#63: Lower severity levels of two syslog messages
---------------------+------------------------------
Reporter: quabla | Owner: pam-developers@…
Type: defect | Status: new
Priority: major | Component: modules
Version: 1.2.x | Keywords:
Blocked By: | Blocking:
---------------------+------------------------------
Partially, I have reported this to OpenSSH [1] before, since the messages
appear in syslog from using sshd.
Most of the pam_syslog calls are done if something fails (malloc,
conversation, config) and have priority LOG_ERR or LOG_CRIT. That is
perfectly fine.
However, a few messages with high severity appear in normal operation of
the sshd with pam_unix. That suggest, that they are not severe at all.
Let's look at them by the assigned priority:
1 Alert: action must be taken immediately
- PAM service(sshd) ignoring max retries; 5 > 3
It seems this messages could be suppressed in sshd [2]. However, there is
no problem in ignoring max retries. I am suggesting priority LOG_INFO.
4 Warning: warning conditions
- pam_unix(sshd:auth): check pass; user unknown
That happens frequently on world facing systems and it's not an error in
the usage of pam. Also this cannot be suppressed by sshd. Suggesting
LOG_INFO.
[1]: <
https://bugzilla.mindrot.org/show_bug.cgi?id=2585>
"Several syslog messages have too high priority"
[2]: <
https://bugzilla.mindrot.org/show_bug.cgi?id=2249>
"sshd ignores PAM_MAXRETRIES pam return value"
--
Ticket URL: <
https://fedorahosted.org/linux-pam/ticket/63>
linux-pam <
http://fedorahosted.org/linux-pam>
The Linux-PAM (Pluggable Authentication Modules) project