This post is somewhat similar but mine is rather specific.
CRON: pam_unix(cron:session): session opened for user root by (uid=0)
Is this really a bug?
In our system this process is creating entries in every 5 minutes making the log backup guys' life very hard. Lots & lots of entries are being stored on the disk.
As per the following links, do we need to fix this issue or can we at least increase the time of listing between the entries?
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=293272
http://languor.us/cron-pam-unix-cron-session-session-opened-closed-user-root-uid0
Can I at least reduce the time between entries? For my server currently it's 1 pair of entry in every 5 minutes. Say, I've increased the time to 30 minutes, would I miss any login attempt (legit and hacking both)?
Best Answer
The entries are added to the log each time a
cron
job runs. To reduce the time between entries, you would have to look at your cron jobs and change their timings. This, though, may break something that relies on those jobs running at specific intervals.If they really do annoy you, then simply follow the instructions on the Debian bug report and stop
cron
from logging an entry in theauth.log
each time a job runs. That is, edit/etc/pam.d/common-session-noninteractive
and add:before the line: session required pam_unix.so
and restart the cron service (as per links provided by original poster)