Today i go on my log with nano /var/log/syslog
I have this, and i think it's not very good :
Aug 27 06:25:02 ks3309528 rsyslogd: [origin software="rsyslogd" swVersion="4.6.4" x-pid="2235" x-info="http://www.rsyslog.com"] rsyslogd was HUPed, type 'lightweight'.
Aug 27 06:25:02 ks3309528 rsyslogd: [origin software="rsyslogd" swVersion="4.6.4" x-pid="2235" x-info="http://www.rsyslog.com"] rsyslogd was HUPed, type 'lightweight'.
Aug 27 06:25:02 ks3309528 /USR/SBIN/CRON[3862]: (CRON) error (grandchild #3867 failed with exit status 1)
Aug 27 06:25:02 ks3309528 /USR/SBIN/CRON[3862]: (CRON) info (No MTA installed, discarding output)
Aug 27 06:25:02 ks3309528 /USR/SBIN/CRON[3864]: (CRON) info (No MTA installed, discarding output)
Aug 27 06:26:01 ks3309528 /USR/SBIN/CRON[4102]: (root) CMD (/usr/local/rtm/bin/rtm 11 > /dev/null 2> /dev/null)
Aug 27 06:26:01 ks3309528 /USR/SBIN/CRON[4103]: (root) CMD (root /usr/local/rtm/bin/rtm 11 > /dev/null 2> /dev/null)
Aug 27 06:26:01 ks3309528 /USR/SBIN/CRON[4101]: (CRON) error (grandchild #4103 failed with exit status 127)
Aug 27 06:27:01 ks3309528 /USR/SBIN/CRON[4149]: (root) CMD (/usr/local/rtm/bin/rtm 11 > /dev/null 2> /dev/null)
Aug 27 06:27:01 ks3309528 /USR/SBIN/CRON[4150]: (root) CMD (root /usr/local/rtm/bin/rtm 11 > /dev/null 2> /dev/null)
Aug 27 06:27:01 ks3309528 /USR/SBIN/CRON[4147]: (CRON) error (grandchild #4150 failed with exit status 127)
Aug 27 06:28:01 ks3309528 /USR/SBIN/CRON[4195]: (root) CMD (/usr/local/rtm/bin/rtm 11 > /dev/null 2> /dev/null)
Aug 27 06:28:01 ks3309528 /USR/SBIN/CRON[4196]: (root) CMD (root /usr/local/rtm/bin/rtm 11 > /dev/null 2> /dev/null)
Aug 27 06:28:01 ks3309528 /USR/SBIN/CRON[4194]: (CRON) error (grandchild #4196 failed with exit status 127)
Aug 27 06:29:01 ks3309528 /USR/SBIN/CRON[4244]: (root) CMD (root /usr/local/rtm/bin/rtm 11 > /dev/null 2> /dev/null)
Aug 27 06:29:01 ks3309528 /USR/SBIN/CRON[4245]: (root) CMD (/usr/local/rtm/bin/rtm 11 > /dev/null 2> /dev/null)
Aug 27 06:29:01 ks3309528 /USR/SBIN/CRON[4242]: (CRON) error (grandchild #4244 failed with exit status 127)
Aug 27 06:30:01 ks3309528 /USR/SBIN/CRON[4292]: (root) CMD (/usr/local/rtm/bin/rtm 11 > /dev/null 2> /dev/null)
Aug 27 06:30:01 ks3309528 /USR/SBIN/CRON[4291]: (root) CMD (root /usr/local/rtm/bin/rtm 11 > /dev/null 2> /dev/null)
Aug 27 06:30:01 ks3309528 /USR/SBIN/CRON[4289]: (CRON) error (grandchild #4291 failed with exit status 127)
Aug 27 06:31:01 ks3309528 /USR/SBIN/CRON[4338]: (root) CMD (root /usr/local/rtm/bin/rtm 11 > /dev/null 2> /dev/null)
Aug 27 06:31:01 ks3309528 /USR/SBIN/CRON[4339]: (root) CMD (/usr/local/rtm/bin/rtm 11 > /dev/null 2> /dev/null)
Aug 27 06:31:01 ks3309528 /USR/SBIN/CRON[4336]: (CRON) error (grandchild #4338 failed with exit status 127)
Aug 27 06:32:01 ks3309528 /USR/SBIN/CRON[4384]: (root) CMD (/usr/local/rtm/bin/rtm 11 > /dev/null 2> /dev/null)
Aug 27 06:32:01 ks3309528 /USR/SBIN/CRON[4385]: (root) CMD (root /usr/local/rtm/bin/rtm 11 > /dev/null 2> /dev/null)
I wonder if there is a cron job to not running in a vacuum …
I post /var/log/auth.log too :
Aug 27 06:25:02 ks3309528 CRON[3862]: pam_unix(cron:session): session closed for user root
Aug 27 06:25:02 ks3309528 CRON[3864]: pam_unix(cron:session): session closed for user root
Aug 27 06:26:01 ks3309528 CRON[4100]: pam_unix(cron:session): session opened for user root by (uid=0)
Aug 27 06:26:01 ks3309528 CRON[4101]: pam_unix(cron:session): session opened for user root by (uid=0)
Aug 27 06:26:01 ks3309528 CRON[4101]: pam_unix(cron:session): session closed for user root
Aug 27 06:26:01 ks3309528 CRON[4100]: pam_unix(cron:session): session closed for user root
Aug 27 06:27:01 ks3309528 CRON[4146]: pam_unix(cron:session): session opened for user root by (uid=0)
Aug 27 06:27:01 ks3309528 CRON[4147]: pam_unix(cron:session): session opened for user root by (uid=0)
Aug 27 06:27:01 ks3309528 CRON[4147]: pam_unix(cron:session): session closed for user root
Aug 27 06:27:02 ks3309528 CRON[4146]: pam_unix(cron:session): session closed for user root
Aug 27 06:28:01 ks3309528 CRON[4193]: pam_unix(cron:session): session opened for user root by (uid=0)
Aug 27 06:28:01 ks3309528 CRON[4194]: pam_unix(cron:session): session opened for user root by (uid=0)
Aug 27 06:28:01 ks3309528 CRON[4194]: pam_unix(cron:session): session closed for user root
Aug 27 06:28:01 ks3309528 CRON[4193]: pam_unix(cron:session): session closed for user root
Aug 27 06:29:01 ks3309528 CRON[4242]: pam_unix(cron:session): session opened for user root by (uid=0)
Aug 27 06:29:01 ks3309528 CRON[4241]: pam_unix(cron:session): session opened for user root by (uid=0)
Thx for yout help 🙂
EDIT my crontab:
root@ks3309528:~# crontab -l
# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# m h dom mon dow user command
17 * * * * root cd / && run-parts --report /etc/cron.hourly
25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )
47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )
*/1 * * * * root /usr/local/rtm/bin/rtm 11 > /dev/null 2> /dev/null
root@ks3309528:~#
Best Answer
Those lines are reports from the linux daemon "crond" which handle the scheduled tasks to run regularly.
This particular program
/usr/local/rtm/bin/rtm 11is running every minute.The problem is it's running twice from diffrent configurations, and one is faulty. indeed, crond interprets it as a command named "root" instead of using the user "root" to launch the command.
Search for a misformed line in either root's
crontab -loutput or in a file in/etc/cron.d/matching the pattern.There is no reason for this job to be lanched twice so just remove the one that fails (the one including
rootbefore the command)