Description of problem: Every user cron job is spamming the logs with systemd session messages. Version-Release number of selected component (if applicable): cronie-1.5.2-4.el8.x86_64 How reproducible: 100% Steps to Reproduce: 1. Create a cron job for a user at some reasonably high frequency, say every 5 minutes 2. Wait for cron job to fire Actual results: For every job, messages file is spammed with the like of: 04:06:01 systemd Created slice User Slice of UID 1001. 04:06:01 systemd Starting User runtime directory /run/user/1001... 04:06:01 systemd Started User runtime directory /run/user/1001. 04:06:01 systemd Starting User Manager for UID 1001... 04:06:02 systemd Starting D-Bus User Message Bus Socket. 04:06:02 systemd Started Mark boot as successful after the user session has run 2 minutes. 04:06:02 systemd Reached target Timers. 04:06:02 systemd Reached target Paths. 04:06:02 systemd Listening on D-Bus User Message Bus Socket. 04:06:02 systemd Reached target Sockets. 04:06:02 systemd Reached target Basic System. 04:06:02 systemd Started User Manager for UID 1001. 04:06:02 systemd Reached target Default. 04:06:02 systemd Startup finished in 65ms. 04:06:02 systemd pam_unix(systemd-user:session): session opened for user brian by (uid=0) 04:06:06 systemd session-2180.scope: Succeeded. 04:06:13 systemd session-2177.scope: Succeeded. 04:06:16 systemd Stopping User Manager for UID 1001... 04:06:16 systemd Stopped target Default. 04:06:16 systemd Stopped target Basic System. 04:06:16 systemd Stopped target Timers. 04:06:16 systemd Stopped Mark boot as successful after the user session has run 2 minutes. 04:06:16 systemd Stopped target Paths. 04:06:16 systemd Stopped target Sockets. 04:06:16 systemd Closed D-Bus User Message Bus Socket. 04:06:16 systemd Reached target Shutdown. 04:06:16 systemd Starting Exit the Session... 04:06:16 systemd user: Succeeded. 04:06:16 systemd Stopped User Manager for UID 1001. 04:06:16 systemd Stopping User runtime directory /run/user/1001... 04:06:16 systemd run-user-1001.mount: Succeeded. 04:06:16 systemd user-runtime-dir: Succeeded. 04:06:16 systemd Stopped User runtime directory /run/user/1001. 04:06:16 systemd Removed slice User Slice of UID 1001. 04:06:16 systemd pam_unix(systemd-user:session): session closed for user brian Expected results: No landslide of systemd spam for each and every cron job run Additional info: Talking to the systemd maintainers, their assertion is that cron should not be invoking pam_systemd. Indeed, changing /etc/pam.d/crond to: # # The PAM configuration file for the cron daemon # # # Although no PAM authentication is called, auth modules # are used for credential setting auth include password-auth account required pam_access.so account include password-auth #session required pam_loginuid.so # don't use password-auth's session -- it adds too much spam to logs #session include password-auth # copied from /etc/pam.d/password-auth session optional pam_keyinit.so revoke session required pam_limits.so # but comment out to see if this stops all of the systemd noise #-session optional pam_systemd.so session optional pam_oddjob_mkhomedir.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so session optional pam_sss.so does indeed squelch the noise.
This may already been fixed via bug#2005526. Please try to update to cronie-1.5.2-6.el8 or newer and see if the problem still persist.
The version current in the latest EL8 (8.5) is still cronie-1.5.2-4.el8.x86_64. How would I update to cronie-1.5.2-6.el8 or newer on an EL8.5 machine?
Created attachment 1864600 [details] Testing RPM Sorry, my mistake. The fix is yet to head out in the 8.6 release. I'm attaching a testing RPM to this bug to help you verify if the fix is indeed contained in the upcoming update. Let me know if it works for you, and if so, if you want this to be backported into the 8.5 z-stream or if you are content with it being delivered in 8.6. Thanks!
Hello, I was investigate this issue, but with RHEL9, because in addition to the verbosity (and useless systemd session), it creates an AUTH error: type=CRED_ACQ msg=audit(07/18/22 14:34:01.335:375) : pid=4429 uid=root auid=unset ses=unset subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct=test exe=/usr/sbin/crond hostname=? addr=? terminal=cron res=success' type=CRED_ACQ msg=audit(07/18/22 14:34:01.478:379) : pid=4432 uid=root auid=unset ses=unset subj=system_u:system_r:init_t:s0 msg='op=PAM:setcred grantors=? acct=test exe=/usr/lib/systemd/systemd hostname=? addr=? terminal=? res=failed' Thus I tried the attached fixed rpm (on RHEL 8) and the messages are still there. What does the fix consist of ? I workaround that with this pam system-auth config: --- #%PAM-1.0 # This file is auto-generated. # User changes will be destroyed the next time authselect is run. auth required pam_env.so auth sufficient pam_unix.so try_first_pass nullok auth required pam_deny.so account required pam_unix.so password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type= password sufficient pam_unix.so try_first_pass use_authtok nullok sha512 shadow password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid -session optional pam_systemd.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so --- Will also open on RHEL9. Thank you !