Refused user root for service cockpit

capote · November 26, 2020, 10:15am

Hello, I still find a lot of entries for different users (not only root) in /var/log/secure like…

pam_listfile(cockpit:auth): Refused user root for service cockpit

|PRIORITY|1|
| --- | --- |
|SYSLOG_FACILITY|10|
|SYSLOG_IDENTIFIER|cockpit-session|
|_AUDIT_LOGINUID|0|
|_AUDIT_SESSION|2396|
|_BOOT_ID|0a8023d247754ceeb1a23a7cb1c5be6a|
|_CAP_EFFECTIVE|1fffffffff|
|_CMDLINE|/usr/libexec/cockpit-session localhost|
|_COMM|cockpit-session|
|_EXE|/usr/libexec/cockpit-session|
|_GID|0|
|_HOSTNAME|my.server.tld|
|_MACHINE_ID|2c8bd9d4c3174080aefd64eebc3ace1b|
|_PID|6585|
|_SOURCE_REALTIME_TIMESTAMP|1606384500375209|
|_SYSTEMD_CGROUP|/system.slice/cockpit.service|
|_SYSTEMD_SLICE|system.slice|
|_SYSTEMD_UNIT|cockpit.service|
|_TRANSPORT|syslog|
|_UID|0|
|__CURSOR|s=185ce4d03b774a2087d036276fe31941;i=14c9f;b=0a8023d247754ceeb1a23a7cb1c5be6a;m=e779e79a1;t=5b4ff89848357;x=b1d4b5cd473cd150|
|__MONOTONIC_TIMESTAMP|62136416673|
|__REALTIME_TIMESTAMP|1606384500376407|

I can’t see any obvious problems resulting from this, especially since I can log in without any problems.
So, is it a cosmetic error or is something serious in the offing.

Sincerely, Marko

Walter_Palumbo · November 26, 2020, 10:57am

var/log/secure registry all activity where authentication is required