What the %$#@ is pam_unix (cron:session) doing every ten minutes? (/var/log/auth.log)

CoffeeKing!!! · 02-04-2009, 10:59 PM

I've googled and searched forums for hours. The most stop the constant logging in

Code:

var/log/auth.log

I need to know exactly what is happening. Not how to stop it. I've found no answers as to what is happening yet. The constant logging without explanation is making my head ring.

Code:

Feb  3 13:17:01 dixie CRON[13822]: pam_unix(cron:session): session opened for user root by (uid=0)
Feb  3 13:17:01 dixie CRON[13822]: pam_unix(cron:session): session closed for user root
Feb  3 13:20:01 dixie CRON[13961]: pam_unix(cron:session): session opened for user root by (uid=0)
Feb  3 13:20:01 dixie CRON[13961]: pam_unix(cron:session): session closed for user root
Feb  3 13:30:01 dixie CRON[14476]: pam_unix(cron:session): session opened for user root by (uid=0)
Feb  3 13:30:02 dixie CRON[14476]: pam_unix(cron:session): session closed for user root
Feb  3 13:40:01 dixie CRON[14966]: pam_unix(cron:session): session opened for user root by (uid=0)
Feb  3 13:40:01 dixie CRON[14966]: pam_unix(cron:session): session closed for user root
Feb  3 13:50:01 dixie CRON[15530]: pam_unix(cron:session): session opened for user root by (uid=0)
Feb  3 13:50:02 dixie CRON[15530]: pam_unix(cron:session): session closed for user root
Feb  3 14:00:01 dixie CRON[16207]: pam_unix(cron:session): session opened for user root by (uid=0)
Feb  3 14:00:01 dixie CRON[16207]: pam_unix(cron:session): session closed for user root
Feb  3 14:10:01 dixie CRON[16964]: pam_unix(cron:session): session opened for user root by (uid=0)
Feb  3 14:10:01 dixie CRON[16964]: pam_unix(cron:session): session closed for user root
Feb  3 14:17:01 dixie CRON[17367]: pam_unix(cron:session): session opened for user root by (uid=0)
Feb  3 14:17:01 dixie CRON[17367]: pam_unix(cron:session): session closed for user root
Feb  3 14:20:01 dixie CRON[17586]: pam_unix(cron:session): session opened for user root by (uid=0)
Feb  3 14:20:02 dixie CRON[17586]: pam_unix(cron:session): session closed for user root

slimm609 · 02-04-2009, 11:02 PM

This is normal

cron has to be authenticated to the system just like everyone else and cron checks the config files to see if anything has changed. Since cron can run at any minute of the day you will see alot of them.

The first line of each is when cron starts (session open)
the second line is when cron closes (session close)

Please do not post on the same issue multiple times
http://www.linuxquestions.org/questi...server-702283/

it will not get you helped any faster. If there is someone one that knows the answer then they will most likely post but if no one currently on then posting multiple times will only get you talked to about it. It is against the LQ rules that you agreed to when you created an account.

Thanks

CoffeeKing!!! · 02-05-2009, 12:10 AM

Quote:

Originally Posted by slimm609

This is normal

cron has to be authenticated to the system just like everyone else and cron checks the config files to see if anything has changed. Since cron can run at any minute of the day you will see alot of them.

The first line of each is when cron starts (session open)
the second line is when cron closes (session close)

Please do not post on the same issue multiple times
http://www.linuxquestions.org/questi...server-702283/

it will not get you helped any faster. If there is someone one that knows the answer then they will most likely post but if no one currently on then posting multiple times will only get you talked to about it. It is against the LQ rules that you agreed to when you created an account.

Thanks

thanks slim
With your help, I learned a little bit more about cron and found the cron scripts that were filling up my auth.log.

Sorry about the multiple post.

could you tell me what the numbers next to the word CRON are in the output. Are they PID's?

slimm609 · 02-05-2009, 08:07 AM

Yes those are the PIDs of each one.