It appears that the kernel Linode is using was compiled with CONFIG_AUDITSYSCALL disabled while CentOS requires it, causing hourly error messages in /var/log/secure:
crond[7824]: pam_loginuid(crond:session): set_loginuid failed opening loginuid
A good explanation of why can be found here:
http://etbe.coker.com.au/2008/01/16/differences-between-distribution-kernels/
The suggestion in the article above concludes that "The fact that Etch has no user-space support for the auditing features in question (auditing system calls or setting the loginuid) was never a good reason for not enabling this feature (IMHO)."
Therefore, can the next kernel build include CONFIG_AUDIT (basic audit infrastructure) and CONFIG_AUDITSYSCALL (system-call auditing support)?
If not, then in CentOS, people probably need to disable pam_loginuid from PAM for example, comment out all lines in all files in /etc/pam.d such as atd, crond, login, remote, sshd that refer to pam_loginuid.so:
Code:
#session required pam_loginuid.so
Note that running authconfig (or authconfig-tui or authconfig-gtk) overwrites these files and you'll have to comment the lines out again afterward.
FAQ
Search
Members
Register
Login [ Anonymous ]
