服务器一直显示session opened for user root by (uid=0)

查看日志可以发现：
Feb 9 07:35:01 tonykorn97 crond(pam_unix)[1442]: session opened for user root by (uid=0)
Feb 9 07:35:01 tonykorn97 crond(pam_unix)[1442]: session closed for user root
Feb 9 07:40:01 tonykorn97 crond(pam_unix)[1445]: session opened for user root by (uid=0)
Feb 9 07:40:01 tonykorn97 crond(pam_unix)[1446]: session opened for user root by (uid=0)
Feb 9 07:40:01 tonykorn97 crond(pam_unix)[1445]: session closed for user root
Feb 9 07:40:02 tonykorn97 crond(pam_unix)[1446]: session closed for user root
Feb 9 07:45:01 tonykorn97 crond(pam_unix)[1450]: session opened for user root by (uid=0)
Feb 9 07:45:01 tonykorn97 crond(pam_unix)[1450]: session closed for user root
Feb 9 07:50:01 tonykorn97 crond(pam_unix)[1452]: session opened for user root by (uid=0)
Feb 9 07:50:01 tonykorn97 crond(pam_unix)[1453]: session opened for user root by (uid=0)
Feb 9 07:50:01 tonykorn97 crond(pam_unix)[1452]: session closed for user root
Feb 9 07:50:01 tonykorn97 crond(pam_unix)[1453]: session closed for user root
Feb 9 07:55:01 tonykorn97 crond(pam_unix)[1458]: session opened for user root by (uid=0)
Feb 9 07:55:02 tonykorn97 crond(pam_unix)[1458]: session closed for user root
Feb 9 07:56:40 tonykorn97 sshd(pam_unix)[1463]: session opened for user root by root(uid=0)
Feb 9 07:57:28 tonykorn97 crond: crond shutdown succeeded

关闭crond后就没有这样的日志了。

然后在查看cron日志发现：
Feb 9 07:25:01 tonykorn97 crond[1435]: (root) CMD (/usr/bin/mrtg /etc/mrtg/mrtg.cfg --lock-file /var/lock/mrtg/mrtg_l --confcache-file /var/lib/mrtg/mrtg.ok)
Feb 9 07:30:01 tonykorn97 crond[1438]: (root) CMD (/usr/lib/sa/sa1 1 1)
Feb 9 07:30:01 tonykorn97 crond[1439]: (root) CMD (/usr/bin/mrtg /etc/mrtg/mrtg.cfg --lock-file /var/lock/mrtg/mrtg_l --confcache-file /var/lib/mrtg/mrtg.ok)
Feb 9 07:35:01 tonykorn97 crond[1443]: (root) CMD (/usr/bin/mrtg /etc/mrtg/mrtg.cfg --lock-file /var/lock/mrtg/mrtg_l --confcache-file /var/lib/mrtg/mrtg.ok)
Feb 9 07:40:01 tonykorn97 crond[1447]: (root) CMD (/usr/lib/sa/sa1 1 1)
Feb 9 07:40:01 tonykorn97 crond[1448]: (root) CMD (/usr/bin/mrtg /etc/mrtg/mrtg.cfg --lock-file /var/lock/mrtg/mrtg_l --confcache-file /var/lib/mrtg/mrtg.ok)
Feb 9 07:45:01 tonykorn97 crond[1451]: (root) CMD (/usr/bin/mrtg /etc/mrtg/mrtg.cfg --lock-file /var/lock/mrtg/mrtg_l --confcache-file /var/lib/mrtg/mrtg.ok)
Feb 9 07:50:01 tonykorn97 crond[1454]: (root) CMD (/usr/lib/sa/sa1 1 1)
Feb 9 07:50:01 tonykorn97 crond[1455]: (root) CMD (/usr/bin/mrtg /etc/mrtg/mrtg.cfg --lock-file /var/lock/mrtg/mrtg_l --confcache-file /var/lib/mrtg/mrtg.ok)
Feb 9 07:55:01 tonykorn97 crond[1459]: (root) CMD (/usr/bin/mrtg /etc/mrtg/mrtg.cfg --lock-file /var/lock/mrtg/mrtg_l --confcache-file /var/lib/mrtg/mrtg.ok)

修改/etc/crontab文件
#01 * * * * root run-parts /etc/cron.hourly
#02 4 * * * root run-parts /etc/cron.daily
#22 4 * * 0 root run-parts /etc/cron.weekly
#42 4 1 * * root run-parts /etc/cron.monthly

重新启动crond服务
[root@tonykorn97 etc]# /etc/init.d/crond status
crond is stopped
[root@tonykorn97 etc]# /etc/init.d/crond start
Starting crond: [ OK ]
[root@tonykorn97 etc]# /etc/init.d/crond status
crond (pid 7358) is running...
[root@tonykorn97 etc]#

查看还是有这样的信息：

在/etc/cron.d目录下面可以看到下面的信息：
[root@tonykorn97 cron.d]# ls -al
total 40
drwxr-xr-x 2 root root 4096 Feb 12 14:16 .
drwxr-xr-x 82 root root 12288 Feb 12 12:40 ..
-rw-r--r-- 1 root root 123 Aug 17 2004 mrtg
-rw-r--r-- 1 root root 188 Feb 1 2006 sysstat
[root@tonykorn97 cron.d]# cat sysstat
# run system activity accounting tool every 10 minutes
*/10 * * * * root /usr/lib/sa/sa1 1 1
# generate a daily summary of process accounting at 23:53
53 23 * * * root /usr/lib/sa/sa2 -A

[root@tonykorn97 cron.d]# cat mrtg
*/5 * * * * root /usr/bin/mrtg /etc/mrtg/mrtg.cfg --lock-file /var/lock/mrtg/mrtg_l --confcache-file /var/lib/mrtg/mrtg.ok
[root@tonykorn97 cron.d]#

禁止运行这些命令。

来自 “ ITPUB博客 ” ，链接：http://blog.itpub.net/312079/viewspace-245612/，如需转载，请注明出处，否则将追究法律责任。