For a few weeks now on my FC5-x86 system, I'm seeing the following error appear in /var/log/secure every 5 minutes: pam_loginuid(crond:session): set_loginuid failed opening loginuid
Clearly its getting triggered by some cronjob, but I can't figure out which as I'm not aware of any cronjobs that run every 5 minutes.
Anyone have any ideas what that error really means?
On 7/7/06, Scott R. Godin scott.g@mhg2.com wrote:
On Fri, 2006-07-07 at 13:13 -0700, Lonni J Friedman wrote:
For a few weeks now on my FC5-x86 system, I'm seeing the following error appear in /var/log/secure every 5 minutes: pam_loginuid(crond:session): set_loginuid failed opening loginuid
Clearly its getting triggered by some cronjob, but I can't figure out which as I'm not aware of any cronjobs that run every 5 minutes.
Anyone have any ideas what that error really means?
mrtg installed and running unconfigured? :-)
no, its configured, and working correctly.
I see pam_loginuid mentioned in /etc/pam.d/login ...
have you looked in /var/log/cron yet?
yup, and mrtg is the only job that apears every 5 minutes. the part that makes no sense is even if i comment out the mrtg cronjob, those errors continue to appear every 5 minutes.
On Fri, 2006-07-07 at 13:13 -0700, Lonni J Friedman wrote:
For a few weeks now on my FC5-x86 system, I'm seeing the following error appear in /var/log/secure every 5 minutes: pam_loginuid(crond:session): set_loginuid failed opening loginuid
Clearly its getting triggered by some cronjob, but I can't figure out which as I'm not aware of any cronjobs that run every 5 minutes.
Anyone have any ideas what that error really means?
mrtg installed and running unconfigured? :-)
I see pam_loginuid mentioned in /etc/pam.d/login ...
have you looked in /var/log/cron yet?
On 7/7/06, Scott R. Godin scott.g@mhg2.com wrote:
On Fri, 2006-07-07 at 13:30 -0700, Lonni J Friedman wrote:
On 7/7/06, Scott R. Godin scott.g@mhg2.com wrote:
On Fri, 2006-07-07 at 13:13 -0700, Lonni J Friedman wrote:
For a few weeks now on my FC5-x86 system, I'm seeing the following error appear in /var/log/secure every 5 minutes: pam_loginuid(crond:session): set_loginuid failed opening loginuid
Clearly its getting triggered by some cronjob, but I can't figure
out
which as I'm not aware of any cronjobs that run every 5 minutes.
Anyone have any ideas what that error really means?
mrtg installed and running unconfigured? :-)
no, its configured, and working correctly.
I see pam_loginuid mentioned in /etc/pam.d/login ...
have you looked in /var/log/cron yet?
yup, and mrtg is the only job that apears every 5 minutes. the part that makes no sense is even if i comment out the mrtg cronjob, those errors continue to appear every 5 minutes.
bizarre.
very
do you have any individual crontabs configured? (look in /var/spool/cron/ to see, usually)
actually, it seems that these errors are getting generated whenever any user driven cronjob is running on the system. so anything running as root, or normal users.
something appended into /etc/crontab that shouldn't be?
nothing other than the FC5 defaults in /etc/crontab.
On Fri, 2006-07-07 at 13:30 -0700, Lonni J Friedman wrote:
On 7/7/06, Scott R. Godin scott.g@mhg2.com wrote:
On Fri, 2006-07-07 at 13:13 -0700, Lonni J Friedman wrote:
For a few weeks now on my FC5-x86 system, I'm seeing the following error appear in /var/log/secure every 5 minutes: pam_loginuid(crond:session): set_loginuid failed opening loginuid
Clearly its getting triggered by some cronjob, but I can't figure
out
which as I'm not aware of any cronjobs that run every 5 minutes.
Anyone have any ideas what that error really means?
mrtg installed and running unconfigured? :-)
no, its configured, and working correctly.
I see pam_loginuid mentioned in /etc/pam.d/login ...
have you looked in /var/log/cron yet?
yup, and mrtg is the only job that apears every 5 minutes. the part that makes no sense is even if i comment out the mrtg cronjob, those errors continue to appear every 5 minutes.
bizarre.
do you have any individual crontabs configured? (look in /var/spool/cron/ to see, usually)
something appended into /etc/crontab that shouldn't be?
If this file doesn't exist: /proc/<pid of crond>/loginuid It's because the kernel doesn't have AUDIT enabled. Set "CONFIG_AUDIT=y" (menuconfig: Under "General setup" enable "Auditing support"), recompile kernel, reboot with new kernel. Now you shouldn't see any more of these messages...
Related message in /var/log/secure: sshd[PID]: pam_loginuid(sshd:session): set_loginuid failed opening loginuid
-
jery_wang -
Lonni J Friedman -
Scott R. Godin