Quote:
Originally Posted by guillermo
Sep 27 12:00:01 hostname sudo: root : TTY=unknown ; PWD=/root ; USER=apache ; COMMAND=/usr/bin/find /var/www/path/path -type f -name *.dat -mtime +1 -exec /bin/rm -rf {} ;
|
This is really self explanatory if you take a moment to look at each part of the message. This says that the user logged in on the account named apache is using sudo to run the find command as root. The find command is searching /var/www/path/path for regular files named *.dat that were last accessed more than one day ago. Then it deletes these files. TTY = unknown because this process is not logged in on a terminal; it is a detached process. It is either a cron job or the apache daemon process is running it directly. PWD = /root because it has used sudo to act as the root account for the find command.
The reason that it shows up in your security log is because your system is set to log all uses of the sudo command. This is a good thing.
It looks like this is just a normal maintenance procedure for apache. I don't know why it wants to run as the root account but the command that it is running is not going to hurt anything unless you want to keep the files that it is deleting.
By the way this had better not be homework. I noticed that your other post is about running apache. If you are taking a class don't bring your homework here for us to do for you.