Marcin, that's actually a different problem having to do with (I believe) logging by a PAM module. This seems to be a feature of SELinux. I solved the problem by turning on the auditd daemon which causes the messages to be sent to /var/log/audit/audit.log. Kirk Marcin Godlewski wrote: > Kirk Bocek napisał(a): > >>Since updating to 4.2 my Opteron server has been flooded by messages like: >> >>audit(1129565701.837:155): user pid=4700 uid=0 auid=4294967295 msg='PAM >>session open: user=root exe="/usr/sbin/crond" (hostname=?, addr=?, >>terminal=cron result=Success)' >> >>to both /var/log/messages and the kernel ring buffer. Looks like they >>are being generated by cron jobs being run on the server. >> >>Does anyone know how to turn these messages off or to redirect them? >> > > I have exactly the same problem. I've solved this by change in > syslog.conf to look like: > *.info;mail.none;authpriv.none;cron.none;auth.!=info > /var/log/messages > and adding this line > auth.info /var/log/cron.auth > > It solved my problem byt its temporally, dont know what to do exactly to > stop it. > >