Jul 1 06:13:10 myhost su(pam_unix)[12386]: session opened for user news by (uid=0)
Jul 1 06:13:10 myhost su(pam_unix)[12386]: session closed for user news
I keep getting these messages in my logs. Would this be a process running with the user news, or is someone logging into my box as that user? Does anyone know if this news account has a default password. Is there a command in linux that I can lock out the user with out commenting him out?
Thanks for all your help.
Mike