Unification and cleanup of syslog log levels.

* libpam/pam_handlers.c: Make memory allocation failures LOG_CRIT.
* libpam/pam_modutil_priv.c: Make memory allocation failures LOG_CRIT.
* modules/pam_echo/pam_echo.c: Make memory allocation failures LOG_CRIT.
* modules/pam_env/pam_env.c: Make memory allocation failures LOG_CRIT.
* modules/pam_exec/pam_exec.c: Make memory allocation failures LOG_CRIT.
* modules/pam_filter/pam_filter.c: Make all non-memory call errors LOG_ERR.
* modules/pam_group/pam_group.c: Make memory allocation failures LOG_CRIT.
* modules/pam_issue/pam_issue.c: Make memory allocation failures LOG_CRIT.
* modules/pam_lastlog/pam_lastlog.c: The lastlog file creation is syslogged
  with LOG_NOTICE, memory allocation errors with LOG_CRIT, other errors
  with LOG_ERR.
* modules/pam_limits/pam_limits.c: User login limit messages are syslogged
  with LOG_NOTICE, stale utmp entry with LOG_INFO, non-memory errors with
  LOG_ERR.
* modules/pam_listfile/pam_listfile.c: Rejection of user is syslogged
  with LOG_NOTICE.
* modules/pam_namespace/pam_namespace.c: Make memory allocation failures
  LOG_CRIT.
* modules/pam_nologin/pam_nologin.c: Make memory allocation failures
  LOG_CRIT, other errors LOG_ERR.
* modules/pam_securetty/pam_securetty.c: Rejection of access is syslogged
  with LOG_NOTICE, non-memory errors with LOG_ERR.
* modules/pam_selinux/pam_selinux.c: Make memory allocation failures LOG_CRIT.
* modules/pam_succeed_if/pam_succeed_if.c: Make all non-memory call errors
  LOG_ERR.
* modules/pam_time/pam_time.c: Make memory allocation failures LOG_CRIT.
* modules/pam_timestamp/pam_timestamp.c: Make memory allocation failures
  LOG_CRIT.
* modules/pam_unix/pam_unix_acct.c: Make all non-memory call errors LOG_ERR.
* modules/pam_unix/pam_unix_passwd.c: Make memory allocation failures LOG_CRIT,
  other errors LOG_ERR.
* modules/pam_unix/pam_unix_sess.c: Make all non-memory call errors LOG_ERR.
* modules/pam_unix/passverify.c: Unknown user is syslogged with LOG_NOTICE.
* modules/pam_unix/support.c: Unknown user is syslogged with LOG_NOTICE and
  max retries ignorance by application likewise.
* modules/pam_unix/unix_chkpwd.c: Make all non-memory call errors LOG_ERR.
* modules/pam_userdb/pam_userdb.c: Password authentication error is syslogged
  with LOG_NOTICE.
* modules/pam_xauth/pam_xauth.c: Make memory allocation failures LOG_CRIT.

6 files changed, 11 insertions, 11 deletions

diff --git a/modules/pam_unix/pam_unix_acct.c b/modules/pam_unix/pam_unix_acct.c
index 782d84ac..88331149 100644
--- a/modules/pam_unix/pam_unix_acct.c
+++ b/modules/pam_unix/pam_unix_acct.c
@@ -201,7 +201,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
 	uname = void_uname;
 	D(("user = `%s'", uname));
 	if (retval != PAM_SUCCESS || uname == NULL) {
-		pam_syslog(pamh, LOG_ALERT,
+		pam_syslog(pamh, LOG_ERR,
 			 "could not identify user (from uid=%lu)",
 			 (unsigned long int)getuid());
 		return PAM_USER_UNKNOWN;
@@ -209,7 +209,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
 
 	retval = get_account_info(pamh, uname, &pwent, &spent);
 	if (retval == PAM_USER_UNKNOWN) {
-		pam_syslog(pamh, LOG_ALERT,
+		pam_syslog(pamh, LOG_ERR,
 			 "could not identify user (from getpwnam(%s))",
 			 uname);
 		return retval;
diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c
index c2e43423..9fdebefb 100644
--- a/modules/pam_unix/pam_unix_passwd.c
+++ b/modules/pam_unix/pam_unix_passwd.c
@@ -774,7 +774,7 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv)
 
 			if (retval != PAM_SUCCESS) {
 				if (on(UNIX_DEBUG, ctrl)) {
-					pam_syslog(pamh, LOG_ALERT,
+					pam_syslog(pamh, LOG_ERR,
 						 "password - new password not obtained");
 				}
 				pass_old = NULL;	/* tidy up */
@@ -864,7 +864,7 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv)
 		_pam_delete(tpass);
 		pass_old = pass_new = NULL;
 	} else {		/* something has broken with the module */
-		pam_syslog(pamh, LOG_ALERT,
+		pam_syslog(pamh, LOG_CRIT,
 		         "password received unknown request");
 		retval = PAM_ABORT;
 	}
diff --git a/modules/pam_unix/pam_unix_sess.c b/modules/pam_unix/pam_unix_sess.c
index dbc62983..03e7dcd9 100644
--- a/modules/pam_unix/pam_unix_sess.c
+++ b/modules/pam_unix/pam_unix_sess.c
@@ -77,7 +77,7 @@ pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
 
 	retval = pam_get_item(pamh, PAM_USER, (void *) &user_name);
 	if (user_name == NULL || *user_name == '\0' || retval != PAM_SUCCESS) {
-		pam_syslog(pamh, LOG_CRIT,
+		pam_syslog(pamh, LOG_ERR,
 		         "open_session - error recovering username");
 		return PAM_SESSION_ERR;		/* How did we get authenticated with
 						   no username?! */
@@ -112,7 +112,7 @@ pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
 
 	retval = pam_get_item(pamh, PAM_USER, (void *) &user_name);
 	if (user_name == NULL || *user_name == '\0' || retval != PAM_SUCCESS) {
-		pam_syslog(pamh, LOG_CRIT,
+		pam_syslog(pamh, LOG_ERR,
 		         "close_session - error recovering username");
 		return PAM_SESSION_ERR;		/* How did we get authenticated with
 						   no username?! */
diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c
index 5d6a1484..9c1771e2 100644
--- a/modules/pam_unix/passverify.c
+++ b/modules/pam_unix/passverify.c
@@ -1023,7 +1023,7 @@ helper_verify_password(const char *name, const char *p, int nullok)
 	retval = get_pwd_hash(name, &pwd, &salt);
 
 	if (pwd == NULL || salt == NULL) {
-		helper_log_err(LOG_WARNING, "check pass; user unknown");
+		helper_log_err(LOG_NOTICE, "check pass; user unknown");
 		retval = PAM_USER_UNKNOWN;
 	} else {
 		retval = verify_pwd_hash(p, salt, nullok);
diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c
index fc8595e9..f2e28d35 100644
--- a/modules/pam_unix/support.c
+++ b/modules/pam_unix/support.c
@@ -345,7 +345,7 @@ static void _cleanup_failures(pam_handle_t * pamh, void *fl, int err)
 				);
 
 				if (failure->count > UNIX_MAX_RETRIES) {
-					pam_syslog(pamh, LOG_ALERT,
+					pam_syslog(pamh, LOG_NOTICE,
 						 "service(%s) ignoring max retries; %d > %d",
 						 service == NULL ? "**unknown**" : (const char *)service,
 						 failure->count,
@@ -744,12 +744,12 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name
 			if (on(UNIX_AUDIT, ctrl)) {
 				/* this might be a typo and the user has given a password
 				   instead of a username. Careful with this. */
-				pam_syslog(pamh, LOG_WARNING,
+				pam_syslog(pamh, LOG_NOTICE,
 				         "check pass; user (%s) unknown", name);
 			} else {
 				name = NULL;
 				if (on(UNIX_DEBUG, ctrl) || pwd == NULL) {
-				    pam_syslog(pamh, LOG_WARNING,
+				    pam_syslog(pamh, LOG_NOTICE,
 				            "check pass; user unknown");
 				} else {
 				    /* don't log failure as another pam module can succeed */
diff --git a/modules/pam_unix/unix_chkpwd.c b/modules/pam_unix/unix_chkpwd.c
index 61675ed2..39c84dbf 100644
--- a/modules/pam_unix/unix_chkpwd.c
+++ b/modules/pam_unix/unix_chkpwd.c
@@ -43,7 +43,7 @@ static int _check_expiry(const char *uname)
 
 	retval = get_account_info(uname, &pwent, &spent);
 	if (retval != PAM_SUCCESS) {
-		helper_log_err(LOG_ALERT, "could not obtain user info (%s)", uname);
+		helper_log_err(LOG_ERR, "could not obtain user info (%s)", uname);
 		printf("-1\n");
 		return retval;
 	}