linux:home:shutting_up_pam_in_syslogs

Shutting Up PAM in Syslogs

In a Debian-like system, the easiest way is to use pam-auth-update to manage PAM. To silence specific services, make a file like the following:

/usr/share/pam-configs/shutup 

# Don't log "session opened" and "session closed" messages for...
# Cron, Samba
# See: https://wiki.ubuntu.com/PAMConfigFrameworkSpec
#      https://manpages.debian.org/stretch/libpam-modules/pam_succeed_if.8.en.html
Name: disable annoying services session logging
Default: yes
Priority: 300
Session-Type: Additional
Session:
    [default=ignore success=1] pam_succeed_if.so quiet service in samba:cron

This silences samba and cron. quiet means that this rule always succeeds or fails silently. success=1 skips the next rule (i.e. pam_unix), silencing a session open/close. You can also specify users only by replacing service in samba:cron with something like ruser in michael:otheruser.

After doing this, run pam-auth-update as root, selecting the configuration you just made. You can programmatically update configs by passing –package, preventing options from needing to be chosen by the user.

  • linux/home/shutting_up_pam_in_syslogs.txt
  • Last modified: 2022/09/07 20:05
  • by michaelbromilow