The pam_console pam module has an internal _pam_log() module to do
syslog()ing with; the first argument of this routine is is passed to
vsyslog() (which in turn passes it to syslog()) as the priority of the
Unfortunately, pam_console misuses this argument to pass values only
valid for openlog(). One of them is OPEN_PID, which has the same value
as LOG_ALERT, which ensures that most syslog messages pam_console sends
have their priorities jumbled. In practical effect this seems to make
syslogd believe that various things have elevated priorities and blat
them all over creation.
This is wrong and quite bad; people rely on correct syslog priorities
to, eg, route some urgent syslog messages to consoles (or even pagers)
for immediate attention.
I will attach a patch that is a first cut at fixing this. (I suspect
that all log priorities should be reviewed, too. As a first cut, I doubt
a syslog made only when debugging is on should ever have a priority
other than LOG_DEBUG.)
Created attachment 1552 [details]
strip LOG_PID|LOG_AUTHPRIV from all _pam_log() calls, repair any that now miss a priority
*** Bug 14646 has been marked as a duplicate of this bug. ***
Upon examination of the logging code in pam_console, this is clearly
wrong. A fixed version (pam-0.72-23) which logs nothing but errors
(unless the "debug" flag is supplied) will appear in Raw Hide shortly.