root
+Jun 24 20:37:01 edmchome CRON[9056]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:37:02 edmchome CRON[9056]: pam_unix(cron:session): session closed for user root
+Jun 24 20:38:01 edmchome CRON[9072]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:38:01 edmchome CRON[9072]: pam_unix(cron:session): session closed for user root
+Jun 24 20:39:01 edmchome CRON[9088]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:39:01 edmchome CRON[9088]: pam_unix(cron:session): session closed for user root
+Jun 24 20:40:01 edmchome CRON[9104]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:40:02 edmchome CRON[9104]: pam_unix(cron:session): session closed for user root
+Jun 24 20:41:01 edmchome CRON[9120]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:41:01 edmchome CRON[9120]: pam_unix(cron:session): session closed for user root
+Jun 24 20:42:01 edmchome CRON[9136]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:42:02 edmchome CRON[9136]: pam_unix(cron:session): session closed for user root
+Jun 24 20:43:01 edmchome CRON[9152]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:43:01 edmchome CRON[9152]: pam_unix(cron:session): session closed for user root
+Jun 24 20:44:01 edmchome CRON[9168]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:44:01 edmchome CRON[9168]: pam_unix(cron:session): session closed for user root
+Jun 24 20:45:01 edmchome CRON[9184]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:45:02 edmchome CRON[9184]: pam_unix(cron:session): session closed for user root
+Jun 24 20:46:01 edmchome CRON[9200]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:46:01 edmchome CRON[9200]: pam_unix(cron:session): session closed for user root
+Jun 24 20:47:01 edmchome CRON[9216]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:47:02 edmchome CRON[9216]: pam_unix(cron:session): session closed for user root
+Jun 24 20:48:01 edmchome CRON[9232]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:48:01 edmchome CRON[9232]: pam_unix(cron:session): session closed for user root
+Jun 24 20:49:01 edmchome CRON[9248]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:49:01 edmchome CRON[9248]: pam_unix(cron:session): session closed for user root
+Jun 24 20:50:01 edmchome CRON[9264]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:50:02 edmchome CRON[9264]: pam_unix(cron:session): session closed for user root
+Jun 24 20:51:01 edmchome CRON[9280]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:51:01 edmchome CRON[9280]: pam_unix(cron:session): session closed for user root
+Jun 24 20:52:01 edmchome CRON[9296]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:52:02 edmchome CRON[9296]: pam_unix(cron:session): session closed for user root
+Jun 24 20:53:01 edmchome CRON[9312]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:53:01 edmchome CRON[9312]: pam_unix(cron:session): session closed for user root
+Jun 24 20:54:01 edmchome CRON[9328]: pam_unix(cron:session): session opened for user root by (uid=0)
+Jun 24 20:54:01 edmchome CRON[9328]: pam_unix(cron:session): session closed for user root
+Jun 24 20:55:01 edmchome CRON[9344]: pam_unix(cron:session): session opened for user root by (uid=0)
+</code>
+=== 1ère méthode trouvé sur le net mais qui ne marche pas pour moi ===
+Pour éviter ça, modifiez **/etc/pam.d/common-session-noninteractive**
+  vi /etc/pam.d/common-session-noninteractive
+après la ligne
+  session required pam_unix.so
+ajoutez
+  session [success=1 default=ignore] pam_succeed_if.so service in cron quiet use_uid
+Redémarrez le service crond
+  service cron restart
+=== 2ème méthode qui marche pour moi :) ===
+Configurer le rsyslog pour exclure ce type d'entrée dans les logs. Editez le fichier **/etc/rsyslog.conf**
+  vi /etc/rsyslog.conf
+Modifiez la ligne
+  auth,authpriv.*                 /var/log/auth.log
+par
+  :msg, contains, "pam_unix(cron:session)" ~
+  auth,authpriv.*                 /var/log/auth.log
+et redémarrez le service des journaux
+  service rsyslog restart
 ==== messages ====
@@ Ligne 213: / Ligne 290: @@
 Ce qui permet de logguer tout de même les erreurs, sinon remplacez 4 par 0
+Un petit redémarrage du service au cas ou
+  service cron restart
 ==== user.log ====

Outils pour utilisateurs

Outils du site

Différences

Outils de la page