#63: Lower severity levels of two syslog messages ---------------------+------------------------------ Reporter: quabla | Owner: pam-developers@… Type: defect | Status: new Priority: major | Component: modules Version: 1.2.x | Keywords: Blocked By: | Blocking: ---------------------+------------------------------ Partially, I have reported this to OpenSSH [1] before, since the messages appear in syslog from using sshd. Most of the pam_syslog calls are done if something fails (malloc, conversation, config) and have priority LOG_ERR or LOG_CRIT. That is perfectly fine. However, a few messages with high severity appear in normal operation of the sshd with pam_unix. That suggest, that they are not severe at all. Let's look at them by the assigned priority: 1 Alert: action must be taken immediately - PAM service(sshd) ignoring max retries; 5 > 3 It seems this messages could be suppressed in sshd [2]. However, there is no problem in ignoring max retries. I am suggesting priority LOG_INFO. 4 Warning: warning conditions - pam_unix(sshd:auth): check pass; user unknown That happens frequently on world facing systems and it's not an error in the usage of pam. Also this cannot be suppressed by sshd. Suggesting LOG_INFO. [1]: <https://bugzilla.mindrot.org/show_bug.cgi?id=2585> "Several syslog messages have too high priority" [2]: <https://bugzilla.mindrot.org/show_bug.cgi?id=2249> "sshd ignores PAM_MAXRETRIES pam return value" -- Ticket URL: <https://fedorahosted.org/linux-pam/ticket/63> linux-pam <http://fedorahosted.org/linux-pam> The Linux-PAM (Pluggable Authentication Modules) project