Feb 9 12:31:25.557656 kernel: microcode: microcode updated early to revision 0xf4, date = 2022-07-31 Feb 9 12:31:25.557669 kernel: Linux version 5.15.148-flatcar (build@pony-truck.infra.kinvolk.io) (x86_64-cros-linux-gnu-gcc (Gentoo Hardened 11.3.1_p20221209 p3) 11.3.1 20221209, GNU ld (Gentoo 2.39 p5) 2.39.0) #1 SMP Thu Feb 8 21:14:17 -00 2024 Feb 9 12:31:25.557676 kernel: Command line: BOOT_IMAGE=/flatcar/vmlinuz-a mount.usr=/dev/mapper/usr verity.usr=PARTUUID=7130c94a-213a-4e5a-8e26-6cce9662f132 rootflags=rw mount.usrflags=ro consoleblank=0 root=LABEL=ROOT console=tty0 console=ttyS1,115200n8 flatcar.first_boot=detected flatcar.oem.id=packet flatcar.autologin verity.usrhash=ae7db544026ede4699ee2036449b75950d3fb7929b25a6731d0ad396f1aa37c9 Feb 9 12:31:25.557680 kernel: BIOS-provided physical RAM map: Feb 9 12:31:25.557684 kernel: BIOS-e820: [mem 0x0000000000000000-0x00000000000997ff] usable Feb 9 12:31:25.557687 kernel: BIOS-e820: [mem 0x0000000000099800-0x000000000009ffff] reserved Feb 9 12:31:25.557692 kernel: BIOS-e820: [mem 0x00000000000e0000-0x00000000000fffff] reserved Feb 9 12:31:25.557696 kernel: BIOS-e820: [mem 0x0000000000100000-0x000000003fffffff] usable Feb 9 12:31:25.557700 kernel: BIOS-e820: [mem 0x0000000040000000-0x00000000403fffff] reserved Feb 9 12:31:25.557704 kernel: BIOS-e820: [mem 0x0000000040400000-0x0000000061f6efff] usable Feb 9 12:31:25.557708 kernel: BIOS-e820: [mem 0x0000000061f6f000-0x0000000061f6ffff] ACPI NVS Feb 9 12:31:25.557712 kernel: BIOS-e820: [mem 0x0000000061f70000-0x0000000061f70fff] reserved Feb 9 12:31:25.557715 kernel: BIOS-e820: [mem 0x0000000061f71000-0x000000006c0c4fff] usable Feb 9 12:31:25.557719 kernel: BIOS-e820: [mem 0x000000006c0c5000-0x000000006d1a7fff] reserved Feb 9 12:31:25.557724 kernel: BIOS-e820: [mem 0x000000006d1a8000-0x000000006d330fff] usable Feb 9 12:31:25.557729 kernel: BIOS-e820: [mem 0x000000006d331000-0x000000006d762fff] ACPI NVS Feb 9 12:31:25.557734 kernel: BIOS-e820: [mem 0x000000006d763000-0x000000006fffefff] reserved Feb 9 12:31:25.557738 kernel: BIOS-e820: [mem 0x000000006ffff000-0x000000006fffffff] usable Feb 9 12:31:25.557742 kernel: BIOS-e820: [mem 0x0000000070000000-0x000000007b7fffff] reserved Feb 9 12:31:25.557746 kernel: BIOS-e820: [mem 0x00000000e0000000-0x00000000efffffff] reserved Feb 9 12:31:25.557750 kernel: BIOS-e820: [mem 0x00000000fe000000-0x00000000fe010fff] reserved Feb 9 12:31:25.557755 kernel: BIOS-e820: [mem 0x00000000fec00000-0x00000000fec00fff] reserved Feb 9 12:31:25.557759 kernel: BIOS-e820: [mem 0x00000000fee00000-0x00000000fee00fff] reserved Feb 9 12:31:25.557763 kernel: BIOS-e820: [mem 0x00000000ff000000-0x00000000ffffffff] reserved Feb 9 12:31:25.557767 kernel: BIOS-e820: [mem 0x0000000100000000-0x00000008837fffff] usable Feb 9 12:31:25.557772 kernel: NX (Execute Disable) protection: active Feb 9 12:31:25.557776 kernel: SMBIOS 3.2.1 present. Feb 9 12:31:25.557780 kernel: DMI: Supermicro PIO-519C-MR-PH004/X11SCH-F, BIOS 1.5 11/17/2020 Feb 9 12:31:25.557784 kernel: tsc: Detected 3400.000 MHz processor Feb 9 12:31:25.557789 kernel: tsc: Detected 3399.906 MHz TSC Feb 9 12:31:25.557793 kernel: e820: update [mem 0x00000000-0x00000fff] usable ==> reserved Feb 9 12:31:25.557798 kernel: e820: remove [mem 0x000a0000-0x000fffff] usable Feb 9 12:31:25.557802 kernel: last_pfn = 0x883800 max_arch_pfn = 0x400000000 Feb 9 12:31:25.557806 kernel: x86/PAT: Configuration [0-7]: WB WC UC- UC WB WP UC- WT Feb 9 12:31:25.557811 kernel: last_pfn = 0x70000 max_arch_pfn = 0x400000000 Feb 9 12:31:25.557815 kernel: Using GB pages for direct mapping Feb 9 12:31:25.557820 kernel: ACPI: Early table checksum verification disabled Feb 9 12:31:25.557825 kernel: ACPI: RSDP 0x00000000000F05B0 000024 (v02 SUPERM) Feb 9 12:31:25.557829 kernel: ACPI: XSDT 0x000000006D6440C8 00010C (v01 SUPERM SUPERM 01072009 AMI 00010013) Feb 9 12:31:25.557833 kernel: ACPI: FACP 0x000000006D680620 000114 (v06 01072009 AMI 00010013) Feb 9 12:31:25.557840 kernel: ACPI: DSDT 0x000000006D644268 03C3B7 (v02 SUPERM SMCI--MB 01072009 INTL 20160527) Feb 9 12:31:25.557844 kernel: ACPI: FACS 0x000000006D762F80 000040 Feb 9 12:31:25.557850 kernel: ACPI: APIC 0x000000006D680738 00012C (v04 01072009 AMI 00010013) Feb 9 12:31:25.557854 kernel: ACPI: FPDT 0x000000006D680868 000044 (v01 01072009 AMI 00010013) Feb 9 12:31:25.557859 kernel: ACPI: FIDT 0x000000006D6808B0 00009C (v01 SUPERM SMCI--MB 01072009 AMI 00010013) Feb 9 12:31:25.557864 kernel: ACPI: MCFG 0x000000006D680950 00003C (v01 SUPERM SMCI--MB 01072009 MSFT 00000097) Feb 9 12:31:25.557869 kernel: ACPI: SPMI 0x000000006D680990 000041 (v05 SUPERM SMCI--MB 00000000 AMI. 00000000) Feb 9 12:31:25.557873 kernel: ACPI: SSDT 0x000000006D6809D8 001B1C (v02 CpuRef CpuSsdt 00003000 INTL 20160527) Feb 9 12:31:25.557878 kernel: ACPI: SSDT 0x000000006D6824F8 0031C6 (v02 SaSsdt SaSsdt 00003000 INTL 20160527) Feb 9 12:31:25.557883 kernel: ACPI: SSDT 0x000000006D6856C0 00232B (v02 PegSsd PegSsdt 00001000 INTL 20160527) Feb 9 12:31:25.557888 kernel: ACPI: HPET 0x000000006D6879F0 000038 (v01 SUPERM SMCI--MB 00000002 01000013) Feb 9 12:31:25.557893 kernel: ACPI: SSDT 0x000000006D687A28 000FAE (v02 SUPERM Ther_Rvp 00001000 INTL 20160527) Feb 9 12:31:25.557898 kernel: ACPI: SSDT 0x000000006D6889D8 0008F7 (v02 INTEL xh_mossb 00000000 INTL 20160527) Feb 9 12:31:25.557902 kernel: ACPI: UEFI 0x000000006D6892D0 000042 (v01 SUPERM SMCI--MB 00000002 01000013) Feb 9 12:31:25.557907 kernel: ACPI: LPIT 0x000000006D689318 000094 (v01 SUPERM SMCI--MB 00000002 01000013) Feb 9 12:31:25.557912 kernel: ACPI: SSDT 0x000000006D6893B0 0027DE (v02 SUPERM PtidDevc 00001000 INTL 20160527) Feb 9 12:31:25.557916 kernel: ACPI: SSDT 0x000000006D68BB90 0014E2 (v02 SUPERM TbtTypeC 00000000 INTL 20160527) Feb 9 12:31:25.557921 kernel: ACPI: DBGP 0x000000006D68D078 000034 (v01 SUPERM SMCI--MB 00000002 01000013) Feb 9 12:31:25.557926 kernel: ACPI: DBG2 0x000000006D68D0B0 000054 (v00 SUPERM SMCI--MB 00000002 01000013) Feb 9 12:31:25.557931 kernel: ACPI: SSDT 0x000000006D68D108 001B67 (v02 SUPERM UsbCTabl 00001000 INTL 20160527) Feb 9 12:31:25.557936 kernel: ACPI: DMAR 0x000000006D68EC70 0000A8 (v01 INTEL EDK2 00000002 01000013) Feb 9 12:31:25.557940 kernel: ACPI: SSDT 0x000000006D68ED18 000144 (v02 Intel ADebTabl 00001000 INTL 20160527) Feb 9 12:31:25.557945 kernel: ACPI: TPM2 0x000000006D68EE60 000034 (v04 SUPERM SMCI--MB 00000001 AMI 00000000) Feb 9 12:31:25.557950 kernel: ACPI: SSDT 0x000000006D68EE98 000D8F (v02 INTEL SpsNm 00000002 INTL 20160527) Feb 9 12:31:25.557955 kernel: ACPI: WSMT 0x000000006D68FC28 000028 (v01 \xf0a 01072009 AMI 00010013) Feb 9 12:31:25.557960 kernel: ACPI: EINJ 0x000000006D68FC50 000130 (v01 AMI AMI.EINJ 00000000 AMI. 00000000) Feb 9 12:31:25.557966 kernel: ACPI: ERST 0x000000006D68FD80 000230 (v01 AMIER AMI.ERST 00000000 AMI. 00000000) Feb 9 12:31:25.557970 kernel: ACPI: BERT 0x000000006D68FFB0 000030 (v01 AMI AMI.BERT 00000000 AMI. 00000000) Feb 9 12:31:25.557975 kernel: ACPI: HEST 0x000000006D68FFE0 00027C (v01 AMI AMI.HEST 00000000 AMI. 00000000) Feb 9 12:31:25.557980 kernel: ACPI: SSDT 0x000000006D690260 000162 (v01 SUPERM SMCCDN 00000000 INTL 20181221) Feb 9 12:31:25.557984 kernel: ACPI: Reserving FACP table memory at [mem 0x6d680620-0x6d680733] Feb 9 12:31:25.557989 kernel: ACPI: Reserving DSDT table memory at [mem 0x6d644268-0x6d68061e] Feb 9 12:31:25.557994 kernel: ACPI: Reserving FACS table memory at [mem 0x6d762f80-0x6d762fbf] Feb 9 12:31:25.557999 kernel: ACPI: Reserving APIC table memory at [mem 0x6d680738-0x6d680863] Feb 9 12:31:25.558003 kernel: ACPI: Reserving FPDT table memory at [mem 0x6d680868-0x6d6808ab] Feb 9 12:31:25.558009 kernel: ACPI: Reserving FIDT table memory at [mem 0x6d6808b0-0x6d68094b] Feb 9 12:31:25.558013 kernel: ACPI: Reserving MCFG table memory at [mem 0x6d680950-0x6d68098b] Feb 9 12:31:25.558018 kernel: ACPI: Reserving SPMI table memory at [mem 0x6d680990-0x6d6809d0] Feb 9 12:31:25.558023 kernel: ACPI: Reserving SSDT table memory at [mem 0x6d6809d8-0x6d6824f3] Feb 9 12:31:25.558027 kernel: ACPI: Reserving SSDT table memory at [mem 0x6d6824f8-0x6d6856bd] Feb 9 12:31:25.558032 kernel: ACPI: Reserving SSDT table memory at [mem 0x6d6856c0-0x6d6879ea] Feb 9 12:31:25.558036 kernel: ACPI: Reserving HPET table memory at [mem 0x6d6879f0-0x6d687a27] Feb 9 12:31:25.558041 kernel: ACPI: Reserving SSDT table memory at [mem 0x6d687a28-0x6d6889d5] Feb 9 12:31:25.558046 kernel: ACPI: Reserving SSDT table memory at [mem 0x6d6889d8-0x6d6892ce] Feb 9 12:31:25.558051 kernel: ACPI: Reserving UEFI table memory at [mem 0x6d6892d0-0x6d689311] Feb 9 12:31:25.558056 kernel: ACPI: Reserving LPIT table memory at [mem 0x6d689318-0x6d6893ab] Feb 9 12:31:25.558060 kernel: ACPI: Reserving SSDT table memory at [mem 0x6d6893b0-0x6d68bb8d] Feb 9 12:31:25.558065 kernel: ACPI: Reserving SSDT table memory at [mem 0x6d68bb90-0x6d68d071] Feb 9 12:31:25.558070 kernel: ACPI: Reserving DBGP table memory at [mem 0x6d68d078-0x6d68d0ab] Feb 9 12:31:25.558074 kernel: ACPI: Reserving DBG2 table memory at [mem 0x6d68d0b0-0x6d68d103] Feb 9 12:31:25.558079 kernel: ACPI: Reserving SSDT table memory at [mem 0x6d68d108-0x6d68ec6e] Feb 9 12:31:25.558084 kernel: ACPI: Reserving DMAR table memory at [mem 0x6d68ec70-0x6d68ed17] Feb 9 12:31:25.558088 kernel: ACPI: Reserving SSDT table memory at [mem 0x6d68ed18-0x6d68ee5b] Feb 9 12:31:25.558094 kernel: ACPI: Reserving TPM2 table memory at [mem 0x6d68ee60-0x6d68ee93] Feb 9 12:31:25.558098 kernel: ACPI: Reserving SSDT table memory at [mem 0x6d68ee98-0x6d68fc26] Feb 9 12:31:25.558103 kernel: ACPI: Reserving WSMT table memory at [mem 0x6d68fc28-0x6d68fc4f] Feb 9 12:31:25.558108 kernel: ACPI: Reserving EINJ table memory at [mem 0x6d68fc50-0x6d68fd7f] Feb 9 12:31:25.558112 kernel: ACPI: Reserving ERST table memory at [mem 0x6d68fd80-0x6d68ffaf] Feb 9 12:31:25.558117 kernel: ACPI: Reserving BERT table memory at [mem 0x6d68ffb0-0x6d68ffdf] Feb 9 12:31:25.558122 kernel: ACPI: Reserving HEST table memory at [mem 0x6d68ffe0-0x6d69025b] Feb 9 12:31:25.558126 kernel: ACPI: Reserving SSDT table memory at [mem 0x6d690260-0x6d6903c1] Feb 9 12:31:25.558131 kernel: No NUMA configuration found Feb 9 12:31:25.558136 kernel: Faking a node at [mem 0x0000000000000000-0x00000008837fffff] Feb 9 12:31:25.558141 kernel: NODE_DATA(0) allocated [mem 0x8837fa000-0x8837fffff] Feb 9 12:31:25.558146 kernel: Zone ranges: Feb 9 12:31:25.558150 kernel: DMA [mem 0x0000000000001000-0x0000000000ffffff] Feb 9 12:31:25.558155 kernel: DMA32 [mem 0x0000000001000000-0x00000000ffffffff] Feb 9 12:31:25.558160 kernel: Normal [mem 0x0000000100000000-0x00000008837fffff] Feb 9 12:31:25.558165 kernel: Movable zone start for each node Feb 9 12:31:25.558169 kernel: Early memory node ranges Feb 9 12:31:25.558174 kernel: node 0: [mem 0x0000000000001000-0x0000000000098fff] Feb 9 12:31:25.558179 kernel: node 0: [mem 0x0000000000100000-0x000000003fffffff] Feb 9 12:31:25.558184 kernel: node 0: [mem 0x0000000040400000-0x0000000061f6efff] Feb 9 12:31:25.558189 kernel: node 0: [mem 0x0000000061f71000-0x000000006c0c4fff] Feb 9 12:31:25.558193 kernel: node 0: [mem 0x000000006d1a8000-0x000000006d330fff] Feb 9 12:31:25.558198 kernel: node 0: [mem 0x000000006ffff000-0x000000006fffffff] Feb 9 12:31:25.558203 kernel: node 0: [mem 0x0000000100000000-0x00000008837fffff] Feb 9 12:31:25.558207 kernel: Initmem setup node 0 [mem 0x0000000000001000-0x00000008837fffff] Feb 9 12:31:25.558216 kernel: On node 0, zone DMA: 1 pages in unavailable ranges Feb 9 12:31:25.558221 kernel: On node 0, zone DMA: 103 pages in unavailable ranges Feb 9 12:31:25.558226 kernel: On node 0, zone DMA32: 1024 pages in unavailable ranges Feb 9 12:31:25.558231 kernel: On node 0, zone DMA32: 2 pages in unavailable ranges Feb 9 12:31:25.558237 kernel: On node 0, zone DMA32: 4323 pages in unavailable ranges Feb 9 12:31:25.558242 kernel: On node 0, zone DMA32: 11470 pages in unavailable ranges Feb 9 12:31:25.558247 kernel: On node 0, zone Normal: 18432 pages in unavailable ranges Feb 9 12:31:25.558252 kernel: ACPI: PM-Timer IO Port: 0x1808 Feb 9 12:31:25.558257 kernel: ACPI: LAPIC_NMI (acpi_id[0x01] high edge lint[0x1]) Feb 9 12:31:25.558262 kernel: ACPI: LAPIC_NMI (acpi_id[0x02] high edge lint[0x1]) Feb 9 12:31:25.558268 kernel: ACPI: LAPIC_NMI (acpi_id[0x03] high edge lint[0x1]) Feb 9 12:31:25.558273 kernel: ACPI: LAPIC_NMI (acpi_id[0x04] high edge lint[0x1]) Feb 9 12:31:25.558278 kernel: ACPI: LAPIC_NMI (acpi_id[0x05] high edge lint[0x1]) Feb 9 12:31:25.558283 kernel: ACPI: LAPIC_NMI (acpi_id[0x06] high edge lint[0x1]) Feb 9 12:31:25.558288 kernel: ACPI: LAPIC_NMI (acpi_id[0x07] high edge lint[0x1]) Feb 9 12:31:25.558293 kernel: ACPI: LAPIC_NMI (acpi_id[0x08] high edge lint[0x1]) Feb 9 12:31:25.558298 kernel: ACPI: LAPIC_NMI (acpi_id[0x09] high edge lint[0x1]) Feb 9 12:31:25.558303 kernel: ACPI: LAPIC_NMI (acpi_id[0x0a] high edge lint[0x1]) Feb 9 12:31:25.558308 kernel: ACPI: LAPIC_NMI (acpi_id[0x0b] high edge lint[0x1]) Feb 9 12:31:25.558314 kernel: ACPI: LAPIC_NMI (acpi_id[0x0c] high edge lint[0x1]) Feb 9 12:31:25.558319 kernel: ACPI: LAPIC_NMI (acpi_id[0x0d] high edge lint[0x1]) Feb 9 12:31:25.558324 kernel: ACPI: LAPIC_NMI (acpi_id[0x0e] high edge lint[0x1]) Feb 9 12:31:25.558329 kernel: ACPI: LAPIC_NMI (acpi_id[0x0f] high edge lint[0x1]) Feb 9 12:31:25.558334 kernel: ACPI: LAPIC_NMI (acpi_id[0x10] high edge lint[0x1]) Feb 9 12:31:25.558339 kernel: IOAPIC[0]: apic_id 2, version 32, address 0xfec00000, GSI 0-119 Feb 9 12:31:25.558344 kernel: ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl) Feb 9 12:31:25.558349 kernel: ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level) Feb 9 12:31:25.558354 kernel: ACPI: Using ACPI (MADT) for SMP configuration information Feb 9 12:31:25.558360 kernel: ACPI: HPET id: 0x8086a201 base: 0xfed00000 Feb 9 12:31:25.558365 kernel: TSC deadline timer available Feb 9 12:31:25.558370 kernel: smpboot: Allowing 16 CPUs, 0 hotplug CPUs Feb 9 12:31:25.558375 kernel: [mem 0x7b800000-0xdfffffff] available for PCI devices Feb 9 12:31:25.558380 kernel: Booting paravirtualized kernel on bare hardware Feb 9 12:31:25.558385 kernel: clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1910969940391419 ns Feb 9 12:31:25.558390 kernel: setup_percpu: NR_CPUS:512 nr_cpumask_bits:512 nr_cpu_ids:16 nr_node_ids:1 Feb 9 12:31:25.558395 kernel: percpu: Embedded 55 pages/cpu s185624 r8192 d31464 u262144 Feb 9 12:31:25.558400 kernel: pcpu-alloc: s185624 r8192 d31464 u262144 alloc=1*2097152 Feb 9 12:31:25.558406 kernel: pcpu-alloc: [0] 00 01 02 03 04 05 06 07 [0] 08 09 10 11 12 13 14 15 Feb 9 12:31:25.558411 kernel: Built 1 zonelists, mobility grouping on. Total pages: 8190323 Feb 9 12:31:25.558416 kernel: Policy zone: Normal Feb 9 12:31:25.558422 kernel: Kernel command line: rootflags=rw mount.usrflags=ro BOOT_IMAGE=/flatcar/vmlinuz-a mount.usr=/dev/mapper/usr verity.usr=PARTUUID=7130c94a-213a-4e5a-8e26-6cce9662f132 rootflags=rw mount.usrflags=ro consoleblank=0 root=LABEL=ROOT console=tty0 console=ttyS1,115200n8 flatcar.first_boot=detected flatcar.oem.id=packet flatcar.autologin verity.usrhash=ae7db544026ede4699ee2036449b75950d3fb7929b25a6731d0ad396f1aa37c9 Feb 9 12:31:25.558427 kernel: Unknown kernel command line parameters "BOOT_IMAGE=/flatcar/vmlinuz-a", will be passed to user space. Feb 9 12:31:25.558432 kernel: Dentry cache hash table entries: 4194304 (order: 13, 33554432 bytes, linear) Feb 9 12:31:25.558437 kernel: Inode-cache hash table entries: 2097152 (order: 12, 16777216 bytes, linear) Feb 9 12:31:25.558442 kernel: mem auto-init: stack:off, heap alloc:off, heap free:off Feb 9 12:31:25.558448 kernel: Memory: 32555728K/33281940K available (12294K kernel code, 2275K rwdata, 13700K rodata, 45496K init, 4048K bss, 725952K reserved, 0K cma-reserved) Feb 9 12:31:25.558453 kernel: SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=16, Nodes=1 Feb 9 12:31:25.558458 kernel: ftrace: allocating 34475 entries in 135 pages Feb 9 12:31:25.558463 kernel: ftrace: allocated 135 pages with 4 groups Feb 9 12:31:25.558468 kernel: rcu: Hierarchical RCU implementation. Feb 9 12:31:25.558473 kernel: rcu: RCU event tracing is enabled. Feb 9 12:31:25.558479 kernel: rcu: RCU restricting CPUs from NR_CPUS=512 to nr_cpu_ids=16. Feb 9 12:31:25.558484 kernel: Rude variant of Tasks RCU enabled. Feb 9 12:31:25.558489 kernel: Tracing variant of Tasks RCU enabled. Feb 9 12:31:25.558495 kernel: rcu: RCU calculated value of scheduler-enlistment delay is 100 jiffies. Feb 9 12:31:25.558500 kernel: rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=16 Feb 9 12:31:25.558505 kernel: NR_IRQS: 33024, nr_irqs: 2184, preallocated irqs: 16 Feb 9 12:31:25.558510 kernel: random: crng init done Feb 9 12:31:25.558515 kernel: Console: colour dummy device 80x25 Feb 9 12:31:25.558520 kernel: printk: console [tty0] enabled Feb 9 12:31:25.558525 kernel: printk: console [ttyS1] enabled Feb 9 12:31:25.558532 kernel: ACPI: Core revision 20210730 Feb 9 12:31:25.558557 kernel: clocksource: hpet: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 79635855245 ns Feb 9 12:31:25.558563 kernel: APIC: Switch to symmetric I/O mode setup Feb 9 12:31:25.558568 kernel: DMAR: Host address width 39 Feb 9 12:31:25.558573 kernel: DMAR: DRHD base: 0x000000fed90000 flags: 0x0 Feb 9 12:31:25.558592 kernel: DMAR: dmar0: reg_base_addr fed90000 ver 1:0 cap 1c0000c40660462 ecap 19e2ff0505e Feb 9 12:31:25.558597 kernel: DMAR: DRHD base: 0x000000fed91000 flags: 0x1 Feb 9 12:31:25.558602 kernel: DMAR: dmar1: reg_base_addr fed91000 ver 1:0 cap d2008c40660462 ecap f050da Feb 9 12:31:25.558607 kernel: DMAR: RMRR base: 0x0000006e011000 end: 0x0000006e25afff Feb 9 12:31:25.558612 kernel: DMAR: RMRR base: 0x00000079000000 end: 0x0000007b7fffff Feb 9 12:31:25.558617 kernel: DMAR-IR: IOAPIC id 2 under DRHD base 0xfed91000 IOMMU 1 Feb 9 12:31:25.558623 kernel: DMAR-IR: HPET id 0 under DRHD base 0xfed91000 Feb 9 12:31:25.558628 kernel: DMAR-IR: Queued invalidation will be enabled to support x2apic and Intr-remapping. Feb 9 12:31:25.558633 kernel: DMAR-IR: Enabled IRQ remapping in x2apic mode Feb 9 12:31:25.558639 kernel: x2apic enabled Feb 9 12:31:25.558644 kernel: Switched APIC routing to cluster x2apic. Feb 9 12:31:25.558649 kernel: ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=-1 pin2=-1 Feb 9 12:31:25.558654 kernel: clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x3101f59f5e6, max_idle_ns: 440795259996 ns Feb 9 12:31:25.558659 kernel: Calibrating delay loop (skipped), value calculated using timer frequency.. 6799.81 BogoMIPS (lpj=3399906) Feb 9 12:31:25.558664 kernel: CPU0: Thermal monitoring enabled (TM1) Feb 9 12:31:25.558670 kernel: process: using mwait in idle threads Feb 9 12:31:25.558675 kernel: Last level iTLB entries: 4KB 64, 2MB 8, 4MB 8 Feb 9 12:31:25.558680 kernel: Last level dTLB entries: 4KB 64, 2MB 0, 4MB 0, 1GB 4 Feb 9 12:31:25.558685 kernel: Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization Feb 9 12:31:25.558690 kernel: Spectre V2 : WARNING: Unprivileged eBPF is enabled with eIBRS on, data leaks possible via Spectre v2 BHB attacks! Feb 9 12:31:25.558695 kernel: Spectre V2 : Mitigation: Enhanced IBRS Feb 9 12:31:25.558700 kernel: Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch Feb 9 12:31:25.558706 kernel: Spectre V2 : Spectre v2 / PBRSB-eIBRS: Retire a single CALL on VMEXIT Feb 9 12:31:25.558711 kernel: RETBleed: Mitigation: Enhanced IBRS Feb 9 12:31:25.558717 kernel: Spectre V2 : mitigation: Enabling conditional Indirect Branch Prediction Barrier Feb 9 12:31:25.558722 kernel: Speculative Store Bypass: Mitigation: Speculative Store Bypass disabled via prctl and seccomp Feb 9 12:31:25.558727 kernel: TAA: Mitigation: TSX disabled Feb 9 12:31:25.558732 kernel: MMIO Stale Data: Mitigation: Clear CPU buffers Feb 9 12:31:25.558737 kernel: SRBDS: Mitigation: Microcode Feb 9 12:31:25.558742 kernel: GDS: Vulnerable: No microcode Feb 9 12:31:25.558747 kernel: x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers' Feb 9 12:31:25.558752 kernel: x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers' Feb 9 12:31:25.558757 kernel: x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers' Feb 9 12:31:25.558763 kernel: x86/fpu: Supporting XSAVE feature 0x008: 'MPX bounds registers' Feb 9 12:31:25.558768 kernel: x86/fpu: Supporting XSAVE feature 0x010: 'MPX CSR' Feb 9 12:31:25.558773 kernel: x86/fpu: xstate_offset[2]: 576, xstate_sizes[2]: 256 Feb 9 12:31:25.558778 kernel: x86/fpu: xstate_offset[3]: 832, xstate_sizes[3]: 64 Feb 9 12:31:25.558783 kernel: x86/fpu: xstate_offset[4]: 896, xstate_sizes[4]: 64 Feb 9 12:31:25.558788 kernel: x86/fpu: Enabled xstate features 0x1f, context size is 960 bytes, using 'compacted' format. Feb 9 12:31:25.558793 kernel: Freeing SMP alternatives memory: 32K Feb 9 12:31:25.558798 kernel: pid_max: default: 32768 minimum: 301 Feb 9 12:31:25.558803 kernel: LSM: Security Framework initializing Feb 9 12:31:25.558809 kernel: SELinux: Initializing. Feb 9 12:31:25.558814 kernel: Mount-cache hash table entries: 65536 (order: 7, 524288 bytes, linear) Feb 9 12:31:25.558819 kernel: Mountpoint-cache hash table entries: 65536 (order: 7, 524288 bytes, linear) Feb 9 12:31:25.558824 kernel: smpboot: Estimated ratio of average max frequency by base frequency (times 1024): 1445 Feb 9 12:31:25.558830 kernel: smpboot: CPU0: Intel(R) Xeon(R) E-2278G CPU @ 3.40GHz (family: 0x6, model: 0x9e, stepping: 0xd) Feb 9 12:31:25.558835 kernel: Performance Events: PEBS fmt3+, Skylake events, 32-deep LBR, full-width counters, Intel PMU driver. Feb 9 12:31:25.558840 kernel: ... version: 4 Feb 9 12:31:25.558845 kernel: ... bit width: 48 Feb 9 12:31:25.558851 kernel: ... generic registers: 4 Feb 9 12:31:25.558856 kernel: ... value mask: 0000ffffffffffff Feb 9 12:31:25.558861 kernel: ... max period: 00007fffffffffff Feb 9 12:31:25.558866 kernel: ... fixed-purpose events: 3 Feb 9 12:31:25.558871 kernel: ... event mask: 000000070000000f Feb 9 12:31:25.558876 kernel: signal: max sigframe size: 2032 Feb 9 12:31:25.558881 kernel: rcu: Hierarchical SRCU implementation. Feb 9 12:31:25.558886 kernel: NMI watchdog: Enabled. Permanently consumes one hw-PMU counter. Feb 9 12:31:25.558891 kernel: smp: Bringing up secondary CPUs ... Feb 9 12:31:25.558896 kernel: x86: Booting SMP configuration: Feb 9 12:31:25.558902 kernel: .... node #0, CPUs: #1 #2 #3 #4 #5 #6 #7 #8 Feb 9 12:31:25.558907 kernel: MMIO Stale Data CPU bug present and SMT on, data leak possible. See https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/processor_mmio_stale_data.html for more details. Feb 9 12:31:25.558912 kernel: #9 #10 #11 #12 #13 #14 #15 Feb 9 12:31:25.558917 kernel: smp: Brought up 1 node, 16 CPUs Feb 9 12:31:25.558922 kernel: smpboot: Max logical packages: 1 Feb 9 12:31:25.558927 kernel: smpboot: Total of 16 processors activated (108796.99 BogoMIPS) Feb 9 12:31:25.558932 kernel: devtmpfs: initialized Feb 9 12:31:25.558937 kernel: x86/mm: Memory block size: 128MB Feb 9 12:31:25.558943 kernel: ACPI: PM: Registering ACPI NVS region [mem 0x61f6f000-0x61f6ffff] (4096 bytes) Feb 9 12:31:25.558948 kernel: ACPI: PM: Registering ACPI NVS region [mem 0x6d331000-0x6d762fff] (4399104 bytes) Feb 9 12:31:25.558953 kernel: clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275000 ns Feb 9 12:31:25.558959 kernel: futex hash table entries: 4096 (order: 6, 262144 bytes, linear) Feb 9 12:31:25.558964 kernel: pinctrl core: initialized pinctrl subsystem Feb 9 12:31:25.558969 kernel: NET: Registered PF_NETLINK/PF_ROUTE protocol family Feb 9 12:31:25.558974 kernel: audit: initializing netlink subsys (disabled) Feb 9 12:31:25.558979 kernel: audit: type=2000 audit(1707481879.110:1): state=initialized audit_enabled=0 res=1 Feb 9 12:31:25.558984 kernel: thermal_sys: Registered thermal governor 'step_wise' Feb 9 12:31:25.558989 kernel: thermal_sys: Registered thermal governor 'user_space' Feb 9 12:31:25.558995 kernel: cpuidle: using governor menu Feb 9 12:31:25.559000 kernel: ACPI: bus type PCI registered Feb 9 12:31:25.559005 kernel: acpiphp: ACPI Hot Plug PCI Controller Driver version: 0.5 Feb 9 12:31:25.559010 kernel: dca service started, version 1.12.1 Feb 9 12:31:25.559015 kernel: PCI: MMCONFIG for domain 0000 [bus 00-ff] at [mem 0xe0000000-0xefffffff] (base 0xe0000000) Feb 9 12:31:25.559020 kernel: PCI: MMCONFIG at [mem 0xe0000000-0xefffffff] reserved in E820 Feb 9 12:31:25.559025 kernel: PCI: Using configuration type 1 for base access Feb 9 12:31:25.559030 kernel: ENERGY_PERF_BIAS: Set to 'normal', was 'performance' Feb 9 12:31:25.559036 kernel: kprobes: kprobe jump-optimization is enabled. All kprobes are optimized if possible. Feb 9 12:31:25.559041 kernel: HugeTLB registered 1.00 GiB page size, pre-allocated 0 pages Feb 9 12:31:25.559046 kernel: HugeTLB registered 2.00 MiB page size, pre-allocated 0 pages Feb 9 12:31:25.559051 kernel: ACPI: Added _OSI(Module Device) Feb 9 12:31:25.559056 kernel: ACPI: Added _OSI(Processor Device) Feb 9 12:31:25.559061 kernel: ACPI: Added _OSI(3.0 _SCP Extensions) Feb 9 12:31:25.559066 kernel: ACPI: Added _OSI(Processor Aggregator Device) Feb 9 12:31:25.559071 kernel: ACPI: Added _OSI(Linux-Dell-Video) Feb 9 12:31:25.559076 kernel: ACPI: Added _OSI(Linux-Lenovo-NV-HDMI-Audio) Feb 9 12:31:25.559082 kernel: ACPI: Added _OSI(Linux-HPI-Hybrid-Graphics) Feb 9 12:31:25.559087 kernel: ACPI: 12 ACPI AML tables successfully acquired and loaded Feb 9 12:31:25.559092 kernel: ACPI: Dynamic OEM Table Load: Feb 9 12:31:25.559097 kernel: ACPI: SSDT 0xFFFF8987C0214700 0000F4 (v02 PmRef Cpu0Psd 00003000 INTL 20160527) Feb 9 12:31:25.559102 kernel: ACPI: \_SB_.PR00: _OSC native thermal LVT Acked Feb 9 12:31:25.559107 kernel: ACPI: Dynamic OEM Table Load: Feb 9 12:31:25.559112 kernel: ACPI: SSDT 0xFFFF8987C1CE8400 000400 (v02 PmRef Cpu0Cst 00003001 INTL 20160527) Feb 9 12:31:25.559118 kernel: ACPI: Dynamic OEM Table Load: Feb 9 12:31:25.559122 kernel: ACPI: SSDT 0xFFFF8987C1C5C000 000683 (v02 PmRef Cpu0Ist 00003000 INTL 20160527) Feb 9 12:31:25.559128 kernel: ACPI: Dynamic OEM Table Load: Feb 9 12:31:25.559133 kernel: ACPI: SSDT 0xFFFF8987C1C5B000 0005FC (v02 PmRef ApIst 00003000 INTL 20160527) Feb 9 12:31:25.559138 kernel: ACPI: Dynamic OEM Table Load: Feb 9 12:31:25.559143 kernel: ACPI: SSDT 0xFFFF8987C014A000 000AB0 (v02 PmRef ApPsd 00003000 INTL 20160527) Feb 9 12:31:25.559148 kernel: ACPI: Dynamic OEM Table Load: Feb 9 12:31:25.559153 kernel: ACPI: SSDT 0xFFFF8987C1CEF800 00030A (v02 PmRef ApCst 00003000 INTL 20160527) Feb 9 12:31:25.559158 kernel: ACPI: Interpreter enabled Feb 9 12:31:25.559163 kernel: ACPI: PM: (supports S0 S5) Feb 9 12:31:25.559168 kernel: ACPI: Using IOAPIC for interrupt routing Feb 9 12:31:25.559173 kernel: HEST: Enabling Firmware First mode for corrected errors. Feb 9 12:31:25.559179 kernel: mce: [Firmware Bug]: Ignoring request to disable invalid MCA bank 14. Feb 9 12:31:25.559184 kernel: HEST: Table parsing has been initialized. Feb 9 12:31:25.559189 kernel: GHES: APEI firmware first mode is enabled by APEI bit and WHEA _OSC. Feb 9 12:31:25.559194 kernel: PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug Feb 9 12:31:25.559199 kernel: ACPI: Enabled 9 GPEs in block 00 to 7F Feb 9 12:31:25.559204 kernel: ACPI: PM: Power Resource [USBC] Feb 9 12:31:25.559209 kernel: ACPI: PM: Power Resource [V0PR] Feb 9 12:31:25.559214 kernel: ACPI: PM: Power Resource [V1PR] Feb 9 12:31:25.559219 kernel: ACPI: PM: Power Resource [V2PR] Feb 9 12:31:25.559225 kernel: ACPI: PM: Power Resource [WRST] Feb 9 12:31:25.559230 kernel: ACPI: [Firmware Bug]: BIOS _OSI(Linux) query ignored Feb 9 12:31:25.559235 kernel: ACPI: PM: Power Resource [FN00] Feb 9 12:31:25.559240 kernel: ACPI: PM: Power Resource [FN01] Feb 9 12:31:25.559245 kernel: ACPI: PM: Power Resource [FN02] Feb 9 12:31:25.559250 kernel: ACPI: PM: Power Resource [FN03] Feb 9 12:31:25.559255 kernel: ACPI: PM: Power Resource [FN04] Feb 9 12:31:25.559260 kernel: ACPI: PM: Power Resource [PIN] Feb 9 12:31:25.559265 kernel: ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-fe]) Feb 9 12:31:25.559329 kernel: acpi PNP0A08:00: _OSC: OS supports [ExtendedConfig ASPM ClockPM Segments MSI HPX-Type3] Feb 9 12:31:25.559374 kernel: acpi PNP0A08:00: _OSC: platform does not support [AER] Feb 9 12:31:25.559414 kernel: acpi PNP0A08:00: _OSC: OS now controls [PCIeHotplug PME PCIeCapability LTR] Feb 9 12:31:25.559421 kernel: PCI host bridge to bus 0000:00 Feb 9 12:31:25.559462 kernel: pci_bus 0000:00: root bus resource [io 0x0000-0x0cf7 window] Feb 9 12:31:25.559498 kernel: pci_bus 0000:00: root bus resource [io 0x0d00-0xffff window] Feb 9 12:31:25.559556 kernel: pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window] Feb 9 12:31:25.559608 kernel: pci_bus 0000:00: root bus resource [mem 0x7b800000-0xdfffffff window] Feb 9 12:31:25.559642 kernel: pci_bus 0000:00: root bus resource [mem 0xfc800000-0xfe7fffff window] Feb 9 12:31:25.559677 kernel: pci_bus 0000:00: root bus resource [bus 00-fe] Feb 9 12:31:25.559726 kernel: pci 0000:00:00.0: [8086:3e31] type 00 class 0x060000 Feb 9 12:31:25.559774 kernel: pci 0000:00:01.0: [8086:1901] type 01 class 0x060400 Feb 9 12:31:25.559816 kernel: pci 0000:00:01.0: PME# supported from D0 D3hot D3cold Feb 9 12:31:25.559864 kernel: pci 0000:00:01.1: [8086:1905] type 01 class 0x060400 Feb 9 12:31:25.559906 kernel: pci 0000:00:01.1: PME# supported from D0 D3hot D3cold Feb 9 12:31:25.559950 kernel: pci 0000:00:02.0: [8086:3e9a] type 00 class 0x038000 Feb 9 12:31:25.559992 kernel: pci 0000:00:02.0: reg 0x10: [mem 0x7c000000-0x7cffffff 64bit] Feb 9 12:31:25.560032 kernel: pci 0000:00:02.0: reg 0x18: [mem 0x80000000-0x8fffffff 64bit pref] Feb 9 12:31:25.560073 kernel: pci 0000:00:02.0: reg 0x20: [io 0x6000-0x603f] Feb 9 12:31:25.560121 kernel: pci 0000:00:08.0: [8086:1911] type 00 class 0x088000 Feb 9 12:31:25.560163 kernel: pci 0000:00:08.0: reg 0x10: [mem 0x7e51f000-0x7e51ffff 64bit] Feb 9 12:31:25.560208 kernel: pci 0000:00:12.0: [8086:a379] type 00 class 0x118000 Feb 9 12:31:25.560249 kernel: pci 0000:00:12.0: reg 0x10: [mem 0x7e51e000-0x7e51efff 64bit] Feb 9 12:31:25.560293 kernel: pci 0000:00:14.0: [8086:a36d] type 00 class 0x0c0330 Feb 9 12:31:25.560333 kernel: pci 0000:00:14.0: reg 0x10: [mem 0x7e500000-0x7e50ffff 64bit] Feb 9 12:31:25.560376 kernel: pci 0000:00:14.0: PME# supported from D3hot D3cold Feb 9 12:31:25.560421 kernel: pci 0000:00:14.2: [8086:a36f] type 00 class 0x050000 Feb 9 12:31:25.560461 kernel: pci 0000:00:14.2: reg 0x10: [mem 0x7e512000-0x7e513fff 64bit] Feb 9 12:31:25.560500 kernel: pci 0000:00:14.2: reg 0x18: [mem 0x7e51d000-0x7e51dfff 64bit] Feb 9 12:31:25.560563 kernel: pci 0000:00:15.0: [8086:a368] type 00 class 0x0c8000 Feb 9 12:31:25.560605 kernel: pci 0000:00:15.0: reg 0x10: [mem 0x00000000-0x00000fff 64bit] Feb 9 12:31:25.560649 kernel: pci 0000:00:15.1: [8086:a369] type 00 class 0x0c8000 Feb 9 12:31:25.560692 kernel: pci 0000:00:15.1: reg 0x10: [mem 0x00000000-0x00000fff 64bit] Feb 9 12:31:25.560736 kernel: pci 0000:00:16.0: [8086:a360] type 00 class 0x078000 Feb 9 12:31:25.560777 kernel: pci 0000:00:16.0: reg 0x10: [mem 0x7e51a000-0x7e51afff 64bit] Feb 9 12:31:25.560820 kernel: pci 0000:00:16.0: PME# supported from D3hot Feb 9 12:31:25.560871 kernel: pci 0000:00:16.1: [8086:a361] type 00 class 0x078000 Feb 9 12:31:25.560913 kernel: pci 0000:00:16.1: reg 0x10: [mem 0x7e519000-0x7e519fff 64bit] Feb 9 12:31:25.560956 kernel: pci 0000:00:16.1: PME# supported from D3hot Feb 9 12:31:25.561000 kernel: pci 0000:00:16.4: [8086:a364] type 00 class 0x078000 Feb 9 12:31:25.561041 kernel: pci 0000:00:16.4: reg 0x10: [mem 0x7e518000-0x7e518fff 64bit] Feb 9 12:31:25.561082 kernel: pci 0000:00:16.4: PME# supported from D3hot Feb 9 12:31:25.561126 kernel: pci 0000:00:17.0: [8086:a352] type 00 class 0x010601 Feb 9 12:31:25.561168 kernel: pci 0000:00:17.0: reg 0x10: [mem 0x7e510000-0x7e511fff] Feb 9 12:31:25.561207 kernel: pci 0000:00:17.0: reg 0x14: [mem 0x7e517000-0x7e5170ff] Feb 9 12:31:25.561250 kernel: pci 0000:00:17.0: reg 0x18: [io 0x6090-0x6097] Feb 9 12:31:25.561290 kernel: pci 0000:00:17.0: reg 0x1c: [io 0x6080-0x6083] Feb 9 12:31:25.561331 kernel: pci 0000:00:17.0: reg 0x20: [io 0x6060-0x607f] Feb 9 12:31:25.561372 kernel: pci 0000:00:17.0: reg 0x24: [mem 0x7e516000-0x7e5167ff] Feb 9 12:31:25.561412 kernel: pci 0000:00:17.0: PME# supported from D3hot Feb 9 12:31:25.561460 kernel: pci 0000:00:1b.0: [8086:a340] type 01 class 0x060400 Feb 9 12:31:25.561504 kernel: pci 0000:00:1b.0: PME# supported from D0 D3hot D3cold Feb 9 12:31:25.561554 kernel: pci 0000:00:1b.4: [8086:a32c] type 01 class 0x060400 Feb 9 12:31:25.561597 kernel: pci 0000:00:1b.4: PME# supported from D0 D3hot D3cold Feb 9 12:31:25.561643 kernel: pci 0000:00:1b.5: [8086:a32d] type 01 class 0x060400 Feb 9 12:31:25.561687 kernel: pci 0000:00:1b.5: PME# supported from D0 D3hot D3cold Feb 9 12:31:25.561732 kernel: pci 0000:00:1c.0: [8086:a338] type 01 class 0x060400 Feb 9 12:31:25.561775 kernel: pci 0000:00:1c.0: PME# supported from D0 D3hot D3cold Feb 9 12:31:25.561819 kernel: pci 0000:00:1c.1: [8086:a339] type 01 class 0x060400 Feb 9 12:31:25.561861 kernel: pci 0000:00:1c.1: PME# supported from D0 D3hot D3cold Feb 9 12:31:25.561907 kernel: pci 0000:00:1e.0: [8086:a328] type 00 class 0x078000 Feb 9 12:31:25.561950 kernel: pci 0000:00:1e.0: reg 0x10: [mem 0x00000000-0x00000fff 64bit] Feb 9 12:31:25.561998 kernel: pci 0000:00:1f.0: [8086:a309] type 00 class 0x060100 Feb 9 12:31:25.562042 kernel: pci 0000:00:1f.4: [8086:a323] type 00 class 0x0c0500 Feb 9 12:31:25.562084 kernel: pci 0000:00:1f.4: reg 0x10: [mem 0x7e514000-0x7e5140ff 64bit] Feb 9 12:31:25.562124 kernel: pci 0000:00:1f.4: reg 0x20: [io 0xefa0-0xefbf] Feb 9 12:31:25.562169 kernel: pci 0000:00:1f.5: [8086:a324] type 00 class 0x0c8000 Feb 9 12:31:25.562210 kernel: pci 0000:00:1f.5: reg 0x10: [mem 0xfe010000-0xfe010fff] Feb 9 12:31:25.562254 kernel: pci 0000:00:01.0: PCI bridge to [bus 01] Feb 9 12:31:25.562303 kernel: pci 0000:02:00.0: [15b3:1015] type 00 class 0x020000 Feb 9 12:31:25.562346 kernel: pci 0000:02:00.0: reg 0x10: [mem 0x92000000-0x93ffffff 64bit pref] Feb 9 12:31:25.562388 kernel: pci 0000:02:00.0: reg 0x30: [mem 0x7e200000-0x7e2fffff pref] Feb 9 12:31:25.562432 kernel: pci 0000:02:00.0: PME# supported from D3cold Feb 9 12:31:25.562474 kernel: pci 0000:02:00.0: reg 0x1a4: [mem 0x00000000-0x000fffff 64bit pref] Feb 9 12:31:25.562517 kernel: pci 0000:02:00.0: VF(n) BAR0 space: [mem 0x00000000-0x007fffff 64bit pref] (contains BAR0 for 8 VFs) Feb 9 12:31:25.562569 kernel: pci 0000:02:00.1: [15b3:1015] type 00 class 0x020000 Feb 9 12:31:25.562612 kernel: pci 0000:02:00.1: reg 0x10: [mem 0x90000000-0x91ffffff 64bit pref] Feb 9 12:31:25.562656 kernel: pci 0000:02:00.1: reg 0x30: [mem 0x7e100000-0x7e1fffff pref] Feb 9 12:31:25.562697 kernel: pci 0000:02:00.1: PME# supported from D3cold Feb 9 12:31:25.562740 kernel: pci 0000:02:00.1: reg 0x1a4: [mem 0x00000000-0x000fffff 64bit pref] Feb 9 12:31:25.562782 kernel: pci 0000:02:00.1: VF(n) BAR0 space: [mem 0x00000000-0x007fffff 64bit pref] (contains BAR0 for 8 VFs) Feb 9 12:31:25.562824 kernel: pci 0000:00:01.1: PCI bridge to [bus 02] Feb 9 12:31:25.562867 kernel: pci 0000:00:01.1: bridge window [mem 0x7e100000-0x7e2fffff] Feb 9 12:31:25.562909 kernel: pci 0000:00:01.1: bridge window [mem 0x90000000-0x93ffffff 64bit pref] Feb 9 12:31:25.562950 kernel: pci 0000:00:1b.0: PCI bridge to [bus 03] Feb 9 12:31:25.562996 kernel: pci 0000:04:00.0: [8086:1533] type 00 class 0x020000 Feb 9 12:31:25.563039 kernel: pci 0000:04:00.0: reg 0x10: [mem 0x7e400000-0x7e47ffff] Feb 9 12:31:25.563082 kernel: pci 0000:04:00.0: reg 0x18: [io 0x5000-0x501f] Feb 9 12:31:25.563123 kernel: pci 0000:04:00.0: reg 0x1c: [mem 0x7e480000-0x7e483fff] Feb 9 12:31:25.563167 kernel: pci 0000:04:00.0: PME# supported from D0 D3hot D3cold Feb 9 12:31:25.563209 kernel: pci 0000:00:1b.4: PCI bridge to [bus 04] Feb 9 12:31:25.563279 kernel: pci 0000:00:1b.4: bridge window [io 0x5000-0x5fff] Feb 9 12:31:25.563341 kernel: pci 0000:00:1b.4: bridge window [mem 0x7e400000-0x7e4fffff] Feb 9 12:31:25.563390 kernel: pci 0000:05:00.0: [8086:1533] type 00 class 0x020000 Feb 9 12:31:25.563435 kernel: pci 0000:05:00.0: reg 0x10: [mem 0x7e300000-0x7e37ffff] Feb 9 12:31:25.563477 kernel: pci 0000:05:00.0: reg 0x18: [io 0x4000-0x401f] Feb 9 12:31:25.563520 kernel: pci 0000:05:00.0: reg 0x1c: [mem 0x7e380000-0x7e383fff] Feb 9 12:31:25.563567 kernel: pci 0000:05:00.0: PME# supported from D0 D3hot D3cold Feb 9 12:31:25.563609 kernel: pci 0000:00:1b.5: PCI bridge to [bus 05] Feb 9 12:31:25.563650 kernel: pci 0000:00:1b.5: bridge window [io 0x4000-0x4fff] Feb 9 12:31:25.563691 kernel: pci 0000:00:1b.5: bridge window [mem 0x7e300000-0x7e3fffff] Feb 9 12:31:25.563733 kernel: pci 0000:00:1c.0: PCI bridge to [bus 06] Feb 9 12:31:25.563778 kernel: pci 0000:07:00.0: [1a03:1150] type 01 class 0x060400 Feb 9 12:31:25.563821 kernel: pci 0000:07:00.0: enabling Extended Tags Feb 9 12:31:25.563863 kernel: pci 0000:07:00.0: supports D1 D2 Feb 9 12:31:25.563908 kernel: pci 0000:07:00.0: PME# supported from D0 D1 D2 D3hot D3cold Feb 9 12:31:25.563950 kernel: pci 0000:00:1c.1: PCI bridge to [bus 07-08] Feb 9 12:31:25.563992 kernel: pci 0000:00:1c.1: bridge window [io 0x3000-0x3fff] Feb 9 12:31:25.564033 kernel: pci 0000:00:1c.1: bridge window [mem 0x7d000000-0x7e0fffff] Feb 9 12:31:25.564078 kernel: pci_bus 0000:08: extended config space not accessible Feb 9 12:31:25.564127 kernel: pci 0000:08:00.0: [1a03:2000] type 00 class 0x030000 Feb 9 12:31:25.564173 kernel: pci 0000:08:00.0: reg 0x10: [mem 0x7d000000-0x7dffffff] Feb 9 12:31:25.564220 kernel: pci 0000:08:00.0: reg 0x14: [mem 0x7e000000-0x7e01ffff] Feb 9 12:31:25.564265 kernel: pci 0000:08:00.0: reg 0x18: [io 0x3000-0x307f] Feb 9 12:31:25.564309 kernel: pci 0000:08:00.0: Video device with shadowed ROM at [mem 0x000c0000-0x000dffff] Feb 9 12:31:25.564354 kernel: pci 0000:08:00.0: supports D1 D2 Feb 9 12:31:25.564400 kernel: pci 0000:08:00.0: PME# supported from D0 D1 D2 D3hot D3cold Feb 9 12:31:25.564444 kernel: pci 0000:07:00.0: PCI bridge to [bus 08] Feb 9 12:31:25.564487 kernel: pci 0000:07:00.0: bridge window [io 0x3000-0x3fff] Feb 9 12:31:25.564534 kernel: pci 0000:07:00.0: bridge window [mem 0x7d000000-0x7e0fffff] Feb 9 12:31:25.564542 kernel: ACPI: PCI: Interrupt link LNKA configured for IRQ 0 Feb 9 12:31:25.564547 kernel: ACPI: PCI: Interrupt link LNKB configured for IRQ 1 Feb 9 12:31:25.564553 kernel: ACPI: PCI: Interrupt link LNKC configured for IRQ 0 Feb 9 12:31:25.564559 kernel: ACPI: PCI: Interrupt link LNKD configured for IRQ 0 Feb 9 12:31:25.564564 kernel: ACPI: PCI: Interrupt link LNKE configured for IRQ 0 Feb 9 12:31:25.564570 kernel: ACPI: PCI: Interrupt link LNKF configured for IRQ 0 Feb 9 12:31:25.564575 kernel: ACPI: PCI: Interrupt link LNKG configured for IRQ 0 Feb 9 12:31:25.564581 kernel: ACPI: PCI: Interrupt link LNKH configured for IRQ 0 Feb 9 12:31:25.564588 kernel: iommu: Default domain type: Translated Feb 9 12:31:25.564593 kernel: iommu: DMA domain TLB invalidation policy: lazy mode Feb 9 12:31:25.564638 kernel: pci 0000:08:00.0: vgaarb: setting as boot VGA device Feb 9 12:31:25.564683 kernel: pci 0000:08:00.0: vgaarb: VGA device added: decodes=io+mem,owns=io+mem,locks=none Feb 9 12:31:25.564729 kernel: pci 0000:08:00.0: vgaarb: bridge control possible Feb 9 12:31:25.564736 kernel: vgaarb: loaded Feb 9 12:31:25.564742 kernel: pps_core: LinuxPPS API ver. 1 registered Feb 9 12:31:25.564748 kernel: pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti Feb 9 12:31:25.564753 kernel: PTP clock support registered Feb 9 12:31:25.564760 kernel: PCI: Using ACPI for IRQ routing Feb 9 12:31:25.564766 kernel: PCI: pci_cache_line_size set to 64 bytes Feb 9 12:31:25.564771 kernel: e820: reserve RAM buffer [mem 0x00099800-0x0009ffff] Feb 9 12:31:25.564777 kernel: e820: reserve RAM buffer [mem 0x61f6f000-0x63ffffff] Feb 9 12:31:25.564782 kernel: e820: reserve RAM buffer [mem 0x6c0c5000-0x6fffffff] Feb 9 12:31:25.564788 kernel: e820: reserve RAM buffer [mem 0x6d331000-0x6fffffff] Feb 9 12:31:25.564793 kernel: e820: reserve RAM buffer [mem 0x883800000-0x883ffffff] Feb 9 12:31:25.564798 kernel: hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0, 0, 0, 0, 0, 0 Feb 9 12:31:25.564804 kernel: hpet0: 8 comparators, 64-bit 24.000000 MHz counter Feb 9 12:31:25.564810 kernel: clocksource: Switched to clocksource tsc-early Feb 9 12:31:25.564816 kernel: VFS: Disk quotas dquot_6.6.0 Feb 9 12:31:25.564821 kernel: VFS: Dquot-cache hash table entries: 512 (order 0, 4096 bytes) Feb 9 12:31:25.564827 kernel: pnp: PnP ACPI init Feb 9 12:31:25.564870 kernel: system 00:00: [mem 0x40000000-0x403fffff] has been reserved Feb 9 12:31:25.564914 kernel: pnp 00:02: [dma 0 disabled] Feb 9 12:31:25.564955 kernel: pnp 00:03: [dma 0 disabled] Feb 9 12:31:25.564998 kernel: system 00:04: [io 0x0680-0x069f] has been reserved Feb 9 12:31:25.565035 kernel: system 00:04: [io 0x164e-0x164f] has been reserved Feb 9 12:31:25.565076 kernel: system 00:05: [io 0x1854-0x1857] has been reserved Feb 9 12:31:25.565115 kernel: system 00:06: [mem 0xfed10000-0xfed17fff] has been reserved Feb 9 12:31:25.565153 kernel: system 00:06: [mem 0xfed18000-0xfed18fff] has been reserved Feb 9 12:31:25.565191 kernel: system 00:06: [mem 0xfed19000-0xfed19fff] has been reserved Feb 9 12:31:25.565229 kernel: system 00:06: [mem 0xe0000000-0xefffffff] has been reserved Feb 9 12:31:25.565266 kernel: system 00:06: [mem 0xfed20000-0xfed3ffff] has been reserved Feb 9 12:31:25.565302 kernel: system 00:06: [mem 0xfed90000-0xfed93fff] could not be reserved Feb 9 12:31:25.565339 kernel: system 00:06: [mem 0xfed45000-0xfed8ffff] has been reserved Feb 9 12:31:25.565376 kernel: system 00:06: [mem 0xfee00000-0xfeefffff] could not be reserved Feb 9 12:31:25.565416 kernel: system 00:07: [io 0x1800-0x18fe] could not be reserved Feb 9 12:31:25.565453 kernel: system 00:07: [mem 0xfd000000-0xfd69ffff] has been reserved Feb 9 12:31:25.565492 kernel: system 00:07: [mem 0xfd6c0000-0xfd6cffff] has been reserved Feb 9 12:31:25.565532 kernel: system 00:07: [mem 0xfd6f0000-0xfdffffff] has been reserved Feb 9 12:31:25.565569 kernel: system 00:07: [mem 0xfe000000-0xfe01ffff] could not be reserved Feb 9 12:31:25.565621 kernel: system 00:07: [mem 0xfe200000-0xfe7fffff] has been reserved Feb 9 12:31:25.565657 kernel: system 00:07: [mem 0xff000000-0xffffffff] has been reserved Feb 9 12:31:25.565696 kernel: system 00:08: [io 0x2000-0x20fe] has been reserved Feb 9 12:31:25.565704 kernel: pnp: PnP ACPI: found 10 devices Feb 9 12:31:25.565710 kernel: clocksource: acpi_pm: mask: 0xffffff max_cycles: 0xffffff, max_idle_ns: 2085701024 ns Feb 9 12:31:25.565717 kernel: NET: Registered PF_INET protocol family Feb 9 12:31:25.565722 kernel: IP idents hash table entries: 262144 (order: 9, 2097152 bytes, linear) Feb 9 12:31:25.565728 kernel: tcp_listen_portaddr_hash hash table entries: 16384 (order: 6, 262144 bytes, linear) Feb 9 12:31:25.565733 kernel: Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear) Feb 9 12:31:25.565739 kernel: TCP established hash table entries: 262144 (order: 9, 2097152 bytes, linear) Feb 9 12:31:25.565744 kernel: TCP bind hash table entries: 65536 (order: 8, 1048576 bytes, linear) Feb 9 12:31:25.565750 kernel: TCP: Hash tables configured (established 262144 bind 65536) Feb 9 12:31:25.565755 kernel: UDP hash table entries: 16384 (order: 7, 524288 bytes, linear) Feb 9 12:31:25.565762 kernel: UDP-Lite hash table entries: 16384 (order: 7, 524288 bytes, linear) Feb 9 12:31:25.565767 kernel: NET: Registered PF_UNIX/PF_LOCAL protocol family Feb 9 12:31:25.565773 kernel: NET: Registered PF_XDP protocol family Feb 9 12:31:25.565814 kernel: pci 0000:00:15.0: BAR 0: assigned [mem 0x7b800000-0x7b800fff 64bit] Feb 9 12:31:25.565855 kernel: pci 0000:00:15.1: BAR 0: assigned [mem 0x7b801000-0x7b801fff 64bit] Feb 9 12:31:25.565897 kernel: pci 0000:00:1e.0: BAR 0: assigned [mem 0x7b802000-0x7b802fff 64bit] Feb 9 12:31:25.565940 kernel: pci 0000:00:01.0: PCI bridge to [bus 01] Feb 9 12:31:25.565984 kernel: pci 0000:02:00.0: BAR 7: no space for [mem size 0x00800000 64bit pref] Feb 9 12:31:25.566026 kernel: pci 0000:02:00.0: BAR 7: failed to assign [mem size 0x00800000 64bit pref] Feb 9 12:31:25.566072 kernel: pci 0000:02:00.1: BAR 7: no space for [mem size 0x00800000 64bit pref] Feb 9 12:31:25.566114 kernel: pci 0000:02:00.1: BAR 7: failed to assign [mem size 0x00800000 64bit pref] Feb 9 12:31:25.566157 kernel: pci 0000:00:01.1: PCI bridge to [bus 02] Feb 9 12:31:25.566198 kernel: pci 0000:00:01.1: bridge window [mem 0x7e100000-0x7e2fffff] Feb 9 12:31:25.566241 kernel: pci 0000:00:01.1: bridge window [mem 0x90000000-0x93ffffff 64bit pref] Feb 9 12:31:25.566282 kernel: pci 0000:00:1b.0: PCI bridge to [bus 03] Feb 9 12:31:25.566323 kernel: pci 0000:00:1b.4: PCI bridge to [bus 04] Feb 9 12:31:25.566365 kernel: pci 0000:00:1b.4: bridge window [io 0x5000-0x5fff] Feb 9 12:31:25.566405 kernel: pci 0000:00:1b.4: bridge window [mem 0x7e400000-0x7e4fffff] Feb 9 12:31:25.566447 kernel: pci 0000:00:1b.5: PCI bridge to [bus 05] Feb 9 12:31:25.566487 kernel: pci 0000:00:1b.5: bridge window [io 0x4000-0x4fff] Feb 9 12:31:25.566530 kernel: pci 0000:00:1b.5: bridge window [mem 0x7e300000-0x7e3fffff] Feb 9 12:31:25.566616 kernel: pci 0000:00:1c.0: PCI bridge to [bus 06] Feb 9 12:31:25.566661 kernel: pci 0000:07:00.0: PCI bridge to [bus 08] Feb 9 12:31:25.566704 kernel: pci 0000:07:00.0: bridge window [io 0x3000-0x3fff] Feb 9 12:31:25.566746 kernel: pci 0000:07:00.0: bridge window [mem 0x7d000000-0x7e0fffff] Feb 9 12:31:25.566787 kernel: pci 0000:00:1c.1: PCI bridge to [bus 07-08] Feb 9 12:31:25.566828 kernel: pci 0000:00:1c.1: bridge window [io 0x3000-0x3fff] Feb 9 12:31:25.566869 kernel: pci 0000:00:1c.1: bridge window [mem 0x7d000000-0x7e0fffff] Feb 9 12:31:25.566906 kernel: pci_bus 0000:00: Some PCI device resources are unassigned, try booting with pci=realloc Feb 9 12:31:25.566942 kernel: pci_bus 0000:00: resource 4 [io 0x0000-0x0cf7 window] Feb 9 12:31:25.566980 kernel: pci_bus 0000:00: resource 5 [io 0x0d00-0xffff window] Feb 9 12:31:25.567016 kernel: pci_bus 0000:00: resource 6 [mem 0x000a0000-0x000bffff window] Feb 9 12:31:25.567052 kernel: pci_bus 0000:00: resource 7 [mem 0x7b800000-0xdfffffff window] Feb 9 12:31:25.567087 kernel: pci_bus 0000:00: resource 8 [mem 0xfc800000-0xfe7fffff window] Feb 9 12:31:25.567131 kernel: pci_bus 0000:02: resource 1 [mem 0x7e100000-0x7e2fffff] Feb 9 12:31:25.567169 kernel: pci_bus 0000:02: resource 2 [mem 0x90000000-0x93ffffff 64bit pref] Feb 9 12:31:25.567211 kernel: pci_bus 0000:04: resource 0 [io 0x5000-0x5fff] Feb 9 12:31:25.567251 kernel: pci_bus 0000:04: resource 1 [mem 0x7e400000-0x7e4fffff] Feb 9 12:31:25.567293 kernel: pci_bus 0000:05: resource 0 [io 0x4000-0x4fff] Feb 9 12:31:25.567331 kernel: pci_bus 0000:05: resource 1 [mem 0x7e300000-0x7e3fffff] Feb 9 12:31:25.567373 kernel: pci_bus 0000:07: resource 0 [io 0x3000-0x3fff] Feb 9 12:31:25.567411 kernel: pci_bus 0000:07: resource 1 [mem 0x7d000000-0x7e0fffff] Feb 9 12:31:25.567451 kernel: pci_bus 0000:08: resource 0 [io 0x3000-0x3fff] Feb 9 12:31:25.567493 kernel: pci_bus 0000:08: resource 1 [mem 0x7d000000-0x7e0fffff] Feb 9 12:31:25.567501 kernel: PCI: CLS 64 bytes, default 64 Feb 9 12:31:25.567507 kernel: DMAR: No ATSR found Feb 9 12:31:25.567512 kernel: DMAR: No SATC found Feb 9 12:31:25.567518 kernel: DMAR: IOMMU feature fl1gp_support inconsistent Feb 9 12:31:25.567523 kernel: DMAR: IOMMU feature pgsel_inv inconsistent Feb 9 12:31:25.567530 kernel: DMAR: IOMMU feature nwfs inconsistent Feb 9 12:31:25.567536 kernel: DMAR: IOMMU feature pasid inconsistent Feb 9 12:31:25.567567 kernel: DMAR: IOMMU feature eafs inconsistent Feb 9 12:31:25.567573 kernel: DMAR: IOMMU feature prs inconsistent Feb 9 12:31:25.567580 kernel: DMAR: IOMMU feature nest inconsistent Feb 9 12:31:25.567605 kernel: DMAR: IOMMU feature mts inconsistent Feb 9 12:31:25.567610 kernel: DMAR: IOMMU feature sc_support inconsistent Feb 9 12:31:25.567615 kernel: DMAR: IOMMU feature dev_iotlb_support inconsistent Feb 9 12:31:25.567621 kernel: DMAR: dmar0: Using Queued invalidation Feb 9 12:31:25.567626 kernel: DMAR: dmar1: Using Queued invalidation Feb 9 12:31:25.567668 kernel: pci 0000:00:00.0: Adding to iommu group 0 Feb 9 12:31:25.567710 kernel: pci 0000:00:01.0: Adding to iommu group 1 Feb 9 12:31:25.567753 kernel: pci 0000:00:01.1: Adding to iommu group 1 Feb 9 12:31:25.567793 kernel: pci 0000:00:02.0: Adding to iommu group 2 Feb 9 12:31:25.567834 kernel: pci 0000:00:08.0: Adding to iommu group 3 Feb 9 12:31:25.567875 kernel: pci 0000:00:12.0: Adding to iommu group 4 Feb 9 12:31:25.567916 kernel: pci 0000:00:14.0: Adding to iommu group 5 Feb 9 12:31:25.567956 kernel: pci 0000:00:14.2: Adding to iommu group 5 Feb 9 12:31:25.567997 kernel: pci 0000:00:15.0: Adding to iommu group 6 Feb 9 12:31:25.568036 kernel: pci 0000:00:15.1: Adding to iommu group 6 Feb 9 12:31:25.568077 kernel: pci 0000:00:16.0: Adding to iommu group 7 Feb 9 12:31:25.568119 kernel: pci 0000:00:16.1: Adding to iommu group 7 Feb 9 12:31:25.568159 kernel: pci 0000:00:16.4: Adding to iommu group 7 Feb 9 12:31:25.568200 kernel: pci 0000:00:17.0: Adding to iommu group 8 Feb 9 12:31:25.568239 kernel: pci 0000:00:1b.0: Adding to iommu group 9 Feb 9 12:31:25.568280 kernel: pci 0000:00:1b.4: Adding to iommu group 10 Feb 9 12:31:25.568320 kernel: pci 0000:00:1b.5: Adding to iommu group 11 Feb 9 12:31:25.568360 kernel: pci 0000:00:1c.0: Adding to iommu group 12 Feb 9 12:31:25.568400 kernel: pci 0000:00:1c.1: Adding to iommu group 13 Feb 9 12:31:25.568442 kernel: pci 0000:00:1e.0: Adding to iommu group 14 Feb 9 12:31:25.568482 kernel: pci 0000:00:1f.0: Adding to iommu group 15 Feb 9 12:31:25.568523 kernel: pci 0000:00:1f.4: Adding to iommu group 15 Feb 9 12:31:25.568591 kernel: pci 0000:00:1f.5: Adding to iommu group 15 Feb 9 12:31:25.568653 kernel: pci 0000:02:00.0: Adding to iommu group 1 Feb 9 12:31:25.568696 kernel: pci 0000:02:00.1: Adding to iommu group 1 Feb 9 12:31:25.568738 kernel: pci 0000:04:00.0: Adding to iommu group 16 Feb 9 12:31:25.568781 kernel: pci 0000:05:00.0: Adding to iommu group 17 Feb 9 12:31:25.568825 kernel: pci 0000:07:00.0: Adding to iommu group 18 Feb 9 12:31:25.568869 kernel: pci 0000:08:00.0: Adding to iommu group 18 Feb 9 12:31:25.568876 kernel: DMAR: Intel(R) Virtualization Technology for Directed I/O Feb 9 12:31:25.568882 kernel: PCI-DMA: Using software bounce buffering for IO (SWIOTLB) Feb 9 12:31:25.568888 kernel: software IO TLB: mapped [mem 0x00000000680c5000-0x000000006c0c5000] (64MB) Feb 9 12:31:25.568893 kernel: RAPL PMU: API unit is 2^-32 Joules, 4 fixed counters, 655360 ms ovfl timer Feb 9 12:31:25.568898 kernel: RAPL PMU: hw unit of domain pp0-core 2^-14 Joules Feb 9 12:31:25.568904 kernel: RAPL PMU: hw unit of domain package 2^-14 Joules Feb 9 12:31:25.568911 kernel: RAPL PMU: hw unit of domain dram 2^-14 Joules Feb 9 12:31:25.568916 kernel: RAPL PMU: hw unit of domain pp1-gpu 2^-14 Joules Feb 9 12:31:25.568961 kernel: platform rtc_cmos: registered platform RTC device (no PNP device found) Feb 9 12:31:25.568969 kernel: Initialise system trusted keyrings Feb 9 12:31:25.568974 kernel: workingset: timestamp_bits=39 max_order=23 bucket_order=0 Feb 9 12:31:25.568980 kernel: Key type asymmetric registered Feb 9 12:31:25.568985 kernel: Asymmetric key parser 'x509' registered Feb 9 12:31:25.568991 kernel: Block layer SCSI generic (bsg) driver version 0.4 loaded (major 249) Feb 9 12:31:25.568997 kernel: io scheduler mq-deadline registered Feb 9 12:31:25.569003 kernel: io scheduler kyber registered Feb 9 12:31:25.569008 kernel: io scheduler bfq registered Feb 9 12:31:25.569048 kernel: pcieport 0000:00:01.0: PME: Signaling with IRQ 122 Feb 9 12:31:25.569089 kernel: pcieport 0000:00:01.1: PME: Signaling with IRQ 123 Feb 9 12:31:25.569130 kernel: pcieport 0000:00:1b.0: PME: Signaling with IRQ 124 Feb 9 12:31:25.569172 kernel: pcieport 0000:00:1b.4: PME: Signaling with IRQ 125 Feb 9 12:31:25.569211 kernel: pcieport 0000:00:1b.5: PME: Signaling with IRQ 126 Feb 9 12:31:25.569254 kernel: pcieport 0000:00:1c.0: PME: Signaling with IRQ 127 Feb 9 12:31:25.569294 kernel: pcieport 0000:00:1c.1: PME: Signaling with IRQ 128 Feb 9 12:31:25.569339 kernel: thermal LNXTHERM:00: registered as thermal_zone0 Feb 9 12:31:25.569346 kernel: ACPI: thermal: Thermal Zone [TZ00] (28 C) Feb 9 12:31:25.569352 kernel: ERST: Error Record Serialization Table (ERST) support is initialized. Feb 9 12:31:25.569358 kernel: pstore: Registered erst as persistent store backend Feb 9 12:31:25.569363 kernel: ioatdma: Intel(R) QuickData Technology Driver 5.00 Feb 9 12:31:25.569369 kernel: Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled Feb 9 12:31:25.569375 kernel: 00:02: ttyS0 at I/O 0x3f8 (irq = 4, base_baud = 115200) is a 16550A Feb 9 12:31:25.569381 kernel: 00:03: ttyS1 at I/O 0x2f8 (irq = 3, base_baud = 115200) is a 16550A Feb 9 12:31:25.569423 kernel: tpm_tis MSFT0101:00: 2.0 TPM (device-id 0x1B, rev-id 16) Feb 9 12:31:25.569431 kernel: i8042: PNP: No PS/2 controller found. Feb 9 12:31:25.569466 kernel: rtc_cmos rtc_cmos: RTC can wake from S4 Feb 9 12:31:25.569504 kernel: rtc_cmos rtc_cmos: registered as rtc0 Feb 9 12:31:25.569565 kernel: rtc_cmos rtc_cmos: setting system clock to 2024-02-09T12:31:24 UTC (1707481884) Feb 9 12:31:25.569622 kernel: rtc_cmos rtc_cmos: alarms up to one month, y3k, 114 bytes nvram Feb 9 12:31:25.569631 kernel: fail to initialize ptp_kvm Feb 9 12:31:25.569637 kernel: intel_pstate: Intel P-state driver initializing Feb 9 12:31:25.569642 kernel: intel_pstate: Disabling energy efficiency optimization Feb 9 12:31:25.569648 kernel: intel_pstate: HWP enabled Feb 9 12:31:25.569653 kernel: vesafb: mode is 1024x768x8, linelength=1024, pages=0 Feb 9 12:31:25.569659 kernel: vesafb: scrolling: redraw Feb 9 12:31:25.569664 kernel: vesafb: Pseudocolor: size=0:8:8:8, shift=0:0:0:0 Feb 9 12:31:25.569670 kernel: vesafb: framebuffer at 0x7d000000, mapped to 0x00000000c3993f1d, using 768k, total 768k Feb 9 12:31:25.569676 kernel: Console: switching to colour frame buffer device 128x48 Feb 9 12:31:25.569681 kernel: fb0: VESA VGA frame buffer device Feb 9 12:31:25.569687 kernel: NET: Registered PF_INET6 protocol family Feb 9 12:31:25.569692 kernel: Segment Routing with IPv6 Feb 9 12:31:25.569698 kernel: In-situ OAM (IOAM) with IPv6 Feb 9 12:31:25.569703 kernel: NET: Registered PF_PACKET protocol family Feb 9 12:31:25.569709 kernel: Key type dns_resolver registered Feb 9 12:31:25.569714 kernel: microcode: sig=0x906ed, pf=0x2, revision=0xf4 Feb 9 12:31:25.569719 kernel: microcode: Microcode Update Driver: v2.2. Feb 9 12:31:25.569726 kernel: IPI shorthand broadcast: enabled Feb 9 12:31:25.569731 kernel: sched_clock: Marking stable (1838469477, 1353707154)->(4615914369, -1423737738) Feb 9 12:31:25.569736 kernel: registered taskstats version 1 Feb 9 12:31:25.569742 kernel: Loading compiled-in X.509 certificates Feb 9 12:31:25.569747 kernel: Loaded X.509 cert 'Kinvolk GmbH: Module signing key for 5.15.148-flatcar: e9d857ae0e8100c174221878afd1046acbb054a6' Feb 9 12:31:25.569753 kernel: Key type .fscrypt registered Feb 9 12:31:25.569758 kernel: Key type fscrypt-provisioning registered Feb 9 12:31:25.569763 kernel: pstore: Using crash dump compression: deflate Feb 9 12:31:25.569769 kernel: ima: Allocated hash algorithm: sha1 Feb 9 12:31:25.569775 kernel: ima: No architecture policies found Feb 9 12:31:25.569781 kernel: Freeing unused kernel image (initmem) memory: 45496K Feb 9 12:31:25.569786 kernel: Write protecting the kernel read-only data: 28672k Feb 9 12:31:25.569791 kernel: Freeing unused kernel image (text/rodata gap) memory: 2040K Feb 9 12:31:25.569797 kernel: Freeing unused kernel image (rodata/data gap) memory: 636K Feb 9 12:31:25.569802 kernel: Run /init as init process Feb 9 12:31:25.569808 kernel: with arguments: Feb 9 12:31:25.569813 kernel: /init Feb 9 12:31:25.569818 kernel: with environment: Feb 9 12:31:25.569824 kernel: HOME=/ Feb 9 12:31:25.569830 kernel: TERM=linux Feb 9 12:31:25.569835 kernel: BOOT_IMAGE=/flatcar/vmlinuz-a Feb 9 12:31:25.569842 systemd[1]: systemd 252 running in system mode (+PAM +AUDIT +SELINUX -APPARMOR +IMA +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL -ACL +BLKID +CURL -ELFUTILS -FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 -PWQUALITY -P11KIT -QRENCODE -TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD -BPF_FRAMEWORK -XKBCOMMON +UTMP +SYSVINIT default-hierarchy=unified) Feb 9 12:31:25.569848 systemd[1]: Detected architecture x86-64. Feb 9 12:31:25.569854 systemd[1]: Running in initrd. Feb 9 12:31:25.569859 systemd[1]: No hostname configured, using default hostname. Feb 9 12:31:25.569865 systemd[1]: Hostname set to . Feb 9 12:31:25.569871 systemd[1]: Initializing machine ID from random generator. Feb 9 12:31:25.569876 systemd[1]: Queued start job for default target initrd.target. Feb 9 12:31:25.569882 systemd[1]: Started systemd-ask-password-console.path. Feb 9 12:31:25.569887 systemd[1]: Reached target cryptsetup.target. Feb 9 12:31:25.569892 systemd[1]: Reached target paths.target. Feb 9 12:31:25.569898 systemd[1]: Reached target slices.target. Feb 9 12:31:25.569903 systemd[1]: Reached target swap.target. Feb 9 12:31:25.569908 systemd[1]: Reached target timers.target. Feb 9 12:31:25.569914 systemd[1]: Listening on iscsid.socket. Feb 9 12:31:25.569920 systemd[1]: Listening on iscsiuio.socket. Feb 9 12:31:25.569926 systemd[1]: Listening on systemd-journald-audit.socket. Feb 9 12:31:25.569931 systemd[1]: Listening on systemd-journald-dev-log.socket. Feb 9 12:31:25.569936 systemd[1]: Listening on systemd-journald.socket. Feb 9 12:31:25.569942 systemd[1]: Listening on systemd-networkd.socket. Feb 9 12:31:25.569947 systemd[1]: Listening on systemd-udevd-control.socket. Feb 9 12:31:25.569953 kernel: tsc: Refined TSC clocksource calibration: 3408.014 MHz Feb 9 12:31:25.569959 kernel: clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x311fe15a465, max_idle_ns: 440795368898 ns Feb 9 12:31:25.569965 kernel: clocksource: Switched to clocksource tsc Feb 9 12:31:25.569970 systemd[1]: Listening on systemd-udevd-kernel.socket. Feb 9 12:31:25.569976 systemd[1]: Reached target sockets.target. Feb 9 12:31:25.569981 systemd[1]: Starting kmod-static-nodes.service... Feb 9 12:31:25.569986 systemd[1]: Finished network-cleanup.service. Feb 9 12:31:25.569992 systemd[1]: Starting systemd-fsck-usr.service... Feb 9 12:31:25.569997 systemd[1]: Starting systemd-journald.service... Feb 9 12:31:25.570004 systemd[1]: Starting systemd-modules-load.service... Feb 9 12:31:25.570012 systemd-journald[270]: Journal started Feb 9 12:31:25.570037 systemd-journald[270]: Runtime Journal (/run/log/journal/2c59064443464a96b53de66a08a72c93) is 8.0M, max 636.8M, 628.8M free. Feb 9 12:31:25.571951 systemd-modules-load[271]: Inserted module 'overlay' Feb 9 12:31:25.601723 kernel: audit: type=1334 audit(1707481885.578:2): prog-id=6 op=LOAD Feb 9 12:31:25.601733 systemd[1]: Starting systemd-resolved.service... Feb 9 12:31:25.578000 audit: BPF prog-id=6 op=LOAD Feb 9 12:31:25.645574 kernel: bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this. Feb 9 12:31:25.645606 systemd[1]: Starting systemd-vconsole-setup.service... Feb 9 12:31:25.677570 kernel: Bridge firewalling registered Feb 9 12:31:25.677586 systemd[1]: Started systemd-journald.service. Feb 9 12:31:25.691528 systemd-modules-load[271]: Inserted module 'br_netfilter' Feb 9 12:31:25.698000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-journald comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:25.697680 systemd-resolved[273]: Positive Trust Anchors: Feb 9 12:31:25.815178 kernel: audit: type=1130 audit(1707481885.698:3): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-journald comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:25.815193 kernel: SCSI subsystem initialized Feb 9 12:31:25.815201 kernel: audit: type=1130 audit(1707481885.749:4): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-resolved comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:25.815208 kernel: device-mapper: core: CONFIG_IMA_DISABLE_HTABLE is disabled. Duplicate IMA measurements will not be recorded in the IMA log. Feb 9 12:31:25.749000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-resolved comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:25.697685 systemd-resolved[273]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d Feb 9 12:31:25.914797 kernel: device-mapper: uevent: version 1.0.3 Feb 9 12:31:25.915001 kernel: device-mapper: ioctl: 4.45.0-ioctl (2021-03-22) initialised: dm-devel@redhat.com Feb 9 12:31:25.915008 kernel: audit: type=1130 audit(1707481885.871:5): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=kmod-static-nodes comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:25.871000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=kmod-static-nodes comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:25.697704 systemd-resolved[273]: Negative trust anchors: home.arpa 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in-addr.arpa 24.172.in-addr.arpa 25.172.in-addr.arpa 26.172.in-addr.arpa 27.172.in-addr.arpa 28.172.in-addr.arpa 29.172.in-addr.arpa 30.172.in-addr.arpa 31.172.in-addr.arpa 168.192.in-addr.arpa d.f.ip6.arpa corp home internal intranet lan local private test Feb 9 12:31:25.988774 kernel: audit: type=1130 audit(1707481885.923:6): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-fsck-usr comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:25.923000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-fsck-usr comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:25.699212 systemd-resolved[273]: Defaulting to hostname 'linux'. Feb 9 12:31:25.997000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-modules-load comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:25.699733 systemd[1]: Started systemd-resolved.service. Feb 9 12:31:26.096351 kernel: audit: type=1130 audit(1707481885.997:7): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-modules-load comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:26.096440 kernel: audit: type=1130 audit(1707481886.050:8): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-vconsole-setup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:26.050000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-vconsole-setup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:25.750695 systemd[1]: Finished kmod-static-nodes.service. Feb 9 12:31:25.872638 systemd[1]: Finished systemd-fsck-usr.service. Feb 9 12:31:25.915321 systemd-modules-load[271]: Inserted module 'dm_multipath' Feb 9 12:31:25.923813 systemd[1]: Finished systemd-modules-load.service. Feb 9 12:31:25.997901 systemd[1]: Finished systemd-vconsole-setup.service. Feb 9 12:31:26.050820 systemd[1]: Reached target nss-lookup.target. Feb 9 12:31:26.105109 systemd[1]: Starting dracut-cmdline-ask.service... Feb 9 12:31:26.125019 systemd[1]: Starting systemd-sysctl.service... Feb 9 12:31:26.125309 systemd[1]: Starting systemd-tmpfiles-setup-dev.service... Feb 9 12:31:26.128182 systemd[1]: Finished systemd-tmpfiles-setup-dev.service. Feb 9 12:31:26.127000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-tmpfiles-setup-dev comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:26.128913 systemd[1]: Finished systemd-sysctl.service. Feb 9 12:31:26.177730 kernel: audit: type=1130 audit(1707481886.127:9): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-tmpfiles-setup-dev comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:26.189000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-sysctl comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:26.189860 systemd[1]: Finished dracut-cmdline-ask.service. Feb 9 12:31:26.254632 kernel: audit: type=1130 audit(1707481886.189:10): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-sysctl comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:26.246000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=dracut-cmdline-ask comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:26.247102 systemd[1]: Starting dracut-cmdline.service... Feb 9 12:31:26.268646 dracut-cmdline[295]: dracut-dracut-053 Feb 9 12:31:26.268646 dracut-cmdline[295]: Using kernel command line parameters: rd.driver.pre=btrfs rootflags=rw mount.usrflags=ro BOOT_IMAGE=/flatcar/vmlinuz-a mount.usr=/dev/mapper/usr verity.usr=PARTUUID=7130c94a-213a-4e5a-8e26-6cce9662f132 rootflags=rw mount.usrflags=ro consoleblank=0 root=LA Feb 9 12:31:26.268646 dracut-cmdline[295]: BEL=ROOT console=tty0 console=ttyS1,115200n8 flatcar.first_boot=detected flatcar.oem.id=packet flatcar.autologin verity.usrhash=ae7db544026ede4699ee2036449b75950d3fb7929b25a6731d0ad396f1aa37c9 Feb 9 12:31:26.337612 kernel: Loading iSCSI transport class v2.0-870. Feb 9 12:31:26.337627 kernel: iscsi: registered transport (tcp) Feb 9 12:31:26.386304 kernel: iscsi: registered transport (qla4xxx) Feb 9 12:31:26.386322 kernel: QLogic iSCSI HBA Driver Feb 9 12:31:26.403061 systemd[1]: Finished dracut-cmdline.service. Feb 9 12:31:26.412000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=dracut-cmdline comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:26.413224 systemd[1]: Starting dracut-pre-udev.service... Feb 9 12:31:26.469616 kernel: raid6: avx2x4 gen() 48966 MB/s Feb 9 12:31:26.505601 kernel: raid6: avx2x4 xor() 20841 MB/s Feb 9 12:31:26.539612 kernel: raid6: avx2x2 gen() 52458 MB/s Feb 9 12:31:26.574562 kernel: raid6: avx2x2 xor() 31378 MB/s Feb 9 12:31:26.609598 kernel: raid6: avx2x1 gen() 45146 MB/s Feb 9 12:31:26.644599 kernel: raid6: avx2x1 xor() 27831 MB/s Feb 9 12:31:26.678592 kernel: raid6: sse2x4 gen() 21350 MB/s Feb 9 12:31:26.712598 kernel: raid6: sse2x4 xor() 11985 MB/s Feb 9 12:31:26.746559 kernel: raid6: sse2x2 gen() 21665 MB/s Feb 9 12:31:26.780599 kernel: raid6: sse2x2 xor() 13395 MB/s Feb 9 12:31:26.814601 kernel: raid6: sse2x1 gen() 18300 MB/s Feb 9 12:31:26.866126 kernel: raid6: sse2x1 xor() 8924 MB/s Feb 9 12:31:26.866141 kernel: raid6: using algorithm avx2x2 gen() 52458 MB/s Feb 9 12:31:26.866149 kernel: raid6: .... xor() 31378 MB/s, rmw enabled Feb 9 12:31:26.884169 kernel: raid6: using avx2x2 recovery algorithm Feb 9 12:31:26.929582 kernel: xor: automatically using best checksumming function avx Feb 9 12:31:27.008581 kernel: Btrfs loaded, crc32c=crc32c-intel, zoned=no, fsverity=no Feb 9 12:31:27.013779 systemd[1]: Finished dracut-pre-udev.service. Feb 9 12:31:27.023000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=dracut-pre-udev comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:27.023000 audit: BPF prog-id=7 op=LOAD Feb 9 12:31:27.023000 audit: BPF prog-id=8 op=LOAD Feb 9 12:31:27.024518 systemd[1]: Starting systemd-udevd.service... Feb 9 12:31:27.032668 systemd-udevd[475]: Using default interface naming scheme 'v252'. Feb 9 12:31:27.054000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-udevd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:27.038680 systemd[1]: Started systemd-udevd.service. Feb 9 12:31:27.078654 dracut-pre-trigger[486]: rd.md=0: removing MD RAID activation Feb 9 12:31:27.055148 systemd[1]: Starting dracut-pre-trigger.service... Feb 9 12:31:27.094000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=dracut-pre-trigger comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:27.085152 systemd[1]: Finished dracut-pre-trigger.service. Feb 9 12:31:27.095646 systemd[1]: Starting systemd-udev-trigger.service... Feb 9 12:31:27.145076 systemd[1]: Finished systemd-udev-trigger.service. Feb 9 12:31:27.143000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-udev-trigger comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:27.178540 kernel: cryptd: max_cpu_qlen set to 1000 Feb 9 12:31:27.178577 kernel: libata version 3.00 loaded. Feb 9 12:31:27.178590 kernel: ACPI: bus type USB registered Feb 9 12:31:27.230704 kernel: usbcore: registered new interface driver usbfs Feb 9 12:31:27.230741 kernel: usbcore: registered new interface driver hub Feb 9 12:31:27.230750 kernel: usbcore: registered new device driver usb Feb 9 12:31:27.271541 kernel: AVX2 version of gcm_enc/dec engaged. Feb 9 12:31:27.271596 kernel: ahci 0000:00:17.0: version 3.0 Feb 9 12:31:27.271706 kernel: AES CTR mode by8 optimization enabled Feb 9 12:31:27.288533 kernel: ahci 0000:00:17.0: AHCI 0001.0301 32 slots 8 ports 6 Gbps 0xff impl SATA mode Feb 9 12:31:27.328384 kernel: ahci 0000:00:17.0: flags: 64bit ncq sntf clo only pio slum part ems deso sadm sds apst Feb 9 12:31:27.363785 kernel: igb: Intel(R) Gigabit Ethernet Network Driver Feb 9 12:31:27.363811 kernel: igb: Copyright (c) 2007-2014 Intel Corporation. Feb 9 12:31:27.364534 kernel: xhci_hcd 0000:00:14.0: xHCI Host Controller Feb 9 12:31:27.364629 kernel: mlx5_core 0000:02:00.0: firmware version: 14.28.2006 Feb 9 12:31:27.365532 kernel: scsi host0: ahci Feb 9 12:31:27.365602 kernel: scsi host1: ahci Feb 9 12:31:27.365656 kernel: scsi host2: ahci Feb 9 12:31:27.365708 kernel: scsi host3: ahci Feb 9 12:31:27.365758 kernel: scsi host4: ahci Feb 9 12:31:27.365809 kernel: scsi host5: ahci Feb 9 12:31:27.365863 kernel: scsi host6: ahci Feb 9 12:31:27.365914 kernel: scsi host7: ahci Feb 9 12:31:27.365963 kernel: ata1: SATA max UDMA/133 abar m2048@0x7e516000 port 0x7e516100 irq 129 Feb 9 12:31:27.365971 kernel: ata2: SATA max UDMA/133 abar m2048@0x7e516000 port 0x7e516180 irq 129 Feb 9 12:31:27.365977 kernel: ata3: SATA max UDMA/133 abar m2048@0x7e516000 port 0x7e516200 irq 129 Feb 9 12:31:27.365984 kernel: ata4: SATA max UDMA/133 abar m2048@0x7e516000 port 0x7e516280 irq 129 Feb 9 12:31:27.365992 kernel: ata5: SATA max UDMA/133 abar m2048@0x7e516000 port 0x7e516300 irq 129 Feb 9 12:31:27.365998 kernel: ata6: SATA max UDMA/133 abar m2048@0x7e516000 port 0x7e516380 irq 129 Feb 9 12:31:27.366005 kernel: ata7: SATA max UDMA/133 abar m2048@0x7e516000 port 0x7e516400 irq 129 Feb 9 12:31:27.366011 kernel: ata8: SATA max UDMA/133 abar m2048@0x7e516000 port 0x7e516480 irq 129 Feb 9 12:31:27.397425 kernel: xhci_hcd 0000:00:14.0: new USB bus registered, assigned bus number 1 Feb 9 12:31:27.397494 kernel: mlx5_core 0000:02:00.0: 63.008 Gb/s available PCIe bandwidth (8.0 GT/s PCIe x8 link) Feb 9 12:31:27.404575 kernel: pps pps0: new PPS source ptp0 Feb 9 12:31:27.404651 kernel: igb 0000:04:00.0: added PHC on eth0 Feb 9 12:31:27.404710 kernel: igb 0000:04:00.0: Intel(R) Gigabit Ethernet Network Connection Feb 9 12:31:27.404763 kernel: igb 0000:04:00.0: eth0: (PCIe:2.5Gb/s:Width x1) 3c:ec:ef:72:07:66 Feb 9 12:31:27.404812 kernel: igb 0000:04:00.0: eth0: PBA No: 010000-000 Feb 9 12:31:27.404861 kernel: igb 0000:04:00.0: Using MSI-X interrupts. 4 rx queue(s), 4 tx queue(s) Feb 9 12:31:27.424596 kernel: xhci_hcd 0000:00:14.0: hcc params 0x200077c1 hci version 0x110 quirks 0x0000000000009810 Feb 9 12:31:27.460799 kernel: pps pps1: new PPS source ptp1 Feb 9 12:31:27.460877 kernel: xhci_hcd 0000:00:14.0: xHCI Host Controller Feb 9 12:31:27.460939 kernel: igb 0000:05:00.0: added PHC on eth1 Feb 9 12:31:27.472083 kernel: xhci_hcd 0000:00:14.0: new USB bus registered, assigned bus number 2 Feb 9 12:31:27.493355 kernel: igb 0000:05:00.0: Intel(R) Gigabit Ethernet Network Connection Feb 9 12:31:27.493443 kernel: xhci_hcd 0000:00:14.0: Host supports USB 3.1 Enhanced SuperSpeed Feb 9 12:31:27.493511 kernel: hub 1-0:1.0: USB hub found Feb 9 12:31:27.508336 kernel: igb 0000:05:00.0: eth1: (PCIe:2.5Gb/s:Width x1) 3c:ec:ef:72:07:67 Feb 9 12:31:27.536927 kernel: hub 1-0:1.0: 16 ports detected Feb 9 12:31:27.550595 kernel: igb 0000:05:00.0: eth1: PBA No: 010000-000 Feb 9 12:31:27.563742 kernel: hub 2-0:1.0: USB hub found Feb 9 12:31:27.563852 kernel: igb 0000:05:00.0: Using MSI-X interrupts. 4 rx queue(s), 4 tx queue(s) Feb 9 12:31:27.675533 kernel: ata8: SATA link down (SStatus 0 SControl 300) Feb 9 12:31:27.675550 kernel: hub 2-0:1.0: 10 ports detected Feb 9 12:31:27.683530 kernel: mlx5_core 0000:02:00.0: E-Switch: Total vports 10, per vport: max uc(1024) max mc(16384) Feb 9 12:31:27.686580 kernel: ata7: SATA link down (SStatus 0 SControl 300) Feb 9 12:31:27.715454 kernel: usb: port power management may be unreliable Feb 9 12:31:27.715532 kernel: ata6: SATA link down (SStatus 0 SControl 300) Feb 9 12:31:27.750589 kernel: mlx5_core 0000:02:00.0: MLX5E: StrdRq(0) RqSz(1024) StrdSz(256) RxCqeCmprss(0) Feb 9 12:31:27.750664 kernel: ata4: SATA link down (SStatus 0 SControl 300) Feb 9 12:31:27.894586 kernel: usb 1-14: new high-speed USB device number 2 using xhci_hcd Feb 9 12:31:27.894613 kernel: ata1: SATA link up 6.0 Gbps (SStatus 133 SControl 300) Feb 9 12:31:27.981611 kernel: mlx5_core 0000:02:00.0: Supported tc offload range - chains: 4294967294, prios: 4294967295 Feb 9 12:31:27.981699 kernel: ata2: SATA link up 6.0 Gbps (SStatus 133 SControl 300) Feb 9 12:31:28.011587 kernel: mlx5_core 0000:02:00.1: firmware version: 14.28.2006 Feb 9 12:31:28.011677 kernel: ata1.00: ATA-11: Micron_5300_MTFDDAK480TDT, D3MU001, max UDMA/133 Feb 9 12:31:28.039572 kernel: mlx5_core 0000:02:00.1: 63.008 Gb/s available PCIe bandwidth (8.0 GT/s PCIe x8 link) Feb 9 12:31:28.039663 kernel: hub 1-14:1.0: USB hub found Feb 9 12:31:28.039727 kernel: hub 1-14:1.0: 4 ports detected Feb 9 12:31:28.044573 kernel: ata3: SATA link down (SStatus 0 SControl 300) Feb 9 12:31:28.136586 kernel: ata2.00: ATA-11: Micron_5300_MTFDDAK480TDT, D3MU001, max UDMA/133 Feb 9 12:31:28.153601 kernel: ata5: SATA link down (SStatus 0 SControl 300) Feb 9 12:31:28.203684 kernel: ata2.00: 937703088 sectors, multi 16: LBA48 NCQ (depth 32), AA Feb 9 12:31:28.203699 kernel: ata2.00: Features: NCQ-prio Feb 9 12:31:28.203707 kernel: ata1.00: 937703088 sectors, multi 16: LBA48 NCQ (depth 32), AA Feb 9 12:31:28.235758 kernel: ata1.00: Features: NCQ-prio Feb 9 12:31:28.255565 kernel: ata2.00: configured for UDMA/133 Feb 9 12:31:28.255582 kernel: ata1.00: configured for UDMA/133 Feb 9 12:31:28.270534 kernel: scsi 0:0:0:0: Direct-Access ATA Micron_5300_MTFD U001 PQ: 0 ANSI: 5 Feb 9 12:31:28.290582 kernel: scsi 1:0:0:0: Direct-Access ATA Micron_5300_MTFD U001 PQ: 0 ANSI: 5 Feb 9 12:31:28.326533 kernel: igb 0000:05:00.0 eno2: renamed from eth1 Feb 9 12:31:28.344531 kernel: ata2.00: Enabling discard_zeroes_data Feb 9 12:31:28.344548 kernel: mlx5_core 0000:02:00.1: E-Switch: Total vports 10, per vport: max uc(1024) max mc(16384) Feb 9 12:31:28.344680 kernel: usb 1-14.1: new low-speed USB device number 3 using xhci_hcd Feb 9 12:31:28.347185 kernel: ata1.00: Enabling discard_zeroes_data Feb 9 12:31:28.347537 kernel: sd 1:0:0:0: [sda] 937703088 512-byte logical blocks: (480 GB/447 GiB) Feb 9 12:31:28.347724 kernel: sd 0:0:0:0: [sdb] 937703088 512-byte logical blocks: (480 GB/447 GiB) Feb 9 12:31:28.347816 kernel: sd 0:0:0:0: [sdb] 4096-byte physical blocks Feb 9 12:31:28.347871 kernel: sd 0:0:0:0: [sdb] Write Protect is off Feb 9 12:31:28.347923 kernel: sd 0:0:0:0: [sdb] Mode Sense: 00 3a 00 00 Feb 9 12:31:28.347975 kernel: sd 0:0:0:0: [sdb] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA Feb 9 12:31:28.348025 kernel: igb 0000:04:00.0 eno1: renamed from eth0 Feb 9 12:31:28.348075 kernel: ata1.00: Enabling discard_zeroes_data Feb 9 12:31:28.348083 kernel: ata1.00: Enabling discard_zeroes_data Feb 9 12:31:28.348089 kernel: sd 0:0:0:0: [sdb] Attached SCSI disk Feb 9 12:31:28.400530 kernel: port_module: 9 callbacks suppressed Feb 9 12:31:28.400547 kernel: mlx5_core 0000:02:00.1: Port module event: module 1, Cable plugged Feb 9 12:31:28.400621 kernel: sd 1:0:0:0: [sda] 4096-byte physical blocks Feb 9 12:31:28.551905 kernel: hid: raw HID events driver (C) Jiri Kosina Feb 9 12:31:28.551924 kernel: sd 1:0:0:0: [sda] Write Protect is off Feb 9 12:31:28.648719 kernel: sd 1:0:0:0: [sda] Mode Sense: 00 3a 00 00 Feb 9 12:31:28.648812 kernel: sd 1:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA Feb 9 12:31:28.648883 kernel: ata2.00: Enabling discard_zeroes_data Feb 9 12:31:28.663815 kernel: mlx5_core 0000:02:00.1: MLX5E: StrdRq(0) RqSz(1024) StrdSz(256) RxCqeCmprss(0) Feb 9 12:31:28.682534 kernel: GPT:Primary header thinks Alt. header is not at the end of the disk. Feb 9 12:31:28.713772 kernel: GPT:9289727 != 937703087 Feb 9 12:31:28.713788 kernel: GPT:Alternate GPT header not at the end of the disk. Feb 9 12:31:28.730025 kernel: GPT:9289727 != 937703087 Feb 9 12:31:28.743600 kernel: GPT: Use GNU Parted to correct GPT errors. Feb 9 12:31:28.758693 kernel: sda: sda1 sda2 sda3 sda4 sda6 sda7 sda9 Feb 9 12:31:28.788547 kernel: ata2.00: Enabling discard_zeroes_data Feb 9 12:31:28.788562 kernel: sd 1:0:0:0: [sda] Attached SCSI disk Feb 9 12:31:28.823356 systemd[1]: Found device dev-disk-by\x2dlabel-ROOT.device. Feb 9 12:31:28.887416 kernel: usbcore: registered new interface driver usbhid Feb 9 12:31:28.887430 kernel: BTRFS: device label OEM devid 1 transid 14 /dev/sda6 scanned by (udev-worker) (538) Feb 9 12:31:28.887437 kernel: usbhid: USB HID core driver Feb 9 12:31:28.887444 kernel: input: HID 0557:2419 as /devices/pci0000:00/0000:00:14.0/usb1/1-14/1-14.1/1-14.1:1.0/0003:0557:2419.0001/input/input0 Feb 9 12:31:28.855899 systemd[1]: Found device dev-disk-by\x2dlabel-EFI\x2dSYSTEM.device. Feb 9 12:31:28.898907 systemd[1]: Found device dev-disk-by\x2dpartlabel-USR\x2dA.device. Feb 9 12:31:28.906758 systemd[1]: Found device dev-disk-by\x2dpartuuid-7130c94a\x2d213a\x2d4e5a\x2d8e26\x2d6cce9662f132.device. Feb 9 12:31:29.006273 kernel: mlx5_core 0000:02:00.1: Supported tc offload range - chains: 4294967294, prios: 4294967295 Feb 9 12:31:29.006356 kernel: hid-generic 0003:0557:2419.0001: input,hidraw0: USB HID v1.00 Keyboard [HID 0557:2419] on usb-0000:00:14.0-14.1/input0 Feb 9 12:31:29.006427 kernel: input: HID 0557:2419 as /devices/pci0000:00/0000:00:14.0/usb1/1-14/1-14.1/1-14.1:1.1/0003:0557:2419.0002/input/input1 Feb 9 12:31:29.006435 kernel: hid-generic 0003:0557:2419.0002: input,hidraw1: USB HID v1.00 Mouse [HID 0557:2419] on usb-0000:00:14.0-14.1/input1 Feb 9 12:31:28.960021 systemd[1]: Found device dev-disk-by\x2dlabel-OEM.device. Feb 9 12:31:29.072607 kernel: mlx5_core 0000:02:00.1 enp2s0f1np1: renamed from eth0 Feb 9 12:31:29.072679 kernel: ata2.00: Enabling discard_zeroes_data Feb 9 12:31:29.059712 systemd[1]: Starting disk-uuid.service... Feb 9 12:31:29.127606 kernel: mlx5_core 0000:02:00.0 enp2s0f0np0: renamed from eth2 Feb 9 12:31:29.127676 kernel: sda: sda1 sda2 sda3 sda4 sda6 sda7 sda9 Feb 9 12:31:29.127684 kernel: ata2.00: Enabling discard_zeroes_data Feb 9 12:31:29.127724 disk-uuid[689]: Primary Header is updated. Feb 9 12:31:29.127724 disk-uuid[689]: Secondary Entries is updated. Feb 9 12:31:29.127724 disk-uuid[689]: Secondary Header is updated. Feb 9 12:31:29.186623 kernel: sda: sda1 sda2 sda3 sda4 sda6 sda7 sda9 Feb 9 12:31:29.186636 kernel: ata2.00: Enabling discard_zeroes_data Feb 9 12:31:29.186643 kernel: sda: sda1 sda2 sda3 sda4 sda6 sda7 sda9 Feb 9 12:31:30.173162 kernel: ata2.00: Enabling discard_zeroes_data Feb 9 12:31:30.191951 disk-uuid[690]: The operation has completed successfully. Feb 9 12:31:30.200661 kernel: sda: sda1 sda2 sda3 sda4 sda6 sda7 sda9 Feb 9 12:31:30.230363 systemd[1]: disk-uuid.service: Deactivated successfully. Feb 9 12:31:30.326428 kernel: audit: type=1130 audit(1707481890.237:19): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=disk-uuid comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:30.326443 kernel: audit: type=1131 audit(1707481890.237:20): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=disk-uuid comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:30.237000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=disk-uuid comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:30.237000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=disk-uuid comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:30.230420 systemd[1]: Finished disk-uuid.service. Feb 9 12:31:30.356571 kernel: device-mapper: verity: sha256 using implementation "sha256-avx2" Feb 9 12:31:30.244125 systemd[1]: Starting verity-setup.service... Feb 9 12:31:30.436809 systemd[1]: Found device dev-mapper-usr.device. Feb 9 12:31:30.449024 systemd[1]: Mounting sysusr-usr.mount... Feb 9 12:31:30.460182 systemd[1]: Finished verity-setup.service. Feb 9 12:31:30.475000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=verity-setup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:30.532536 kernel: audit: type=1130 audit(1707481890.475:21): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=verity-setup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:30.588531 kernel: EXT4-fs (dm-0): mounted filesystem without journal. Opts: norecovery. Quota mode: none. Feb 9 12:31:30.588714 systemd[1]: Mounted sysusr-usr.mount. Feb 9 12:31:30.596812 systemd[1]: afterburn-network-kargs.service was skipped because no trigger condition checks were met. Feb 9 12:31:30.597215 systemd[1]: Starting ignition-setup.service... Feb 9 12:31:30.686892 kernel: BTRFS info (device sda6): using crc32c (crc32c-intel) checksum algorithm Feb 9 12:31:30.686912 kernel: BTRFS info (device sda6): using free space tree Feb 9 12:31:30.686920 kernel: BTRFS info (device sda6): has skinny extents Feb 9 12:31:30.686927 kernel: BTRFS info (device sda6): enabling ssd optimizations Feb 9 12:31:30.634262 systemd[1]: Starting parse-ip-for-networkd.service... Feb 9 12:31:30.695059 systemd[1]: Finished ignition-setup.service. Feb 9 12:31:30.761530 kernel: audit: type=1130 audit(1707481890.711:22): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-setup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:30.711000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-setup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:30.711940 systemd[1]: Finished parse-ip-for-networkd.service. Feb 9 12:31:30.769000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=parse-ip-for-networkd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:30.770190 systemd[1]: Starting ignition-fetch-offline.service... Feb 9 12:31:30.850579 kernel: audit: type=1130 audit(1707481890.769:23): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=parse-ip-for-networkd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:30.850593 kernel: audit: type=1334 audit(1707481890.826:24): prog-id=9 op=LOAD Feb 9 12:31:30.826000 audit: BPF prog-id=9 op=LOAD Feb 9 12:31:30.828360 systemd[1]: Starting systemd-networkd.service... Feb 9 12:31:30.866446 systemd-networkd[880]: lo: Link UP Feb 9 12:31:30.866449 systemd-networkd[880]: lo: Gained carrier Feb 9 12:31:30.866834 systemd-networkd[880]: Enumeration completed Feb 9 12:31:30.884000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-networkd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:30.892012 ignition[868]: Ignition 2.14.0 Feb 9 12:31:30.952800 kernel: audit: type=1130 audit(1707481890.884:25): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-networkd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:30.866908 systemd[1]: Started systemd-networkd.service. Feb 9 12:31:30.892016 ignition[868]: Stage: fetch-offline Feb 9 12:31:30.965000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=iscsiuio comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:30.867478 systemd-networkd[880]: enp2s0f1np1: Configuring with /usr/lib/systemd/network/zz-default.network. Feb 9 12:31:31.102163 kernel: audit: type=1130 audit(1707481890.965:26): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=iscsiuio comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:31.102175 kernel: audit: type=1130 audit(1707481891.027:27): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-fetch-offline comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:31.102182 kernel: mlx5_core 0000:02:00.1 enp2s0f1np1: Link up Feb 9 12:31:31.027000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-fetch-offline comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:30.892043 ignition[868]: reading system config file "/usr/lib/ignition/base.d/base.ign" Feb 9 12:31:31.127692 kernel: IPv6: ADDRCONF(NETDEV_CHANGE): enp2s0f1np1: link becomes ready Feb 9 12:31:30.885647 systemd[1]: Reached target network.target. Feb 9 12:31:30.892056 ignition[868]: parsing config with SHA512: 0131bd505bfe1b1215ca4ec9809701a3323bf448114294874f7249d8d300440bd742a7532f60673bfa0746c04de0bd5ca68d0fe9a8ecd59464b13a6401323cb4 Feb 9 12:31:30.920249 unknown[868]: fetched base config from "system" Feb 9 12:31:31.155000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=iscsid comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:30.900057 ignition[868]: no config dir at "/usr/lib/ignition/base.platform.d/packet" Feb 9 12:31:31.177641 iscsid[909]: iscsid: can't open InitiatorName configuration file /etc/iscsi/initiatorname.iscsi Feb 9 12:31:31.177641 iscsid[909]: iscsid: Warning: InitiatorName file /etc/iscsi/initiatorname.iscsi does not exist or does not contain a properly formatted InitiatorName. If using software iscsi (iscsi_tcp or ib_iser) or partial offload (bnx2i or cxgbi iscsi), you may not be able to log Feb 9 12:31:31.177641 iscsid[909]: into or discover targets. Please create a file /etc/iscsi/initiatorname.iscsi that contains a sting with the format: InitiatorName=iqn.yyyy-mm.[:identifier]. Feb 9 12:31:31.177641 iscsid[909]: Example: InitiatorName=iqn.2001-04.com.redhat:fc6. Feb 9 12:31:31.177641 iscsid[909]: If using hardware iscsi like qla4xxx this message can be ignored. Feb 9 12:31:31.177641 iscsid[909]: iscsid: can't open InitiatorAlias configuration file /etc/iscsi/initiatorname.iscsi Feb 9 12:31:31.177641 iscsid[909]: iscsid: can't open iscsid.safe_logout configuration file /etc/iscsi/iscsid.conf Feb 9 12:31:31.335628 kernel: mlx5_core 0000:02:00.0 enp2s0f0np0: Link up Feb 9 12:31:31.185000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=dracut-initqueue comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:31.317000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=dracut-pre-mount comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:30.920253 unknown[868]: fetched user config from "system" Feb 9 12:31:30.900127 ignition[868]: parsed url from cmdline: "" Feb 9 12:31:30.947205 systemd[1]: Starting iscsiuio.service... Feb 9 12:31:30.900129 ignition[868]: no config URL provided Feb 9 12:31:30.959802 systemd[1]: Started iscsiuio.service. Feb 9 12:31:30.900132 ignition[868]: reading system config file "/usr/lib/ignition/user.ign" Feb 9 12:31:30.966776 systemd[1]: Finished ignition-fetch-offline.service. Feb 9 12:31:30.900161 ignition[868]: parsing config with SHA512: 31555322ea1a9f6680dabc2cbac3c87e6e76ef98d2f49e1bb2c9af1d7d2ff83edf19dc4beae362c5a320c0a09e2dd4f534f0a07cb05d7329bc895055405988a5 Feb 9 12:31:31.027759 systemd[1]: ignition-fetch.service was skipped because of an unmet condition check (ConditionPathExists=!/run/ignition.json). Feb 9 12:31:30.920657 ignition[868]: fetch-offline: fetch-offline passed Feb 9 12:31:31.028206 systemd[1]: Starting ignition-kargs.service... Feb 9 12:31:30.920660 ignition[868]: POST message to Packet Timeline Feb 9 12:31:31.103775 systemd-networkd[880]: enp2s0f0np0: Configuring with /usr/lib/systemd/network/zz-default.network. Feb 9 12:31:30.920666 ignition[868]: POST Status error: resource requires networking Feb 9 12:31:31.116083 systemd[1]: Starting iscsid.service... Feb 9 12:31:30.920697 ignition[868]: Ignition finished successfully Feb 9 12:31:31.141902 systemd[1]: Started iscsid.service. Feb 9 12:31:31.106711 ignition[898]: Ignition 2.14.0 Feb 9 12:31:31.156259 systemd[1]: Starting dracut-initqueue.service... Feb 9 12:31:31.106714 ignition[898]: Stage: kargs Feb 9 12:31:31.162780 systemd[1]: Finished dracut-initqueue.service. Feb 9 12:31:31.106772 ignition[898]: reading system config file "/usr/lib/ignition/base.d/base.ign" Feb 9 12:31:31.186644 systemd[1]: Reached target remote-fs-pre.target. Feb 9 12:31:31.106781 ignition[898]: parsing config with SHA512: 0131bd505bfe1b1215ca4ec9809701a3323bf448114294874f7249d8d300440bd742a7532f60673bfa0746c04de0bd5ca68d0fe9a8ecd59464b13a6401323cb4 Feb 9 12:31:31.197822 systemd[1]: Reached target remote-cryptsetup.target. Feb 9 12:31:31.109079 ignition[898]: no config dir at "/usr/lib/ignition/base.platform.d/packet" Feb 9 12:31:31.239718 systemd[1]: Reached target remote-fs.target. Feb 9 12:31:31.109788 ignition[898]: kargs: kargs passed Feb 9 12:31:31.268966 systemd[1]: Starting dracut-pre-mount.service... Feb 9 12:31:31.109791 ignition[898]: POST message to Packet Timeline Feb 9 12:31:31.291791 systemd[1]: Finished dracut-pre-mount.service. Feb 9 12:31:31.109801 ignition[898]: GET https://metadata.packet.net/metadata: attempt #1 Feb 9 12:31:31.319225 systemd-networkd[880]: eno2: Configuring with /usr/lib/systemd/network/zz-default.network. Feb 9 12:31:31.112115 ignition[898]: GET error: Get "https://metadata.packet.net/metadata": dial tcp: lookup metadata.packet.net on [::1]:53: read udp [::1]:57012->[::1]:53: read: connection refused Feb 9 12:31:31.347758 systemd-networkd[880]: eno1: Configuring with /usr/lib/systemd/network/zz-default.network. Feb 9 12:31:31.312467 ignition[898]: GET https://metadata.packet.net/metadata: attempt #2 Feb 9 12:31:31.378151 systemd-networkd[880]: enp2s0f1np1: Link UP Feb 9 12:31:31.312880 ignition[898]: GET error: Get "https://metadata.packet.net/metadata": dial tcp: lookup metadata.packet.net on [::1]:53: read udp [::1]:40309->[::1]:53: read: connection refused Feb 9 12:31:31.378331 systemd-networkd[880]: enp2s0f1np1: Gained carrier Feb 9 12:31:31.390934 systemd-networkd[880]: enp2s0f0np0: Link UP Feb 9 12:31:31.391220 systemd-networkd[880]: eno2: Link UP Feb 9 12:31:31.391478 systemd-networkd[880]: eno1: Link UP Feb 9 12:31:31.713254 ignition[898]: GET https://metadata.packet.net/metadata: attempt #3 Feb 9 12:31:31.714467 ignition[898]: GET error: Get "https://metadata.packet.net/metadata": dial tcp: lookup metadata.packet.net on [::1]:53: read udp [::1]:53088->[::1]:53: read: connection refused Feb 9 12:31:32.154390 systemd-networkd[880]: enp2s0f0np0: Gained carrier Feb 9 12:31:32.162743 kernel: IPv6: ADDRCONF(NETDEV_CHANGE): enp2s0f0np0: link becomes ready Feb 9 12:31:32.189767 systemd-networkd[880]: enp2s0f0np0: DHCPv4 address 86.109.11.101/31, gateway 86.109.11.100 acquired from 145.40.83.140 Feb 9 12:31:32.514892 ignition[898]: GET https://metadata.packet.net/metadata: attempt #4 Feb 9 12:31:32.516391 ignition[898]: GET error: Get "https://metadata.packet.net/metadata": dial tcp: lookup metadata.packet.net on [::1]:53: read udp [::1]:40133->[::1]:53: read: connection refused Feb 9 12:31:32.963030 systemd-networkd[880]: enp2s0f1np1: Gained IPv6LL Feb 9 12:31:33.602997 systemd-networkd[880]: enp2s0f0np0: Gained IPv6LL Feb 9 12:31:34.116863 ignition[898]: GET https://metadata.packet.net/metadata: attempt #5 Feb 9 12:31:34.118086 ignition[898]: GET error: Get "https://metadata.packet.net/metadata": dial tcp: lookup metadata.packet.net on [::1]:53: read udp [::1]:49049->[::1]:53: read: connection refused Feb 9 12:31:37.321487 ignition[898]: GET https://metadata.packet.net/metadata: attempt #6 Feb 9 12:31:37.360621 ignition[898]: GET result: OK Feb 9 12:31:37.548290 ignition[898]: Ignition finished successfully Feb 9 12:31:37.553010 systemd[1]: Finished ignition-kargs.service. Feb 9 12:31:37.641075 kernel: kauditd_printk_skb: 3 callbacks suppressed Feb 9 12:31:37.641093 kernel: audit: type=1130 audit(1707481897.563:31): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-kargs comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:37.563000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-kargs comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:37.572781 ignition[927]: Ignition 2.14.0 Feb 9 12:31:37.565786 systemd[1]: Starting ignition-disks.service... Feb 9 12:31:37.572784 ignition[927]: Stage: disks Feb 9 12:31:37.572840 ignition[927]: reading system config file "/usr/lib/ignition/base.d/base.ign" Feb 9 12:31:37.572850 ignition[927]: parsing config with SHA512: 0131bd505bfe1b1215ca4ec9809701a3323bf448114294874f7249d8d300440bd742a7532f60673bfa0746c04de0bd5ca68d0fe9a8ecd59464b13a6401323cb4 Feb 9 12:31:37.574176 ignition[927]: no config dir at "/usr/lib/ignition/base.platform.d/packet" Feb 9 12:31:37.575754 ignition[927]: disks: disks passed Feb 9 12:31:37.575758 ignition[927]: POST message to Packet Timeline Feb 9 12:31:37.575768 ignition[927]: GET https://metadata.packet.net/metadata: attempt #1 Feb 9 12:31:37.662328 ignition[927]: GET result: OK Feb 9 12:31:37.895913 ignition[927]: Ignition finished successfully Feb 9 12:31:37.899162 systemd[1]: Finished ignition-disks.service. Feb 9 12:31:37.975642 kernel: audit: type=1130 audit(1707481897.911:32): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-disks comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:37.911000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-disks comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:37.912179 systemd[1]: Reached target initrd-root-device.target. Feb 9 12:31:37.983705 systemd[1]: Reached target local-fs-pre.target. Feb 9 12:31:37.983744 systemd[1]: Reached target local-fs.target. Feb 9 12:31:38.005730 systemd[1]: Reached target sysinit.target. Feb 9 12:31:38.019682 systemd[1]: Reached target basic.target. Feb 9 12:31:38.020313 systemd[1]: Starting systemd-fsck-root.service... Feb 9 12:31:38.048744 systemd-fsck[942]: ROOT: clean, 602/553520 files, 56014/553472 blocks Feb 9 12:31:38.064924 systemd[1]: Finished systemd-fsck-root.service. Feb 9 12:31:38.155723 kernel: audit: type=1130 audit(1707481898.073:33): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-fsck-root comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:38.155739 kernel: EXT4-fs (sda9): mounted filesystem with ordered data mode. Opts: (null). Quota mode: none. Feb 9 12:31:38.073000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-fsck-root comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:38.079091 systemd[1]: Mounting sysroot.mount... Feb 9 12:31:38.163154 systemd[1]: Mounted sysroot.mount. Feb 9 12:31:38.176781 systemd[1]: Reached target initrd-root-fs.target. Feb 9 12:31:38.184309 systemd[1]: Mounting sysroot-usr.mount... Feb 9 12:31:38.209370 systemd[1]: Starting flatcar-metadata-hostname.service... Feb 9 12:31:38.218109 systemd[1]: Starting flatcar-static-network.service... Feb 9 12:31:38.233655 systemd[1]: ignition-remount-sysroot.service was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/sysroot). Feb 9 12:31:38.233689 systemd[1]: Reached target ignition-diskful.target. Feb 9 12:31:38.251321 systemd[1]: Mounted sysroot-usr.mount. Feb 9 12:31:38.326721 kernel: BTRFS: device label OEM devid 1 transid 16 /dev/sda6 scanned by mount (953) Feb 9 12:31:38.326737 kernel: BTRFS info (device sda6): using crc32c (crc32c-intel) checksum algorithm Feb 9 12:31:38.274209 systemd[1]: Mounting sysroot-usr-share-oem.mount... Feb 9 12:31:38.412785 kernel: BTRFS info (device sda6): using free space tree Feb 9 12:31:38.412802 kernel: BTRFS info (device sda6): has skinny extents Feb 9 12:31:38.412809 kernel: BTRFS info (device sda6): enabling ssd optimizations Feb 9 12:31:38.412932 coreos-metadata[949]: Feb 09 12:31:38.334 INFO Fetching https://metadata.packet.net/metadata: Attempt #1 Feb 9 12:31:38.412932 coreos-metadata[949]: Feb 09 12:31:38.356 INFO Fetch successful Feb 9 12:31:38.412932 coreos-metadata[949]: Feb 09 12:31:38.373 INFO wrote hostname ci-3510.3.2-a-260490bd8e to /sysroot/etc/hostname Feb 9 12:31:38.616766 kernel: audit: type=1130 audit(1707481898.421:34): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=flatcar-metadata-hostname comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:38.616783 kernel: audit: type=1130 audit(1707481898.483:35): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=flatcar-static-network comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:38.616791 kernel: audit: type=1131 audit(1707481898.483:36): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=flatcar-static-network comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:38.421000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=flatcar-metadata-hostname comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:38.483000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=flatcar-static-network comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:38.483000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=flatcar-static-network comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:38.294917 systemd[1]: Starting initrd-setup-root.service... Feb 9 12:31:38.625000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=initrd-setup-root comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:38.683028 coreos-metadata[950]: Feb 09 12:31:38.335 INFO Fetching https://metadata.packet.net/metadata: Attempt #1 Feb 9 12:31:38.683028 coreos-metadata[950]: Feb 09 12:31:38.355 INFO Fetch successful Feb 9 12:31:38.701803 kernel: audit: type=1130 audit(1707481898.625:37): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=initrd-setup-root comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:38.701845 initrd-setup-root[960]: cut: /sysroot/etc/passwd: No such file or directory Feb 9 12:31:38.403751 systemd[1]: Finished flatcar-metadata-hostname.service. Feb 9 12:31:38.733000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=sysroot-boot comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:38.761912 initrd-setup-root[968]: cut: /sysroot/etc/group: No such file or directory Feb 9 12:31:38.807748 kernel: audit: type=1130 audit(1707481898.733:38): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=sysroot-boot comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:38.422851 systemd[1]: flatcar-static-network.service: Deactivated successfully. Feb 9 12:31:38.818810 initrd-setup-root[976]: cut: /sysroot/etc/shadow: No such file or directory Feb 9 12:31:38.422890 systemd[1]: Finished flatcar-static-network.service. Feb 9 12:31:38.838760 initrd-setup-root[984]: cut: /sysroot/etc/gshadow: No such file or directory Feb 9 12:31:38.483772 systemd[1]: Mounted sysroot-usr-share-oem.mount. Feb 9 12:31:38.857700 ignition[1025]: INFO : Ignition 2.14.0 Feb 9 12:31:38.857700 ignition[1025]: INFO : Stage: mount Feb 9 12:31:38.857700 ignition[1025]: INFO : reading system config file "/usr/lib/ignition/base.d/base.ign" Feb 9 12:31:38.857700 ignition[1025]: DEBUG : parsing config with SHA512: 0131bd505bfe1b1215ca4ec9809701a3323bf448114294874f7249d8d300440bd742a7532f60673bfa0746c04de0bd5ca68d0fe9a8ecd59464b13a6401323cb4 Feb 9 12:31:38.857700 ignition[1025]: INFO : no config dir at "/usr/lib/ignition/base.platform.d/packet" Feb 9 12:31:38.857700 ignition[1025]: INFO : mount: mount passed Feb 9 12:31:38.857700 ignition[1025]: INFO : POST message to Packet Timeline Feb 9 12:31:38.857700 ignition[1025]: INFO : GET https://metadata.packet.net/metadata: attempt #1 Feb 9 12:31:38.857700 ignition[1025]: INFO : GET result: OK Feb 9 12:31:38.602789 systemd[1]: Finished initrd-setup-root.service. Feb 9 12:31:38.626237 systemd[1]: Starting ignition-mount.service... Feb 9 12:31:38.690085 systemd[1]: Starting sysroot-boot.service... Feb 9 12:31:38.719088 systemd[1]: sysusr-usr-share-oem.mount: Deactivated successfully. Feb 9 12:31:38.719272 systemd[1]: sysroot-usr-share-oem.mount: Deactivated successfully. Feb 9 12:31:38.721983 systemd[1]: Finished sysroot-boot.service. Feb 9 12:31:38.995051 ignition[1025]: INFO : Ignition finished successfully Feb 9 12:31:38.997708 systemd[1]: Finished ignition-mount.service. Feb 9 12:31:39.011000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-mount comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:39.013856 systemd[1]: Starting ignition-files.service... Feb 9 12:31:39.084610 kernel: audit: type=1130 audit(1707481899.011:39): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-mount comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:39.079343 systemd[1]: Mounting sysroot-usr-share-oem.mount... Feb 9 12:31:39.131629 kernel: BTRFS: device label OEM devid 1 transid 17 /dev/sda6 scanned by mount (1040) Feb 9 12:31:39.131641 kernel: BTRFS info (device sda6): using crc32c (crc32c-intel) checksum algorithm Feb 9 12:31:39.166367 kernel: BTRFS info (device sda6): using free space tree Feb 9 12:31:39.166382 kernel: BTRFS info (device sda6): has skinny extents Feb 9 12:31:39.216531 kernel: BTRFS info (device sda6): enabling ssd optimizations Feb 9 12:31:39.217761 systemd[1]: Mounted sysroot-usr-share-oem.mount. Feb 9 12:31:39.234671 ignition[1059]: INFO : Ignition 2.14.0 Feb 9 12:31:39.234671 ignition[1059]: INFO : Stage: files Feb 9 12:31:39.234671 ignition[1059]: INFO : reading system config file "/usr/lib/ignition/base.d/base.ign" Feb 9 12:31:39.234671 ignition[1059]: DEBUG : parsing config with SHA512: 0131bd505bfe1b1215ca4ec9809701a3323bf448114294874f7249d8d300440bd742a7532f60673bfa0746c04de0bd5ca68d0fe9a8ecd59464b13a6401323cb4 Feb 9 12:31:39.234671 ignition[1059]: INFO : no config dir at "/usr/lib/ignition/base.platform.d/packet" Feb 9 12:31:39.234671 ignition[1059]: DEBUG : files: compiled without relabeling support, skipping Feb 9 12:31:39.237870 unknown[1059]: wrote ssh authorized keys file for user: core Feb 9 12:31:39.309705 ignition[1059]: INFO : files: ensureUsers: op(1): [started] creating or modifying user "core" Feb 9 12:31:39.309705 ignition[1059]: DEBUG : files: ensureUsers: op(1): executing: "usermod" "--root" "/sysroot" "core" Feb 9 12:31:39.309705 ignition[1059]: INFO : files: ensureUsers: op(1): [finished] creating or modifying user "core" Feb 9 12:31:39.309705 ignition[1059]: INFO : files: ensureUsers: op(2): [started] adding ssh keys to user "core" Feb 9 12:31:39.309705 ignition[1059]: INFO : files: ensureUsers: op(2): [finished] adding ssh keys to user "core" Feb 9 12:31:39.309705 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(3): [started] writing file "/sysroot/opt/helm-v3.13.2-linux-amd64.tar.gz" Feb 9 12:31:39.309705 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(3): GET https://get.helm.sh/helm-v3.13.2-linux-amd64.tar.gz: attempt #1 Feb 9 12:31:39.404665 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(3): GET result: OK Feb 9 12:31:39.415753 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(3): [finished] writing file "/sysroot/opt/helm-v3.13.2-linux-amd64.tar.gz" Feb 9 12:31:39.415753 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(4): [started] writing file "/sysroot/opt/cni-plugins-linux-amd64-v1.3.0.tgz" Feb 9 12:31:39.415753 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(4): GET https://github.com/containernetworking/plugins/releases/download/v1.3.0/cni-plugins-linux-amd64-v1.3.0.tgz: attempt #1 Feb 9 12:31:39.878916 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(4): GET result: OK Feb 9 12:31:39.974044 ignition[1059]: DEBUG : files: createFilesystemsFiles: createFiles: op(4): file matches expected sum of: 5d0324ca8a3c90c680b6e1fddb245a2255582fa15949ba1f3c6bb7323df9d3af754dae98d6e40ac9ccafb2999c932df2c4288d418949a4915d928eb23c090540 Feb 9 12:31:39.974044 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(4): [finished] writing file "/sysroot/opt/cni-plugins-linux-amd64-v1.3.0.tgz" Feb 9 12:31:40.016739 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(5): [started] writing file "/sysroot/opt/crictl-v1.27.0-linux-amd64.tar.gz" Feb 9 12:31:40.016739 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(5): GET https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.27.0/crictl-v1.27.0-linux-amd64.tar.gz: attempt #1 Feb 9 12:31:40.378075 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(5): GET result: OK Feb 9 12:31:40.429735 ignition[1059]: DEBUG : files: createFilesystemsFiles: createFiles: op(5): file matches expected sum of: aa622325bf05520939f9e020d7a28ab48ac23e2fae6f47d5a4e52174c88c1ebc31b464853e4fd65bd8f5331f330a6ca96fd370d247d3eeaed042da4ee2d1219a Feb 9 12:31:40.453768 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(5): [finished] writing file "/sysroot/opt/crictl-v1.27.0-linux-amd64.tar.gz" Feb 9 12:31:40.453768 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(6): [started] writing file "/sysroot/opt/bin/kubeadm" Feb 9 12:31:40.453768 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(6): GET https://dl.k8s.io/release/v1.28.1/bin/linux/amd64/kubeadm: attempt #1 Feb 9 12:31:40.503614 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(6): GET result: OK Feb 9 12:31:40.746732 ignition[1059]: DEBUG : files: createFilesystemsFiles: createFiles: op(6): file matches expected sum of: f4daad200c8378dfdc6cb69af28eaca4215f2b4a2dbdf75f29f9210171cb5683bc873fc000319022e6b3ad61175475d77190734713ba9136644394e8a8faafa1 Feb 9 12:31:40.746732 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(6): [finished] writing file "/sysroot/opt/bin/kubeadm" Feb 9 12:31:40.746732 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(7): [started] writing file "/sysroot/opt/bin/kubelet" Feb 9 12:31:40.802747 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(7): GET https://dl.k8s.io/release/v1.28.1/bin/linux/amd64/kubelet: attempt #1 Feb 9 12:31:40.802747 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(7): GET result: OK Feb 9 12:31:41.303512 ignition[1059]: DEBUG : files: createFilesystemsFiles: createFiles: op(7): file matches expected sum of: ce6ba764274162d38ac1c44e1fb1f0f835346f3afc5b508bb755b1b7d7170910f5812b0a1941b32e29d950e905bbd08ae761c87befad921db4d44969c8562e75 Feb 9 12:31:41.303512 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(7): [finished] writing file "/sysroot/opt/bin/kubelet" Feb 9 12:31:41.344737 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(8): [started] writing file "/sysroot/opt/bin/kubectl" Feb 9 12:31:41.344737 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(8): GET https://dl.k8s.io/release/v1.28.1/bin/linux/amd64/kubectl: attempt #1 Feb 9 12:31:41.376632 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(8): GET result: OK Feb 9 12:31:41.511760 ignition[1059]: DEBUG : files: createFilesystemsFiles: createFiles: op(8): file matches expected sum of: 33cf3f6e37bcee4dff7ce14ab933c605d07353d4e31446dd2b52c3f05e0b150b60e531f6069f112d8a76331322a72b593537531e62104cfc7c70cb03d46f76b3 Feb 9 12:31:41.511760 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(8): [finished] writing file "/sysroot/opt/bin/kubectl" Feb 9 12:31:41.561728 kernel: BTRFS info: devid 1 device path /dev/sda6 changed to /dev/disk/by-label/OEM scanned by ignition (1065) Feb 9 12:31:41.561747 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(9): [started] writing file "/sysroot/etc/docker/daemon.json" Feb 9 12:31:41.561747 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(9): [finished] writing file "/sysroot/etc/docker/daemon.json" Feb 9 12:31:41.561747 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(a): [started] writing file "/sysroot/home/core/install.sh" Feb 9 12:31:41.561747 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(a): [finished] writing file "/sysroot/home/core/install.sh" Feb 9 12:31:41.561747 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(b): [started] writing file "/sysroot/home/core/nginx.yaml" Feb 9 12:31:41.561747 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(b): [finished] writing file "/sysroot/home/core/nginx.yaml" Feb 9 12:31:41.561747 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(c): [started] writing file "/sysroot/home/core/nfs-pod.yaml" Feb 9 12:31:41.561747 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(c): [finished] writing file "/sysroot/home/core/nfs-pod.yaml" Feb 9 12:31:41.561747 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(d): [started] writing file "/sysroot/home/core/nfs-pvc.yaml" Feb 9 12:31:41.561747 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(d): [finished] writing file "/sysroot/home/core/nfs-pvc.yaml" Feb 9 12:31:41.561747 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(e): [started] writing file "/sysroot/etc/flatcar/update.conf" Feb 9 12:31:41.561747 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(e): [finished] writing file "/sysroot/etc/flatcar/update.conf" Feb 9 12:31:41.561747 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(f): [started] writing file "/sysroot/etc/systemd/system/packet-phone-home.service" Feb 9 12:31:41.561747 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(f): oem config not found in "/usr/share/oem", looking on oem partition Feb 9 12:31:41.561747 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(f): op(10): [started] mounting "/dev/disk/by-label/OEM" at "/mnt/oem2625839192" Feb 9 12:31:41.561747 ignition[1059]: CRITICAL : files: createFilesystemsFiles: createFiles: op(f): op(10): [failed] mounting "/dev/disk/by-label/OEM" at "/mnt/oem2625839192": device or resource busy Feb 9 12:31:41.890743 kernel: audit: type=1130 audit(1707481901.778:40): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-files comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:41.778000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-files comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:41.767810 systemd[1]: Finished ignition-files.service. Feb 9 12:31:41.900000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=initrd-setup-root-after-ignition comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:41.907824 ignition[1059]: ERROR : files: createFilesystemsFiles: createFiles: op(f): failed to mount ext4 device "/dev/disk/by-label/OEM" at "/mnt/oem2625839192", trying btrfs: device or resource busy Feb 9 12:31:41.907824 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(f): op(11): [started] mounting "/dev/disk/by-label/OEM" at "/mnt/oem2625839192" Feb 9 12:31:41.907824 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(f): op(11): [finished] mounting "/dev/disk/by-label/OEM" at "/mnt/oem2625839192" Feb 9 12:31:41.907824 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(f): op(12): [started] unmounting "/mnt/oem2625839192" Feb 9 12:31:41.907824 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(f): op(12): [finished] unmounting "/mnt/oem2625839192" Feb 9 12:31:41.907824 ignition[1059]: INFO : files: createFilesystemsFiles: createFiles: op(f): [finished] writing file "/sysroot/etc/systemd/system/packet-phone-home.service" Feb 9 12:31:41.907824 ignition[1059]: INFO : files: op(13): [started] processing unit "coreos-metadata-sshkeys@.service" Feb 9 12:31:41.907824 ignition[1059]: INFO : files: op(13): [finished] processing unit "coreos-metadata-sshkeys@.service" Feb 9 12:31:41.907824 ignition[1059]: INFO : files: op(14): [started] processing unit "packet-phone-home.service" Feb 9 12:31:41.907824 ignition[1059]: INFO : files: op(14): [finished] processing unit "packet-phone-home.service" Feb 9 12:31:41.907824 ignition[1059]: INFO : files: op(15): [started] processing unit "prepare-cni-plugins.service" Feb 9 12:31:41.907824 ignition[1059]: INFO : files: op(15): op(16): [started] writing unit "prepare-cni-plugins.service" at "/sysroot/etc/systemd/system/prepare-cni-plugins.service" Feb 9 12:31:41.907824 ignition[1059]: INFO : files: op(15): op(16): [finished] writing unit "prepare-cni-plugins.service" at "/sysroot/etc/systemd/system/prepare-cni-plugins.service" Feb 9 12:31:41.907824 ignition[1059]: INFO : files: op(15): [finished] processing unit "prepare-cni-plugins.service" Feb 9 12:31:41.907824 ignition[1059]: INFO : files: op(17): [started] processing unit "prepare-critools.service" Feb 9 12:31:41.907824 ignition[1059]: INFO : files: op(17): op(18): [started] writing unit "prepare-critools.service" at "/sysroot/etc/systemd/system/prepare-critools.service" Feb 9 12:31:41.907824 ignition[1059]: INFO : files: op(17): op(18): [finished] writing unit "prepare-critools.service" at "/sysroot/etc/systemd/system/prepare-critools.service" Feb 9 12:31:41.916000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-quench comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:41.916000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-quench comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:41.984000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=initrd-parse-etc comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:41.984000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=initrd-parse-etc comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.086000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=dracut-pre-pivot comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.221000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=dracut-pre-pivot comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:41.784249 systemd[1]: Starting initrd-setup-root-after-ignition.service... Feb 9 12:31:42.299868 ignition[1059]: INFO : files: op(17): [finished] processing unit "prepare-critools.service" Feb 9 12:31:42.299868 ignition[1059]: INFO : files: op(19): [started] processing unit "prepare-helm.service" Feb 9 12:31:42.299868 ignition[1059]: INFO : files: op(19): op(1a): [started] writing unit "prepare-helm.service" at "/sysroot/etc/systemd/system/prepare-helm.service" Feb 9 12:31:42.299868 ignition[1059]: INFO : files: op(19): op(1a): [finished] writing unit "prepare-helm.service" at "/sysroot/etc/systemd/system/prepare-helm.service" Feb 9 12:31:42.299868 ignition[1059]: INFO : files: op(19): [finished] processing unit "prepare-helm.service" Feb 9 12:31:42.299868 ignition[1059]: INFO : files: op(1b): [started] setting preset to enabled for "coreos-metadata-sshkeys@.service " Feb 9 12:31:42.299868 ignition[1059]: INFO : files: op(1b): [finished] setting preset to enabled for "coreos-metadata-sshkeys@.service " Feb 9 12:31:42.299868 ignition[1059]: INFO : files: op(1c): [started] setting preset to enabled for "packet-phone-home.service" Feb 9 12:31:42.299868 ignition[1059]: INFO : files: op(1c): [finished] setting preset to enabled for "packet-phone-home.service" Feb 9 12:31:42.299868 ignition[1059]: INFO : files: op(1d): [started] setting preset to enabled for "prepare-cni-plugins.service" Feb 9 12:31:42.299868 ignition[1059]: INFO : files: op(1d): [finished] setting preset to enabled for "prepare-cni-plugins.service" Feb 9 12:31:42.299868 ignition[1059]: INFO : files: op(1e): [started] setting preset to enabled for "prepare-critools.service" Feb 9 12:31:42.299868 ignition[1059]: INFO : files: op(1e): [finished] setting preset to enabled for "prepare-critools.service" Feb 9 12:31:42.299868 ignition[1059]: INFO : files: op(1f): [started] setting preset to enabled for "prepare-helm.service" Feb 9 12:31:42.299868 ignition[1059]: INFO : files: op(1f): [finished] setting preset to enabled for "prepare-helm.service" Feb 9 12:31:42.299868 ignition[1059]: INFO : files: createResultFile: createFiles: op(20): [started] writing file "/sysroot/etc/.ignition-result.json" Feb 9 12:31:42.299868 ignition[1059]: INFO : files: createResultFile: createFiles: op(20): [finished] writing file "/sysroot/etc/.ignition-result.json" Feb 9 12:31:42.299868 ignition[1059]: INFO : files: files passed Feb 9 12:31:42.299868 ignition[1059]: INFO : POST message to Packet Timeline Feb 9 12:31:42.299868 ignition[1059]: INFO : GET https://metadata.packet.net/metadata: attempt #1 Feb 9 12:31:42.299868 ignition[1059]: INFO : GET result: OK Feb 9 12:31:42.299868 ignition[1059]: INFO : Ignition finished successfully Feb 9 12:31:42.907744 kernel: kauditd_printk_skb: 10 callbacks suppressed Feb 9 12:31:42.907764 kernel: audit: type=1131 audit(1707481902.656:51): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=initrd-setup-root-after-ignition comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.907773 kernel: audit: type=1131 audit(1707481902.746:52): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-files comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.907783 kernel: audit: type=1131 audit(1707481902.811:53): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=flatcar-metadata-hostname comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.482000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=dracut-pre-mount comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.525000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=dracut-initqueue comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.547000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-fetch-offline comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.656000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=initrd-setup-root-after-ignition comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.746000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-files comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.811000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=flatcar-metadata-hostname comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.907915 initrd-setup-root-after-ignition[1091]: grep: /sysroot/etc/flatcar/enabled-sysext.conf: No such file or directory Feb 9 12:31:41.847794 systemd[1]: torcx-profile-populate.service was skipped because of an unmet condition check (ConditionPathExists=/sysroot/etc/torcx/next-profile). Feb 9 12:31:42.936000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-udev-trigger comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.995083 iscsid[909]: iscsid shutting down. Feb 9 12:31:43.062085 kernel: audit: type=1131 audit(1707481902.936:54): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-udev-trigger comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:43.062100 kernel: audit: type=1131 audit(1707481903.002:55): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=dracut-pre-trigger comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:43.002000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=dracut-pre-trigger comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:41.848097 systemd[1]: Starting ignition-quench.service... Feb 9 12:31:43.128048 kernel: audit: type=1131 audit(1707481903.068:56): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=iscsid comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:43.068000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=iscsid comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:41.865992 systemd[1]: Finished initrd-setup-root-after-ignition.service. Feb 9 12:31:43.196304 kernel: audit: type=1131 audit(1707481903.136:57): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-mount comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:43.136000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-mount comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:41.901102 systemd[1]: ignition-quench.service: Deactivated successfully. Feb 9 12:31:43.263361 kernel: audit: type=1131 audit(1707481903.203:58): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=sysroot-boot comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:43.203000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=sysroot-boot comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:41.901187 systemd[1]: Finished ignition-quench.service. Feb 9 12:31:41.916947 systemd[1]: Reached target ignition-complete.target. Feb 9 12:31:43.286000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-disks comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:41.947602 systemd[1]: Starting initrd-parse-etc.service... Feb 9 12:31:43.412132 kernel: audit: type=1131 audit(1707481903.286:59): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-disks comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:43.412146 kernel: audit: type=1131 audit(1707481903.353:60): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-kargs comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:43.353000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-kargs comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:43.412180 ignition[1107]: INFO : Ignition 2.14.0 Feb 9 12:31:43.412180 ignition[1107]: INFO : Stage: umount Feb 9 12:31:43.412180 ignition[1107]: INFO : reading system config file "/usr/lib/ignition/base.d/base.ign" Feb 9 12:31:43.412180 ignition[1107]: DEBUG : parsing config with SHA512: 0131bd505bfe1b1215ca4ec9809701a3323bf448114294874f7249d8d300440bd742a7532f60673bfa0746c04de0bd5ca68d0fe9a8ecd59464b13a6401323cb4 Feb 9 12:31:43.412180 ignition[1107]: INFO : no config dir at "/usr/lib/ignition/base.platform.d/packet" Feb 9 12:31:43.412180 ignition[1107]: INFO : umount: umount passed Feb 9 12:31:43.412180 ignition[1107]: INFO : POST message to Packet Timeline Feb 9 12:31:43.412180 ignition[1107]: INFO : GET https://metadata.packet.net/metadata: attempt #1 Feb 9 12:31:43.412180 ignition[1107]: INFO : GET result: OK Feb 9 12:31:43.412180 ignition[1107]: INFO : Ignition finished successfully Feb 9 12:31:43.420000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=ignition-setup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:43.440000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=initrd-setup-root comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:43.476000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=iscsiuio comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:43.493000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=initrd-cleanup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:43.493000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=initrd-cleanup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:41.969268 systemd[1]: initrd-parse-etc.service: Deactivated successfully. Feb 9 12:31:43.570000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-resolved comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:41.969326 systemd[1]: Finished initrd-parse-etc.service. Feb 9 12:31:43.586000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-networkd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:43.587000 audit: BPF prog-id=6 op=UNLOAD Feb 9 12:31:41.984971 systemd[1]: Reached target initrd-fs.target. Feb 9 12:31:42.014992 systemd[1]: Reached target initrd.target. Feb 9 12:31:42.038068 systemd[1]: dracut-mount.service was skipped because no trigger condition checks were met. Feb 9 12:31:43.633000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=parse-ip-for-networkd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.040293 systemd[1]: Starting dracut-pre-pivot.service... Feb 9 12:31:43.654000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-sysctl comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.073869 systemd[1]: Finished dracut-pre-pivot.service. Feb 9 12:31:43.670000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-modules-load comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.087426 systemd[1]: Starting initrd-cleanup.service... Feb 9 12:31:42.127079 systemd[1]: Stopped target nss-lookup.target. Feb 9 12:31:42.146216 systemd[1]: Stopped target remote-cryptsetup.target. Feb 9 12:31:43.704000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-udevd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.174271 systemd[1]: Stopped target timers.target. Feb 9 12:31:42.200215 systemd[1]: dracut-pre-pivot.service: Deactivated successfully. Feb 9 12:31:42.200605 systemd[1]: Stopped dracut-pre-pivot.service. Feb 9 12:31:43.751000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=dracut-pre-udev comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.222510 systemd[1]: Stopped target initrd.target. Feb 9 12:31:43.765000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=dracut-cmdline comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.240229 systemd[1]: Stopped target basic.target. Feb 9 12:31:43.781000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=dracut-cmdline-ask comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.264228 systemd[1]: Stopped target ignition-complete.target. Feb 9 12:31:42.290212 systemd[1]: Stopped target ignition-diskful.target. Feb 9 12:31:43.811000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-tmpfiles-setup-dev comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.309222 systemd[1]: Stopped target initrd-root-device.target. Feb 9 12:31:43.827000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=kmod-static-nodes comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.328223 systemd[1]: Stopped target remote-fs.target. Feb 9 12:31:43.843000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=systemd-vconsole-setup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.348236 systemd[1]: Stopped target remote-fs-pre.target. Feb 9 12:31:43.858000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=initrd-udevadm-cleanup-db comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:43.858000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=initrd-udevadm-cleanup-db comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.374253 systemd[1]: Stopped target sysinit.target. Feb 9 12:31:42.399238 systemd[1]: Stopped target local-fs.target. Feb 9 12:31:42.418201 systemd[1]: Stopped target local-fs-pre.target. Feb 9 12:31:42.441223 systemd[1]: Stopped target swap.target. Feb 9 12:31:42.462109 systemd[1]: dracut-pre-mount.service: Deactivated successfully. Feb 9 12:31:42.462471 systemd[1]: Stopped dracut-pre-mount.service. Feb 9 12:31:42.483430 systemd[1]: Stopped target cryptsetup.target. Feb 9 12:31:42.504116 systemd[1]: dracut-initqueue.service: Deactivated successfully. Feb 9 12:31:42.504475 systemd[1]: Stopped dracut-initqueue.service. Feb 9 12:31:42.526372 systemd[1]: ignition-fetch-offline.service: Deactivated successfully. Feb 9 12:31:42.526768 systemd[1]: Stopped ignition-fetch-offline.service. Feb 9 12:31:43.950000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=kernel msg='unit=network-cleanup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:42.548426 systemd[1]: Stopped target paths.target. Feb 9 12:31:42.568098 systemd[1]: systemd-ask-password-console.path: Deactivated successfully. Feb 9 12:31:42.571741 systemd[1]: Stopped systemd-ask-password-console.path. Feb 9 12:31:42.590227 systemd[1]: Stopped target slices.target. Feb 9 12:31:42.610195 systemd[1]: Stopped target sockets.target. Feb 9 12:31:42.632237 systemd[1]: initrd-setup-root-after-ignition.service: Deactivated successfully. Feb 9 12:31:42.632649 systemd[1]: Stopped initrd-setup-root-after-ignition.service. Feb 9 12:31:42.657318 systemd[1]: ignition-files.service: Deactivated successfully. Feb 9 12:31:42.657708 systemd[1]: Stopped ignition-files.service. Feb 9 12:31:42.766689 systemd[1]: flatcar-metadata-hostname.service: Deactivated successfully. Feb 9 12:31:42.766748 systemd[1]: Stopped flatcar-metadata-hostname.service. Feb 9 12:31:42.812437 systemd[1]: Stopping ignition-mount.service... Feb 9 12:31:42.878969 systemd[1]: Stopping iscsid.service... Feb 9 12:31:42.900312 systemd[1]: Stopping sysroot-boot.service... Feb 9 12:31:42.914689 systemd[1]: systemd-udev-trigger.service: Deactivated successfully. Feb 9 12:31:42.914837 systemd[1]: Stopped systemd-udev-trigger.service. Feb 9 12:31:42.936902 systemd[1]: dracut-pre-trigger.service: Deactivated successfully. Feb 9 12:31:42.937008 systemd[1]: Stopped dracut-pre-trigger.service. Feb 9 12:31:43.004240 systemd[1]: sysroot-boot.mount: Deactivated successfully. Feb 9 12:31:43.004563 systemd[1]: iscsid.service: Deactivated successfully. Feb 9 12:31:43.004610 systemd[1]: Stopped iscsid.service. Feb 9 12:31:43.069144 systemd[1]: ignition-mount.service: Deactivated successfully. Feb 9 12:31:43.069198 systemd[1]: Stopped ignition-mount.service. Feb 9 12:31:43.137099 systemd[1]: sysroot-boot.service: Deactivated successfully. Feb 9 12:31:43.137153 systemd[1]: Stopped sysroot-boot.service. Feb 9 12:31:43.204046 systemd[1]: iscsid.socket: Deactivated successfully. Feb 9 12:31:43.204090 systemd[1]: Closed iscsid.socket. Feb 9 12:31:43.270757 systemd[1]: ignition-disks.service: Deactivated successfully. Feb 9 12:31:43.270778 systemd[1]: Stopped ignition-disks.service. Feb 9 12:31:43.286745 systemd[1]: ignition-kargs.service: Deactivated successfully. Feb 9 12:31:43.286766 systemd[1]: Stopped ignition-kargs.service. Feb 9 12:31:43.353721 systemd[1]: ignition-setup.service: Deactivated successfully. Feb 9 12:31:43.353742 systemd[1]: Stopped ignition-setup.service. Feb 9 12:31:43.420741 systemd[1]: initrd-setup-root.service: Deactivated successfully. Feb 9 12:31:43.420762 systemd[1]: Stopped initrd-setup-root.service. Feb 9 12:31:43.440917 systemd[1]: Stopping iscsiuio.service... Feb 9 12:31:43.451998 systemd[1]: iscsiuio.service: Deactivated successfully. Feb 9 12:31:43.452055 systemd[1]: Stopped iscsiuio.service. Feb 9 12:31:43.477011 systemd[1]: initrd-cleanup.service: Deactivated successfully. Feb 9 12:31:44.061533 systemd-journald[270]: Received SIGTERM from PID 1 (n/a). Feb 9 12:31:43.477081 systemd[1]: Finished initrd-cleanup.service. Feb 9 12:31:43.494648 systemd[1]: Stopped target network.target. Feb 9 12:31:43.507926 systemd[1]: iscsiuio.socket: Deactivated successfully. Feb 9 12:31:43.508001 systemd[1]: Closed iscsiuio.socket. Feb 9 12:31:43.522234 systemd[1]: Stopping systemd-networkd.service... Feb 9 12:31:43.529667 systemd-networkd[880]: enp2s0f0np0: DHCPv6 lease lost Feb 9 12:31:43.537120 systemd[1]: Stopping systemd-resolved.service... Feb 9 12:31:43.538723 systemd-networkd[880]: enp2s0f1np1: DHCPv6 lease lost Feb 9 12:31:43.549363 systemd[1]: systemd-resolved.service: Deactivated successfully. Feb 9 12:31:44.060000 audit: BPF prog-id=9 op=UNLOAD Feb 9 12:31:43.549606 systemd[1]: Stopped systemd-resolved.service. Feb 9 12:31:43.572194 systemd[1]: systemd-networkd.service: Deactivated successfully. Feb 9 12:31:43.572454 systemd[1]: Stopped systemd-networkd.service. Feb 9 12:31:43.587251 systemd[1]: systemd-networkd.socket: Deactivated successfully. Feb 9 12:31:43.587332 systemd[1]: Closed systemd-networkd.socket. Feb 9 12:31:43.605149 systemd[1]: Stopping network-cleanup.service... Feb 9 12:31:43.617726 systemd[1]: parse-ip-for-networkd.service: Deactivated successfully. Feb 9 12:31:43.617856 systemd[1]: Stopped parse-ip-for-networkd.service. Feb 9 12:31:43.633965 systemd[1]: systemd-sysctl.service: Deactivated successfully. Feb 9 12:31:43.634106 systemd[1]: Stopped systemd-sysctl.service. Feb 9 12:31:43.655151 systemd[1]: systemd-modules-load.service: Deactivated successfully. Feb 9 12:31:43.655281 systemd[1]: Stopped systemd-modules-load.service. Feb 9 12:31:43.671166 systemd[1]: Stopping systemd-udevd.service... Feb 9 12:31:43.688198 systemd[1]: run-credentials-systemd\x2dsysctl.service.mount: Deactivated successfully. Feb 9 12:31:43.689486 systemd[1]: systemd-udevd.service: Deactivated successfully. Feb 9 12:31:43.689794 systemd[1]: Stopped systemd-udevd.service. Feb 9 12:31:43.705988 systemd[1]: systemd-udevd-control.socket: Deactivated successfully. Feb 9 12:31:43.706024 systemd[1]: Closed systemd-udevd-control.socket. Feb 9 12:31:43.720692 systemd[1]: systemd-udevd-kernel.socket: Deactivated successfully. Feb 9 12:31:43.720733 systemd[1]: Closed systemd-udevd-kernel.socket. Feb 9 12:31:43.735668 systemd[1]: dracut-pre-udev.service: Deactivated successfully. Feb 9 12:31:43.735750 systemd[1]: Stopped dracut-pre-udev.service. Feb 9 12:31:43.751929 systemd[1]: dracut-cmdline.service: Deactivated successfully. Feb 9 12:31:43.752030 systemd[1]: Stopped dracut-cmdline.service. Feb 9 12:31:43.766907 systemd[1]: dracut-cmdline-ask.service: Deactivated successfully. Feb 9 12:31:43.767020 systemd[1]: Stopped dracut-cmdline-ask.service. Feb 9 12:31:43.783479 systemd[1]: Starting initrd-udevadm-cleanup-db.service... Feb 9 12:31:43.796630 systemd[1]: systemd-tmpfiles-setup-dev.service: Deactivated successfully. Feb 9 12:31:43.796701 systemd[1]: Stopped systemd-tmpfiles-setup-dev.service. Feb 9 12:31:43.812852 systemd[1]: kmod-static-nodes.service: Deactivated successfully. Feb 9 12:31:43.812873 systemd[1]: Stopped kmod-static-nodes.service. Feb 9 12:31:43.828721 systemd[1]: systemd-vconsole-setup.service: Deactivated successfully. Feb 9 12:31:43.828756 systemd[1]: Stopped systemd-vconsole-setup.service. Feb 9 12:31:43.845221 systemd[1]: run-credentials-systemd\x2dtmpfiles\x2dsetup\x2ddev.service.mount: Deactivated successfully. Feb 9 12:31:43.845517 systemd[1]: initrd-udevadm-cleanup-db.service: Deactivated successfully. Feb 9 12:31:43.845588 systemd[1]: Finished initrd-udevadm-cleanup-db.service. Feb 9 12:31:43.939605 systemd[1]: network-cleanup.service: Deactivated successfully. Feb 9 12:31:43.939815 systemd[1]: Stopped network-cleanup.service. Feb 9 12:31:43.951092 systemd[1]: Reached target initrd-switch-root.target. Feb 9 12:31:43.968596 systemd[1]: Starting initrd-switch-root.service... Feb 9 12:31:44.005594 systemd[1]: Switching root. Feb 9 12:31:44.063106 systemd-journald[270]: Journal stopped Feb 9 12:31:47.959318 kernel: SELinux: Class mctp_socket not defined in policy. Feb 9 12:31:47.959331 kernel: SELinux: Class anon_inode not defined in policy. Feb 9 12:31:47.959340 kernel: SELinux: the above unknown classes and permissions will be allowed Feb 9 12:31:47.959345 kernel: SELinux: policy capability network_peer_controls=1 Feb 9 12:31:47.959350 kernel: SELinux: policy capability open_perms=1 Feb 9 12:31:47.959355 kernel: SELinux: policy capability extended_socket_class=1 Feb 9 12:31:47.959361 kernel: SELinux: policy capability always_check_network=0 Feb 9 12:31:47.959366 kernel: SELinux: policy capability cgroup_seclabel=1 Feb 9 12:31:47.959371 kernel: SELinux: policy capability nnp_nosuid_transition=1 Feb 9 12:31:47.959377 kernel: SELinux: policy capability genfs_seclabel_symlinks=0 Feb 9 12:31:47.959383 kernel: SELinux: policy capability ioctl_skip_cloexec=0 Feb 9 12:31:47.959388 systemd[1]: Successfully loaded SELinux policy in 321.442ms. Feb 9 12:31:47.959395 systemd[1]: Relabelled /dev, /dev/shm, /run, /sys/fs/cgroup in 5.695ms. Feb 9 12:31:47.959402 systemd[1]: systemd 252 running in system mode (+PAM +AUDIT +SELINUX -APPARMOR +IMA +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL -ACL +BLKID +CURL -ELFUTILS -FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 -PWQUALITY -P11KIT -QRENCODE -TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD -BPF_FRAMEWORK -XKBCOMMON +UTMP +SYSVINIT default-hierarchy=unified) Feb 9 12:31:47.959409 systemd[1]: Detected architecture x86-64. Feb 9 12:31:47.959415 systemd[1]: Detected first boot. Feb 9 12:31:47.959421 systemd[1]: Hostname set to . Feb 9 12:31:47.959427 systemd[1]: Initializing machine ID from random generator. Feb 9 12:31:47.959433 kernel: SELinux: Context system_u:object_r:container_file_t:s0:c1022,c1023 is not valid (left unmapped). Feb 9 12:31:47.959439 systemd[1]: Populated /etc with preset unit settings. Feb 9 12:31:47.959445 systemd[1]: /usr/lib/systemd/system/locksmithd.service:8: Unit uses CPUShares=; please use CPUWeight= instead. Support for CPUShares= will be removed soon. Feb 9 12:31:47.959452 systemd[1]: /usr/lib/systemd/system/locksmithd.service:9: Unit uses MemoryLimit=; please use MemoryMax= instead. Support for MemoryLimit= will be removed soon. Feb 9 12:31:47.959459 systemd[1]: /run/systemd/system/docker.socket:8: ListenStream= references a path below legacy directory /var/run/, updating /var/run/docker.sock → /run/docker.sock; please update the unit file accordingly. Feb 9 12:31:47.959465 systemd[1]: initrd-switch-root.service: Deactivated successfully. Feb 9 12:31:47.959471 systemd[1]: Stopped initrd-switch-root.service. Feb 9 12:31:47.959477 systemd[1]: systemd-journald.service: Scheduled restart job, restart counter is at 1. Feb 9 12:31:47.959484 systemd[1]: Created slice system-addon\x2dconfig.slice. Feb 9 12:31:47.959491 systemd[1]: Created slice system-addon\x2drun.slice. Feb 9 12:31:47.959497 systemd[1]: Created slice system-coreos\x2dmetadata\x2dsshkeys.slice. Feb 9 12:31:47.959503 systemd[1]: Created slice system-getty.slice. Feb 9 12:31:47.959509 systemd[1]: Created slice system-modprobe.slice. Feb 9 12:31:47.959515 systemd[1]: Created slice system-serial\x2dgetty.slice. Feb 9 12:31:47.959521 systemd[1]: Created slice system-system\x2dcloudinit.slice. Feb 9 12:31:47.959531 systemd[1]: Created slice system-systemd\x2dfsck.slice. Feb 9 12:31:47.959537 systemd[1]: Created slice user.slice. Feb 9 12:31:47.959543 systemd[1]: Started systemd-ask-password-console.path. Feb 9 12:31:47.959551 systemd[1]: Started systemd-ask-password-wall.path. Feb 9 12:31:47.959557 systemd[1]: Set up automount boot.automount. Feb 9 12:31:47.959563 systemd[1]: Set up automount proc-sys-fs-binfmt_misc.automount. Feb 9 12:31:47.959569 systemd[1]: Stopped target initrd-switch-root.target. Feb 9 12:31:47.959577 systemd[1]: Stopped target initrd-fs.target. Feb 9 12:31:47.959583 systemd[1]: Stopped target initrd-root-fs.target. Feb 9 12:31:47.959590 systemd[1]: Reached target integritysetup.target. Feb 9 12:31:47.959596 systemd[1]: Reached target remote-cryptsetup.target. Feb 9 12:31:47.959603 systemd[1]: Reached target remote-fs.target. Feb 9 12:31:47.959609 systemd[1]: Reached target slices.target. Feb 9 12:31:47.959616 systemd[1]: Reached target swap.target. Feb 9 12:31:47.959622 systemd[1]: Reached target torcx.target. Feb 9 12:31:47.959628 systemd[1]: Reached target veritysetup.target. Feb 9 12:31:47.959634 systemd[1]: Listening on systemd-coredump.socket. Feb 9 12:31:47.959641 systemd[1]: Listening on systemd-initctl.socket. Feb 9 12:31:47.959647 systemd[1]: Listening on systemd-networkd.socket. Feb 9 12:31:47.959655 systemd[1]: Listening on systemd-udevd-control.socket. Feb 9 12:31:47.959661 systemd[1]: Listening on systemd-udevd-kernel.socket. Feb 9 12:31:47.959668 systemd[1]: Listening on systemd-userdbd.socket. Feb 9 12:31:47.959674 systemd[1]: Mounting dev-hugepages.mount... Feb 9 12:31:47.959680 systemd[1]: Mounting dev-mqueue.mount... Feb 9 12:31:47.959687 systemd[1]: Mounting media.mount... Feb 9 12:31:47.959694 systemd[1]: proc-xen.mount was skipped because of an unmet condition check (ConditionVirtualization=xen). Feb 9 12:31:47.959701 systemd[1]: Mounting sys-kernel-debug.mount... Feb 9 12:31:47.959707 systemd[1]: Mounting sys-kernel-tracing.mount... Feb 9 12:31:47.959713 systemd[1]: Mounting tmp.mount... Feb 9 12:31:47.959720 systemd[1]: Starting flatcar-tmpfiles.service... Feb 9 12:31:47.959726 systemd[1]: ignition-delete-config.service was skipped because no trigger condition checks were met. Feb 9 12:31:47.959733 systemd[1]: Starting kmod-static-nodes.service... Feb 9 12:31:47.959739 systemd[1]: Starting modprobe@configfs.service... Feb 9 12:31:47.959746 systemd[1]: Starting modprobe@dm_mod.service... Feb 9 12:31:47.959753 systemd[1]: Starting modprobe@drm.service... Feb 9 12:31:47.959759 systemd[1]: Starting modprobe@efi_pstore.service... Feb 9 12:31:47.959766 systemd[1]: Starting modprobe@fuse.service... Feb 9 12:31:47.959772 kernel: fuse: init (API version 7.34) Feb 9 12:31:47.959778 systemd[1]: Starting modprobe@loop.service... Feb 9 12:31:47.959785 kernel: loop: module loaded Feb 9 12:31:47.959791 systemd[1]: setup-nsswitch.service was skipped because of an unmet condition check (ConditionPathExists=!/etc/nsswitch.conf). Feb 9 12:31:47.959799 systemd[1]: systemd-fsck-root.service: Deactivated successfully. Feb 9 12:31:47.959805 systemd[1]: Stopped systemd-fsck-root.service. Feb 9 12:31:47.959812 systemd[1]: systemd-fsck-usr.service: Deactivated successfully. Feb 9 12:31:47.959819 systemd[1]: Stopped systemd-fsck-usr.service. Feb 9 12:31:47.959825 kernel: kauditd_printk_skb: 62 callbacks suppressed Feb 9 12:31:47.959831 kernel: audit: type=1131 audit(1707481907.689:116): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-fsck-usr comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:47.959837 systemd[1]: Stopped systemd-journald.service. Feb 9 12:31:47.959843 kernel: audit: type=1130 audit(1707481907.763:117): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-journald comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:47.959850 kernel: audit: type=1131 audit(1707481907.763:118): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-journald comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:47.959856 kernel: audit: type=1334 audit(1707481907.844:119): prog-id=21 op=LOAD Feb 9 12:31:47.959862 kernel: audit: type=1334 audit(1707481907.861:120): prog-id=22 op=LOAD Feb 9 12:31:47.959867 kernel: audit: type=1334 audit(1707481907.878:121): prog-id=23 op=LOAD Feb 9 12:31:47.959873 kernel: audit: type=1334 audit(1707481907.895:122): prog-id=19 op=UNLOAD Feb 9 12:31:47.959879 systemd[1]: Starting systemd-journald.service... Feb 9 12:31:47.959885 kernel: audit: type=1334 audit(1707481907.895:123): prog-id=20 op=UNLOAD Feb 9 12:31:47.959891 systemd[1]: Starting systemd-modules-load.service... Feb 9 12:31:47.959897 kernel: audit: type=1305 audit(1707481907.957:124): op=set audit_enabled=1 old=1 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 res=1 Feb 9 12:31:47.959907 systemd-journald[1260]: Journal started Feb 9 12:31:47.959931 systemd-journald[1260]: Runtime Journal (/run/log/journal/99a940a4528b429cbaba1e736b271be6) is 8.0M, max 636.8M, 628.8M free. Feb 9 12:31:44.486000 audit: MAC_POLICY_LOAD auid=4294967295 ses=4294967295 lsm=selinux res=1 Feb 9 12:31:44.755000 audit[1]: AVC avc: denied { integrity } for pid=1 comm="systemd" lockdown_reason="/dev/mem,kmem,port" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=lockdown permissive=1 Feb 9 12:31:44.757000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 Feb 9 12:31:44.757000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 Feb 9 12:31:44.757000 audit: BPF prog-id=10 op=LOAD Feb 9 12:31:44.757000 audit: BPF prog-id=10 op=UNLOAD Feb 9 12:31:44.758000 audit: BPF prog-id=11 op=LOAD Feb 9 12:31:44.758000 audit: BPF prog-id=11 op=UNLOAD Feb 9 12:31:44.828000 audit[1148]: AVC avc: denied { associate } for pid=1148 comm="torcx-generator" name="docker" dev="tmpfs" ino=2 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=filesystem permissive=1 srawcon="system_u:object_r:container_file_t:s0:c1022,c1023" Feb 9 12:31:44.828000 audit[1148]: SYSCALL arch=c000003e syscall=188 success=yes exit=0 a0=c0001d98a2 a1=c00015adf8 a2=c0001630c0 a3=32 items=0 ppid=1131 pid=1148 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="torcx-generator" exe="/usr/lib/systemd/system-generators/torcx-generator" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:31:44.828000 audit: PROCTITLE proctitle=2F7573722F6C69622F73797374656D642F73797374656D2D67656E657261746F72732F746F7263782D67656E657261746F72002F72756E2F73797374656D642F67656E657261746F72002F72756E2F73797374656D642F67656E657261746F722E6561726C79002F72756E2F73797374656D642F67656E657261746F722E6C61 Feb 9 12:31:44.856000 audit[1148]: AVC avc: denied { associate } for pid=1148 comm="torcx-generator" name="bin" scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:tmpfs_t:s0 tclass=filesystem permissive=1 Feb 9 12:31:44.856000 audit[1148]: SYSCALL arch=c000003e syscall=258 success=yes exit=0 a0=ffffffffffffff9c a1=c0001d9979 a2=1ed a3=0 items=2 ppid=1131 pid=1148 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="torcx-generator" exe="/usr/lib/systemd/system-generators/torcx-generator" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:31:44.856000 audit: CWD cwd="/" Feb 9 12:31:44.856000 audit: PATH item=0 name=(null) inode=2 dev=00:1b mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:unlabeled_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:44.856000 audit: PATH item=1 name=(null) inode=3 dev=00:1b mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:unlabeled_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:44.856000 audit: PROCTITLE proctitle=2F7573722F6C69622F73797374656D642F73797374656D2D67656E657261746F72732F746F7263782D67656E657261746F72002F72756E2F73797374656D642F67656E657261746F72002F72756E2F73797374656D642F67656E657261746F722E6561726C79002F72756E2F73797374656D642F67656E657261746F722E6C61 Feb 9 12:31:46.397000 audit: BPF prog-id=12 op=LOAD Feb 9 12:31:46.397000 audit: BPF prog-id=3 op=UNLOAD Feb 9 12:31:46.397000 audit: BPF prog-id=13 op=LOAD Feb 9 12:31:46.397000 audit: BPF prog-id=14 op=LOAD Feb 9 12:31:46.397000 audit: BPF prog-id=4 op=UNLOAD Feb 9 12:31:46.397000 audit: BPF prog-id=5 op=UNLOAD Feb 9 12:31:46.397000 audit: BPF prog-id=15 op=LOAD Feb 9 12:31:46.397000 audit: BPF prog-id=12 op=UNLOAD Feb 9 12:31:46.398000 audit: BPF prog-id=16 op=LOAD Feb 9 12:31:46.398000 audit: BPF prog-id=17 op=LOAD Feb 9 12:31:46.398000 audit: BPF prog-id=13 op=UNLOAD Feb 9 12:31:46.398000 audit: BPF prog-id=14 op=UNLOAD Feb 9 12:31:46.398000 audit: BPF prog-id=18 op=LOAD Feb 9 12:31:46.398000 audit: BPF prog-id=15 op=UNLOAD Feb 9 12:31:46.398000 audit: BPF prog-id=19 op=LOAD Feb 9 12:31:46.398000 audit: BPF prog-id=20 op=LOAD Feb 9 12:31:46.398000 audit: BPF prog-id=16 op=UNLOAD Feb 9 12:31:46.398000 audit: BPF prog-id=17 op=UNLOAD Feb 9 12:31:46.399000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-journald comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:46.449000 audit: BPF prog-id=18 op=UNLOAD Feb 9 12:31:46.456000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=initrd-switch-root comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:46.456000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=initrd-switch-root comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:47.653000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-fsck-root comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:47.689000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-fsck-usr comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:47.763000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-journald comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:47.763000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-journald comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:47.844000 audit: BPF prog-id=21 op=LOAD Feb 9 12:31:47.861000 audit: BPF prog-id=22 op=LOAD Feb 9 12:31:47.878000 audit: BPF prog-id=23 op=LOAD Feb 9 12:31:47.895000 audit: BPF prog-id=19 op=UNLOAD Feb 9 12:31:47.895000 audit: BPF prog-id=20 op=UNLOAD Feb 9 12:31:47.957000 audit: CONFIG_CHANGE op=set audit_enabled=1 old=1 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 res=1 Feb 9 12:31:44.827806 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:44Z" level=debug msg="common configuration parsed" base_dir=/var/lib/torcx/ conf_dir=/etc/torcx/ run_dir=/run/torcx/ store_paths="[/usr/share/torcx/store /usr/share/oem/torcx/store/3510.3.2 /usr/share/oem/torcx/store /var/lib/torcx/store/3510.3.2 /var/lib/torcx/store]" Feb 9 12:31:46.397001 systemd[1]: Queued start job for default target multi-user.target. Feb 9 12:31:44.828365 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:44Z" level=debug msg="profile found" name=docker-1.12-no path=/usr/share/torcx/profiles/docker-1.12-no.json Feb 9 12:31:46.400645 systemd[1]: systemd-journald.service: Deactivated successfully. Feb 9 12:31:44.828384 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:44Z" level=debug msg="profile found" name=vendor path=/usr/share/torcx/profiles/vendor.json Feb 9 12:31:44.828412 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:44Z" level=info msg="no vendor profile selected by /etc/flatcar/docker-1.12" Feb 9 12:31:44.828422 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:44Z" level=debug msg="skipped missing lower profile" missing profile=oem Feb 9 12:31:44.828447 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:44Z" level=warning msg="no next profile: unable to read profile file: open /etc/torcx/next-profile: no such file or directory" Feb 9 12:31:44.828459 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:44Z" level=debug msg="apply configuration parsed" lower profiles (vendor/oem)="[vendor]" upper profile (user)= Feb 9 12:31:44.828628 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:44Z" level=debug msg="mounted tmpfs" target=/run/torcx/unpack Feb 9 12:31:44.828665 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:44Z" level=debug msg="profile found" name=docker-1.12-no path=/usr/share/torcx/profiles/docker-1.12-no.json Feb 9 12:31:44.828677 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:44Z" level=debug msg="profile found" name=vendor path=/usr/share/torcx/profiles/vendor.json Feb 9 12:31:44.829262 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:44Z" level=debug msg="new archive/reference added to cache" format=tgz name=docker path="/usr/share/torcx/store/docker:20.10.torcx.tgz" reference=20.10 Feb 9 12:31:44.829292 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:44Z" level=debug msg="new archive/reference added to cache" format=tgz name=docker path="/usr/share/torcx/store/docker:com.coreos.cl.torcx.tgz" reference=com.coreos.cl Feb 9 12:31:44.829310 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:44Z" level=info msg="store skipped" err="open /usr/share/oem/torcx/store/3510.3.2: no such file or directory" path=/usr/share/oem/torcx/store/3510.3.2 Feb 9 12:31:44.829323 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:44Z" level=info msg="store skipped" err="open /usr/share/oem/torcx/store: no such file or directory" path=/usr/share/oem/torcx/store Feb 9 12:31:44.829337 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:44Z" level=info msg="store skipped" err="open /var/lib/torcx/store/3510.3.2: no such file or directory" path=/var/lib/torcx/store/3510.3.2 Feb 9 12:31:44.829349 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:44Z" level=info msg="store skipped" err="open /var/lib/torcx/store: no such file or directory" path=/var/lib/torcx/store Feb 9 12:31:46.047870 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:46Z" level=debug msg="image unpacked" image=docker path=/run/torcx/unpack/docker reference=com.coreos.cl Feb 9 12:31:46.048010 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:46Z" level=debug msg="binaries propagated" assets="[/bin/containerd /bin/containerd-shim /bin/ctr /bin/docker /bin/docker-containerd /bin/docker-containerd-shim /bin/docker-init /bin/docker-proxy /bin/docker-runc /bin/dockerd /bin/runc /bin/tini]" image=docker path=/run/torcx/unpack/docker reference=com.coreos.cl Feb 9 12:31:46.048064 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:46Z" level=debug msg="networkd units propagated" assets="[/lib/systemd/network/50-docker.network /lib/systemd/network/90-docker-veth.network]" image=docker path=/run/torcx/unpack/docker reference=com.coreos.cl Feb 9 12:31:46.048155 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:46Z" level=debug msg="systemd units propagated" assets="[/lib/systemd/system/containerd.service /lib/systemd/system/docker.service /lib/systemd/system/docker.socket /lib/systemd/system/sockets.target.wants /lib/systemd/system/multi-user.target.wants]" image=docker path=/run/torcx/unpack/docker reference=com.coreos.cl Feb 9 12:31:46.048184 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:46Z" level=debug msg="profile applied" sealed profile=/run/torcx/profile.json upper profile= Feb 9 12:31:46.048218 /usr/lib/systemd/system-generators/torcx-generator[1148]: time="2024-02-09T12:31:46Z" level=debug msg="system state sealed" content="[TORCX_LOWER_PROFILES=\"vendor\" TORCX_UPPER_PROFILE=\"\" TORCX_PROFILE_PATH=\"/run/torcx/profile.json\" TORCX_BINDIR=\"/run/torcx/bin\" TORCX_UNPACKDIR=\"/run/torcx/unpack\"]" path=/run/metadata/torcx Feb 9 12:31:47.957000 audit[1260]: SYSCALL arch=c000003e syscall=46 success=yes exit=60 a0=5 a1=7ffe2c20fee0 a2=4000 a3=7ffe2c20ff7c items=0 ppid=1 pid=1260 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:31:47.957000 audit: PROCTITLE proctitle="/usr/lib/systemd/systemd-journald" Feb 9 12:31:48.008580 kernel: audit: type=1300 audit(1707481907.957:124): arch=c000003e syscall=46 success=yes exit=60 a0=5 a1=7ffe2c20fee0 a2=4000 a3=7ffe2c20ff7c items=0 ppid=1 pid=1260 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:31:48.104577 systemd[1]: Starting systemd-network-generator.service... Feb 9 12:31:48.132709 systemd[1]: Starting systemd-remount-fs.service... Feb 9 12:31:48.158576 systemd[1]: Starting systemd-udev-trigger.service... Feb 9 12:31:48.201782 systemd[1]: verity-setup.service: Deactivated successfully. Feb 9 12:31:48.201804 systemd[1]: Stopped verity-setup.service. Feb 9 12:31:48.208000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=verity-setup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.247576 systemd[1]: xenserver-pv-version.service was skipped because of an unmet condition check (ConditionVirtualization=xen). Feb 9 12:31:48.266704 systemd[1]: Started systemd-journald.service. Feb 9 12:31:48.274000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-journald comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.275036 systemd[1]: Mounted dev-hugepages.mount. Feb 9 12:31:48.281755 systemd[1]: Mounted dev-mqueue.mount. Feb 9 12:31:48.288764 systemd[1]: Mounted media.mount. Feb 9 12:31:48.295772 systemd[1]: Mounted sys-kernel-debug.mount. Feb 9 12:31:48.304763 systemd[1]: Mounted sys-kernel-tracing.mount. Feb 9 12:31:48.312751 systemd[1]: Mounted tmp.mount. Feb 9 12:31:48.319825 systemd[1]: Finished flatcar-tmpfiles.service. Feb 9 12:31:48.327000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=flatcar-tmpfiles comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.327847 systemd[1]: Finished kmod-static-nodes.service. Feb 9 12:31:48.335000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kmod-static-nodes comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.335851 systemd[1]: modprobe@configfs.service: Deactivated successfully. Feb 9 12:31:48.335946 systemd[1]: Finished modprobe@configfs.service. Feb 9 12:31:48.344000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=modprobe@configfs comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.344000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=modprobe@configfs comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.344914 systemd[1]: modprobe@dm_mod.service: Deactivated successfully. Feb 9 12:31:48.345037 systemd[1]: Finished modprobe@dm_mod.service. Feb 9 12:31:48.353000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=modprobe@dm_mod comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.353000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=modprobe@dm_mod comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.353978 systemd[1]: modprobe@drm.service: Deactivated successfully. Feb 9 12:31:48.354137 systemd[1]: Finished modprobe@drm.service. Feb 9 12:31:48.363000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=modprobe@drm comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.363000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=modprobe@drm comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.364194 systemd[1]: modprobe@efi_pstore.service: Deactivated successfully. Feb 9 12:31:48.364431 systemd[1]: Finished modprobe@efi_pstore.service. Feb 9 12:31:48.372000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=modprobe@efi_pstore comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.372000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=modprobe@efi_pstore comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.373340 systemd[1]: modprobe@fuse.service: Deactivated successfully. Feb 9 12:31:48.373652 systemd[1]: Finished modprobe@fuse.service. Feb 9 12:31:48.381000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=modprobe@fuse comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.381000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=modprobe@fuse comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.382331 systemd[1]: modprobe@loop.service: Deactivated successfully. Feb 9 12:31:48.382638 systemd[1]: Finished modprobe@loop.service. Feb 9 12:31:48.390000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=modprobe@loop comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.390000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=modprobe@loop comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.391370 systemd[1]: Finished systemd-modules-load.service. Feb 9 12:31:48.399000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-modules-load comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.400320 systemd[1]: Finished systemd-network-generator.service. Feb 9 12:31:48.409000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-network-generator comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.410340 systemd[1]: Finished systemd-remount-fs.service. Feb 9 12:31:48.419000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-remount-fs comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.420352 systemd[1]: Finished systemd-udev-trigger.service. Feb 9 12:31:48.428000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-udev-trigger comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.429840 systemd[1]: Reached target network-pre.target. Feb 9 12:31:48.441399 systemd[1]: Mounting sys-fs-fuse-connections.mount... Feb 9 12:31:48.451229 systemd[1]: Mounting sys-kernel-config.mount... Feb 9 12:31:48.458733 systemd[1]: remount-root.service was skipped because of an unmet condition check (ConditionPathIsReadWrite=!/). Feb 9 12:31:48.459730 systemd[1]: Starting systemd-hwdb-update.service... Feb 9 12:31:48.468190 systemd[1]: Starting systemd-journal-flush.service... Feb 9 12:31:48.471730 systemd-journald[1260]: Time spent on flushing to /var/log/journal/99a940a4528b429cbaba1e736b271be6 is 14.899ms for 1659 entries. Feb 9 12:31:48.471730 systemd-journald[1260]: System Journal (/var/log/journal/99a940a4528b429cbaba1e736b271be6) is 8.0M, max 195.6M, 187.6M free. Feb 9 12:31:48.511361 systemd-journald[1260]: Received client request to flush runtime journal. Feb 9 12:31:48.485661 systemd[1]: systemd-pstore.service was skipped because of an unmet condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). Feb 9 12:31:48.486116 systemd[1]: Starting systemd-random-seed.service... Feb 9 12:31:48.500653 systemd[1]: systemd-repart.service was skipped because no trigger condition checks were met. Feb 9 12:31:48.501150 systemd[1]: Starting systemd-sysctl.service... Feb 9 12:31:48.508306 systemd[1]: Starting systemd-sysusers.service... Feb 9 12:31:48.515152 systemd[1]: Starting systemd-udev-settle.service... Feb 9 12:31:48.522669 systemd[1]: Mounted sys-fs-fuse-connections.mount. Feb 9 12:31:48.530720 systemd[1]: Mounted sys-kernel-config.mount. Feb 9 12:31:48.538761 systemd[1]: Finished systemd-journal-flush.service. Feb 9 12:31:48.545000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-journal-flush comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.546731 systemd[1]: Finished systemd-random-seed.service. Feb 9 12:31:48.553000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-random-seed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.554726 systemd[1]: Finished systemd-sysctl.service. Feb 9 12:31:48.561000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-sysctl comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.562731 systemd[1]: Finished systemd-sysusers.service. Feb 9 12:31:48.569000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-sysusers comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.571718 systemd[1]: Reached target first-boot-complete.target. Feb 9 12:31:48.580270 systemd[1]: Starting systemd-tmpfiles-setup-dev.service... Feb 9 12:31:48.589524 udevadm[1276]: systemd-udev-settle.service is deprecated. Please fix lvm2-activation.service, lvm2-activation-early.service not to pull it in. Feb 9 12:31:48.599120 systemd[1]: Finished systemd-tmpfiles-setup-dev.service. Feb 9 12:31:48.606000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-tmpfiles-setup-dev comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.763704 systemd[1]: Finished systemd-hwdb-update.service. Feb 9 12:31:48.772000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-hwdb-update comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.772000 audit: BPF prog-id=24 op=LOAD Feb 9 12:31:48.772000 audit: BPF prog-id=25 op=LOAD Feb 9 12:31:48.772000 audit: BPF prog-id=7 op=UNLOAD Feb 9 12:31:48.772000 audit: BPF prog-id=8 op=UNLOAD Feb 9 12:31:48.773833 systemd[1]: Starting systemd-udevd.service... Feb 9 12:31:48.785472 systemd-udevd[1279]: Using default interface naming scheme 'v252'. Feb 9 12:31:48.804416 systemd[1]: Started systemd-udevd.service. Feb 9 12:31:48.811000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-udevd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.814673 systemd[1]: Condition check resulted in dev-ttyS1.device being skipped. Feb 9 12:31:48.813000 audit: BPF prog-id=26 op=LOAD Feb 9 12:31:48.815946 systemd[1]: Starting systemd-networkd.service... Feb 9 12:31:48.841542 kernel: input: Sleep Button as /devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0E:00/input/input2 Feb 9 12:31:48.841597 kernel: mousedev: PS/2 mouse device common for all mice Feb 9 12:31:48.860539 kernel: ACPI: button: Sleep Button [SLPB] Feb 9 12:31:48.876000 audit: BPF prog-id=27 op=LOAD Feb 9 12:31:48.898759 kernel: input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input3 Feb 9 12:31:48.898796 kernel: BTRFS info: devid 1 device path /dev/disk/by-label/OEM changed to /dev/sda6 scanned by (udev-worker) (1297) Feb 9 12:31:48.923534 kernel: ACPI: button: Power Button [PWRF] Feb 9 12:31:48.940000 audit: BPF prog-id=28 op=LOAD Feb 9 12:31:48.940000 audit: BPF prog-id=29 op=LOAD Feb 9 12:31:48.942515 systemd[1]: Starting systemd-userdbd.service... Feb 9 12:31:48.972540 kernel: IPMI message handler: version 39.2 Feb 9 12:31:48.858000 audit[1303]: AVC avc: denied { confidentiality } for pid=1303 comm="(udev-worker)" lockdown_reason="use of tracefs" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=lockdown permissive=1 Feb 9 12:31:48.979069 systemd[1]: Found device dev-disk-by\x2dlabel-OEM.device. Feb 9 12:31:48.987703 systemd[1]: Started systemd-userdbd.service. Feb 9 12:31:48.994000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-userdbd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:48.858000 audit[1303]: SYSCALL arch=c000003e syscall=175 success=yes exit=0 a0=55de714a5fe0 a1=4d8bc a2=7f031b7e8bc5 a3=5 items=42 ppid=1279 pid=1303 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="(udev-worker)" exe="/usr/bin/udevadm" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:31:48.858000 audit: CWD cwd="/" Feb 9 12:31:48.858000 audit: PATH item=0 name=(null) inode=45 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=1 name=(null) inode=24243 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=2 name=(null) inode=24243 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=3 name=(null) inode=24244 dev=00:0b mode=0100640 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=4 name=(null) inode=24243 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=5 name=(null) inode=24245 dev=00:0b mode=0100640 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=6 name=(null) inode=24243 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=7 name=(null) inode=24246 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=8 name=(null) inode=24246 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=9 name=(null) inode=24247 dev=00:0b mode=0100640 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=10 name=(null) inode=24246 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=11 name=(null) inode=24248 dev=00:0b mode=0100440 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=12 name=(null) inode=24246 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=13 name=(null) inode=24249 dev=00:0b mode=0100640 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=14 name=(null) inode=24246 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=15 name=(null) inode=24250 dev=00:0b mode=0100640 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=16 name=(null) inode=24246 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=17 name=(null) inode=24251 dev=00:0b mode=0100440 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=18 name=(null) inode=24243 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=19 name=(null) inode=24252 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=20 name=(null) inode=24252 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=21 name=(null) inode=24253 dev=00:0b mode=0100640 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=22 name=(null) inode=24252 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=23 name=(null) inode=24254 dev=00:0b mode=0100440 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=24 name=(null) inode=24252 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=25 name=(null) inode=24255 dev=00:0b mode=0100640 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=26 name=(null) inode=24252 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=27 name=(null) inode=24256 dev=00:0b mode=0100640 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=28 name=(null) inode=24252 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=29 name=(null) inode=24257 dev=00:0b mode=0100440 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=30 name=(null) inode=24243 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=31 name=(null) inode=24258 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=32 name=(null) inode=24258 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=33 name=(null) inode=24259 dev=00:0b mode=0100640 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=34 name=(null) inode=24258 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=35 name=(null) inode=24260 dev=00:0b mode=0100440 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=36 name=(null) inode=24258 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=37 name=(null) inode=24261 dev=00:0b mode=0100640 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=38 name=(null) inode=24258 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=39 name=(null) inode=24262 dev=00:0b mode=0100640 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=40 name=(null) inode=24258 dev=00:0b mode=040750 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PATH item=41 name=(null) inode=24263 dev=00:0b mode=0100440 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tracefs_t:s0 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:31:48.858000 audit: PROCTITLE proctitle="(udev-worker)" Feb 9 12:31:49.045013 kernel: i801_smbus 0000:00:1f.4: SPD Write Disable is set Feb 9 12:31:49.045156 kernel: i801_smbus 0000:00:1f.4: SMBus using PCI interrupt Feb 9 12:31:49.066533 kernel: i2c i2c-0: 2/4 memory slots populated (from DMI) Feb 9 12:31:49.066638 kernel: ipmi device interface Feb 9 12:31:49.066654 kernel: mei_me 0000:00:16.0: Device doesn't have valid ME Interface Feb 9 12:31:49.066740 kernel: mei_me 0000:00:16.4: Device doesn't have valid ME Interface Feb 9 12:31:49.149539 kernel: iTCO_vendor_support: vendor-support=0 Feb 9 12:31:49.149591 kernel: ipmi_si: IPMI System Interface driver Feb 9 12:31:49.186928 kernel: ipmi_si dmi-ipmi-si.0: ipmi_platform: probing via SMBIOS Feb 9 12:31:49.187049 kernel: ipmi_platform: ipmi_si: SMBIOS: io 0xca2 regsize 1 spacing 1 irq 0 Feb 9 12:31:49.226985 kernel: ipmi_si: Adding SMBIOS-specified kcs state machine Feb 9 12:31:49.246434 kernel: ipmi_si IPI0001:00: ipmi_platform: probing via ACPI Feb 9 12:31:49.246558 kernel: ipmi_si IPI0001:00: ipmi_platform: [io 0x0ca2] regsize 1 spacing 1 irq 0 Feb 9 12:31:49.310612 systemd-networkd[1320]: bond0: netdev ready Feb 9 12:31:49.312912 systemd-networkd[1320]: lo: Link UP Feb 9 12:31:49.312914 systemd-networkd[1320]: lo: Gained carrier Feb 9 12:31:49.313376 systemd-networkd[1320]: Enumeration completed Feb 9 12:31:49.313471 systemd[1]: Started systemd-networkd.service. Feb 9 12:31:49.313632 kernel: ipmi_si dmi-ipmi-si.0: Removing SMBIOS-specified kcs state machine in favor of ACPI Feb 9 12:31:49.313711 kernel: ipmi_si: Adding ACPI-specified kcs state machine Feb 9 12:31:49.313723 kernel: ipmi_si: Trying ACPI-specified kcs state machine at i/o address 0xca2, slave address 0x20, irq 0 Feb 9 12:31:49.313835 systemd-networkd[1320]: bond0: Configuring with /etc/systemd/network/05-bond0.network. Feb 9 12:31:49.315583 systemd-networkd[1320]: enp2s0f1np1: Configuring with /etc/systemd/network/10-0c:42:a1:7e:a1:e9.network. Feb 9 12:31:49.331000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-networkd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:49.337533 kernel: iTCO_wdt iTCO_wdt: unable to reset NO_REBOOT flag, device disabled by hardware/BIOS Feb 9 12:31:49.359532 kernel: ipmi_si IPI0001:00: The BMC does not support clearing the recv irq bit, compensating, but the BMC needs to be fixed. Feb 9 12:31:49.423550 kernel: intel_rapl_common: Found RAPL domain package Feb 9 12:31:49.423593 kernel: ipmi_si IPI0001:00: IPMI message handler: Found new BMC (man_id: 0x002a7c, prod_id: 0x1b11, dev_id: 0x20) Feb 9 12:31:49.423705 kernel: intel_rapl_common: Found RAPL domain core Feb 9 12:31:49.423729 kernel: intel_rapl_common: Found RAPL domain uncore Feb 9 12:31:49.423743 kernel: intel_rapl_common: Found RAPL domain dram Feb 9 12:31:49.541533 kernel: ipmi_si IPI0001:00: IPMI kcs interface initialized Feb 9 12:31:49.560532 kernel: ipmi_ssif: IPMI SSIF Interface driver Feb 9 12:31:49.566745 systemd[1]: Finished systemd-udev-settle.service. Feb 9 12:31:49.573000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-udev-settle comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:49.575257 systemd[1]: Starting lvm2-activation-early.service... Feb 9 12:31:49.589550 lvm[1383]: WARNING: Failed to connect to lvmetad. Falling back to device scanning. Feb 9 12:31:49.620913 systemd[1]: Finished lvm2-activation-early.service. Feb 9 12:31:49.627000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=lvm2-activation-early comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:49.628617 systemd[1]: Reached target cryptsetup.target. Feb 9 12:31:49.638157 systemd[1]: Starting lvm2-activation.service... Feb 9 12:31:49.640233 lvm[1384]: WARNING: Failed to connect to lvmetad. Falling back to device scanning. Feb 9 12:31:49.670920 systemd[1]: Finished lvm2-activation.service. Feb 9 12:31:49.677000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=lvm2-activation comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:49.678634 systemd[1]: Reached target local-fs-pre.target. Feb 9 12:31:49.686566 systemd[1]: var-lib-machines.mount was skipped because of an unmet condition check (ConditionPathExists=/var/lib/machines.raw). Feb 9 12:31:49.686579 systemd[1]: Reached target local-fs.target. Feb 9 12:31:49.694597 systemd[1]: Reached target machines.target. Feb 9 12:31:49.703163 systemd[1]: Starting ldconfig.service... Feb 9 12:31:49.710002 systemd[1]: systemd-binfmt.service was skipped because no trigger condition checks were met. Feb 9 12:31:49.710052 systemd[1]: systemd-boot-system-token.service was skipped because of an unmet condition check (ConditionPathExists=/sys/firmware/efi/efivars/LoaderFeatures-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f). Feb 9 12:31:49.710719 systemd[1]: Starting systemd-boot-update.service... Feb 9 12:31:49.718150 systemd[1]: Starting systemd-fsck@dev-disk-by\x2dlabel-OEM.service... Feb 9 12:31:49.729258 systemd[1]: Starting systemd-machine-id-commit.service... Feb 9 12:31:49.729371 systemd[1]: systemd-sysext.service was skipped because no trigger condition checks were met. Feb 9 12:31:49.729400 systemd[1]: ensure-sysext.service was skipped because no trigger condition checks were met. Feb 9 12:31:49.729942 systemd[1]: Starting systemd-tmpfiles-setup.service... Feb 9 12:31:49.730207 systemd[1]: boot.automount: Got automount request for /boot, triggered by 1386 (bootctl) Feb 9 12:31:49.730779 systemd[1]: Starting systemd-fsck@dev-disk-by\x2dlabel-EFI\x2dSYSTEM.service... Feb 9 12:31:49.746288 systemd-tmpfiles[1390]: /usr/lib/tmpfiles.d/legacy.conf:13: Duplicate line for path "/run/lock", ignoring. Feb 9 12:31:49.749981 systemd[1]: Finished systemd-fsck@dev-disk-by\x2dlabel-OEM.service. Feb 9 12:31:49.748000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-fsck@dev-disk-by\x2dlabel-OEM comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:49.753696 systemd-tmpfiles[1390]: /usr/lib/tmpfiles.d/provision.conf:20: Duplicate line for path "/root", ignoring. Feb 9 12:31:49.762822 systemd-tmpfiles[1390]: /usr/lib/tmpfiles.d/systemd.conf:29: Duplicate line for path "/var/lib/systemd", ignoring. Feb 9 12:31:49.900564 kernel: mlx5_core 0000:02:00.1 enp2s0f1np1: Link up Feb 9 12:31:49.925533 kernel: bond0: (slave enp2s0f1np1): Enslaving as a backup interface with an up link Feb 9 12:31:49.926595 systemd-networkd[1320]: enp2s0f0np0: Configuring with /etc/systemd/network/10-0c:42:a1:7e:a1:e8.network. Feb 9 12:31:49.959532 kernel: bond0: Warning: No 802.3ad response from the link partner for any adapters in the bond Feb 9 12:31:50.089715 kernel: bond0: Warning: No 802.3ad response from the link partner for any adapters in the bond Feb 9 12:31:50.130563 kernel: mlx5_core 0000:02:00.0 enp2s0f0np0: Link up Feb 9 12:31:50.153577 kernel: bond0: (slave enp2s0f0np0): Enslaving as a backup interface with an up link Feb 9 12:31:50.153608 kernel: IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready Feb 9 12:31:50.172303 systemd-networkd[1320]: bond0: Link UP Feb 9 12:31:50.172485 systemd-networkd[1320]: enp2s0f1np1: Link UP Feb 9 12:31:50.172667 systemd-networkd[1320]: enp2s0f1np1: Gained carrier Feb 9 12:31:50.173632 systemd-networkd[1320]: enp2s0f1np1: Reconfiguring with /etc/systemd/network/10-0c:42:a1:7e:a1:e8.network. Feb 9 12:31:50.209916 kernel: bond0: (slave enp2s0f1np1): link status definitely up, 10000 Mbps full duplex Feb 9 12:31:50.209946 kernel: bond0: active interface up! Feb 9 12:31:50.270925 systemd[1]: etc-machine\x2did.mount: Deactivated successfully. Feb 9 12:31:50.271268 systemd[1]: Finished systemd-machine-id-commit.service. Feb 9 12:31:50.269000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-machine-id-commit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:50.290609 systemd-fsck[1394]: fsck.fat 4.2 (2021-01-31) Feb 9 12:31:50.290609 systemd-fsck[1394]: /dev/sda1: 789 files, 115332/258078 clusters Feb 9 12:31:50.291324 systemd[1]: Finished systemd-fsck@dev-disk-by\x2dlabel-EFI\x2dSYSTEM.service. Feb 9 12:31:50.293129 systemd-networkd[1320]: enp2s0f0np0: Link UP Feb 9 12:31:50.293345 systemd-networkd[1320]: bond0: Gained carrier Feb 9 12:31:50.293434 systemd-networkd[1320]: enp2s0f0np0: Gained carrier Feb 9 12:31:50.299000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-fsck@dev-disk-by\x2dlabel-EFI\x2dSYSTEM comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:50.301316 systemd[1]: Mounting boot.mount... Feb 9 12:31:50.301818 systemd-networkd[1320]: enp2s0f1np1: Link DOWN Feb 9 12:31:50.301821 systemd-networkd[1320]: enp2s0f1np1: Lost carrier Feb 9 12:31:50.313614 systemd[1]: Mounted boot.mount. Feb 9 12:31:50.337578 kernel: bond0: (slave enp2s0f1np1): link status down for interface, disabling it in 200 ms Feb 9 12:31:50.343944 systemd[1]: Finished systemd-boot-update.service. Feb 9 12:31:50.359561 kernel: bond0: (slave enp2s0f1np1): link status down for interface, disabling it in 200 ms Feb 9 12:31:50.376000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-boot-update comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:50.376778 systemd[1]: Finished systemd-tmpfiles-setup.service. Feb 9 12:31:50.382576 kernel: bond0: (slave enp2s0f1np1): link status down for interface, disabling it in 200 ms Feb 9 12:31:50.398000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-tmpfiles-setup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:50.399618 systemd[1]: Starting audit-rules.service... Feb 9 12:31:50.404533 kernel: bond0: (slave enp2s0f1np1): link status down for interface, disabling it in 200 ms Feb 9 12:31:50.416000 audit: CONFIG_CHANGE auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=add_rule key=(null) list=5 res=1 Feb 9 12:31:50.416000 audit[1413]: SYSCALL arch=c000003e syscall=44 success=yes exit=1056 a0=3 a1=7fffe1245120 a2=420 a3=0 items=0 ppid=1398 pid=1413 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="auditctl" exe="/usr/sbin/auditctl" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:31:50.416000 audit: PROCTITLE proctitle=2F7362696E2F617564697463746C002D52002F6574632F61756469742F61756469742E72756C6573 Feb 9 12:31:50.418173 augenrules[1413]: No rules Feb 9 12:31:50.421285 systemd[1]: Starting clean-ca-certificates.service... Feb 9 12:31:50.426579 kernel: bond0: (slave enp2s0f1np1): link status down for interface, disabling it in 200 ms Feb 9 12:31:50.443167 systemd[1]: Starting systemd-journal-catalog-update.service... Feb 9 12:31:50.447554 kernel: bond0: (slave enp2s0f1np1): link status down for interface, disabling it in 200 ms Feb 9 12:31:50.467540 kernel: bond0: (slave enp2s0f1np1): link status down for interface, disabling it in 200 ms Feb 9 12:31:50.467589 kernel: mlx5_core 0000:02:00.1 enp2s0f1np1: Link up Feb 9 12:31:50.482532 kernel: bond0: (slave enp2s0f1np1): link status down for interface, disabling it in 200 ms Feb 9 12:31:50.486700 systemd-networkd[1320]: enp2s0f1np1: Link UP Feb 9 12:31:50.486896 systemd-networkd[1320]: enp2s0f1np1: Gained carrier Feb 9 12:31:50.497320 ldconfig[1385]: /sbin/ldconfig: /lib/ld.so.conf is not an ELF file - it has the wrong magic bytes at the start. Feb 9 12:31:50.501286 systemd[1]: Starting systemd-resolved.service... Feb 9 12:31:50.516787 kernel: bond0: (slave enp2s0f1np1): invalid new link 1 on slave Feb 9 12:31:50.536585 kernel: bond0: (slave enp2s0f0np0): link status definitely up, 10000 Mbps full duplex Feb 9 12:31:50.536535 systemd[1]: Starting systemd-timesyncd.service... Feb 9 12:31:50.545043 systemd[1]: Starting systemd-update-utmp.service... Feb 9 12:31:50.551861 systemd[1]: Finished ldconfig.service. Feb 9 12:31:50.558702 systemd[1]: Finished audit-rules.service. Feb 9 12:31:50.565669 systemd[1]: Finished clean-ca-certificates.service. Feb 9 12:31:50.574672 systemd[1]: Finished systemd-journal-catalog-update.service. Feb 9 12:31:50.587304 systemd[1]: Starting systemd-update-done.service... Feb 9 12:31:50.593603 systemd[1]: update-ca-certificates.service was skipped because of an unmet condition check (ConditionPathIsSymbolicLink=!/etc/ssl/certs/ca-certificates.crt). Feb 9 12:31:50.593834 systemd[1]: Finished systemd-update-utmp.service. Feb 9 12:31:50.601727 systemd[1]: Finished systemd-update-done.service. Feb 9 12:31:50.611878 systemd[1]: Started systemd-timesyncd.service. Feb 9 12:31:50.613926 systemd-resolved[1420]: Positive Trust Anchors: Feb 9 12:31:50.613933 systemd-resolved[1420]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d Feb 9 12:31:50.613951 systemd-resolved[1420]: Negative trust anchors: home.arpa 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in-addr.arpa 24.172.in-addr.arpa 25.172.in-addr.arpa 26.172.in-addr.arpa 27.172.in-addr.arpa 28.172.in-addr.arpa 29.172.in-addr.arpa 30.172.in-addr.arpa 31.172.in-addr.arpa 168.192.in-addr.arpa d.f.ip6.arpa corp home internal intranet lan local private test Feb 9 12:31:50.617982 systemd-resolved[1420]: Using system hostname 'ci-3510.3.2-a-260490bd8e'. Feb 9 12:31:50.619682 systemd[1]: Started systemd-resolved.service. Feb 9 12:31:50.627636 systemd[1]: Reached target network.target. Feb 9 12:31:50.635611 systemd[1]: Reached target nss-lookup.target. Feb 9 12:31:50.649360 systemd[1]: Reached target sysinit.target. Feb 9 12:31:50.659564 kernel: bond0: (slave enp2s0f1np1): link status up again after 100 ms Feb 9 12:31:50.675609 systemd[1]: Started motdgen.path. Feb 9 12:31:50.678561 kernel: bond0: (slave enp2s0f1np1): link status definitely up, 10000 Mbps full duplex Feb 9 12:31:50.684624 systemd[1]: Started user-cloudinit@var-lib-flatcar\x2dinstall-user_data.path. Feb 9 12:31:50.694613 systemd[1]: Started systemd-tmpfiles-clean.timer. Feb 9 12:31:50.702609 systemd[1]: update-engine-stub.timer was skipped because of an unmet condition check (ConditionPathExists=/usr/.noupdate). Feb 9 12:31:50.702625 systemd[1]: Reached target paths.target. Feb 9 12:31:50.709606 systemd[1]: Reached target time-set.target. Feb 9 12:31:50.717662 systemd[1]: Started logrotate.timer. Feb 9 12:31:50.724645 systemd[1]: Started mdadm.timer. Feb 9 12:31:50.731593 systemd[1]: Reached target timers.target. Feb 9 12:31:50.738723 systemd[1]: Listening on dbus.socket. Feb 9 12:31:50.746093 systemd[1]: Starting docker.socket... Feb 9 12:31:50.753983 systemd[1]: Listening on sshd.socket. Feb 9 12:31:50.760671 systemd[1]: systemd-pcrphase-sysinit.service was skipped because of an unmet condition check (ConditionPathExists=/sys/firmware/efi/efivars/StubPcrKernelImage-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f). Feb 9 12:31:50.760875 systemd[1]: Listening on docker.socket. Feb 9 12:31:50.767651 systemd[1]: Reached target sockets.target. Feb 9 12:31:50.775605 systemd[1]: Reached target basic.target. Feb 9 12:31:50.782616 systemd[1]: addon-config@usr-share-oem.service was skipped because no trigger condition checks were met. Feb 9 12:31:50.782630 systemd[1]: addon-run@usr-share-oem.service was skipped because no trigger condition checks were met. Feb 9 12:31:50.783064 systemd[1]: Starting containerd.service... Feb 9 12:31:50.790019 systemd[1]: Starting coreos-metadata-sshkeys@core.service... Feb 9 12:31:50.799204 systemd[1]: Starting coreos-metadata.service... Feb 9 12:31:50.806099 systemd[1]: Starting dbus.service... Feb 9 12:31:50.812083 systemd[1]: Starting enable-oem-cloudinit.service... Feb 9 12:31:50.816643 jq[1435]: false Feb 9 12:31:50.819120 systemd[1]: Starting extend-filesystems.service... Feb 9 12:31:50.819423 coreos-metadata[1428]: Feb 09 12:31:50.819 INFO Fetching https://metadata.packet.net/metadata: Attempt #1 Feb 9 12:31:50.825394 dbus-daemon[1434]: [system] SELinux support is enabled Feb 9 12:31:50.825612 systemd[1]: flatcar-setup-environment.service was skipped because of an unmet condition check (ConditionPathExists=/usr/share/oem/bin/flatcar-setup-environment). Feb 9 12:31:50.826197 systemd[1]: Starting motdgen.service... Feb 9 12:31:50.827245 extend-filesystems[1436]: Found sda Feb 9 12:31:50.827245 extend-filesystems[1436]: Found sda1 Feb 9 12:31:50.868582 kernel: EXT4-fs (sda9): resizing filesystem from 553472 to 116605649 blocks Feb 9 12:31:50.833353 systemd[1]: Starting prepare-cni-plugins.service... Feb 9 12:31:50.868674 coreos-metadata[1431]: Feb 09 12:31:50.828 INFO Fetching https://metadata.packet.net/metadata: Attempt #1 Feb 9 12:31:50.868781 extend-filesystems[1436]: Found sda2 Feb 9 12:31:50.868781 extend-filesystems[1436]: Found sda3 Feb 9 12:31:50.868781 extend-filesystems[1436]: Found usr Feb 9 12:31:50.868781 extend-filesystems[1436]: Found sda4 Feb 9 12:31:50.868781 extend-filesystems[1436]: Found sda6 Feb 9 12:31:50.868781 extend-filesystems[1436]: Found sda7 Feb 9 12:31:50.868781 extend-filesystems[1436]: Found sda9 Feb 9 12:31:50.868781 extend-filesystems[1436]: Checking size of /dev/sda9 Feb 9 12:31:50.868781 extend-filesystems[1436]: Resized partition /dev/sda9 Feb 9 12:31:50.862268 systemd[1]: Starting prepare-critools.service... Feb 9 12:31:50.973832 extend-filesystems[1452]: resize2fs 1.46.5 (30-Dec-2021) Feb 9 12:31:50.876139 systemd[1]: Starting prepare-helm.service... Feb 9 12:31:50.890071 systemd[1]: Starting ssh-key-proc-cmdline.service... Feb 9 12:31:50.905067 systemd[1]: Starting sshd-keygen.service... Feb 9 12:31:50.913920 systemd[1]: Starting systemd-logind.service... Feb 9 12:31:50.932561 systemd[1]: systemd-pcrphase.service was skipped because of an unmet condition check (ConditionPathExists=/sys/firmware/efi/efivars/StubPcrKernelImage-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f). Feb 9 12:31:50.997067 update_engine[1467]: I0209 12:31:50.995151 1467 main.cc:92] Flatcar Update Engine starting Feb 9 12:31:50.933116 systemd[1]: Starting tcsd.service... Feb 9 12:31:50.997248 jq[1468]: true Feb 9 12:31:50.934153 systemd-logind[1465]: Watching system buttons on /dev/input/event3 (Power Button) Feb 9 12:31:50.934165 systemd-logind[1465]: Watching system buttons on /dev/input/event2 (Sleep Button) Feb 9 12:31:50.934174 systemd-logind[1465]: Watching system buttons on /dev/input/event0 (HID 0557:2419) Feb 9 12:31:50.934276 systemd-logind[1465]: New seat seat0. Feb 9 12:31:50.946944 systemd[1]: cgroup compatibility translation between legacy and unified hierarchy settings activated. See cgroup-compat debug messages for details. Feb 9 12:31:50.947285 systemd[1]: Starting update-engine.service... Feb 9 12:31:50.966131 systemd[1]: Starting update-ssh-keys-after-ignition.service... Feb 9 12:31:50.987909 systemd[1]: Started dbus.service. Feb 9 12:31:50.998663 update_engine[1467]: I0209 12:31:50.998651 1467 update_check_scheduler.cc:74] Next update check in 8m1s Feb 9 12:31:51.005319 systemd[1]: enable-oem-cloudinit.service: Skipped due to 'exec-condition'. Feb 9 12:31:51.005405 systemd[1]: Condition check resulted in enable-oem-cloudinit.service being skipped. Feb 9 12:31:51.005574 systemd[1]: motdgen.service: Deactivated successfully. Feb 9 12:31:51.005652 systemd[1]: Finished motdgen.service. Feb 9 12:31:51.014663 systemd[1]: ssh-key-proc-cmdline.service: Deactivated successfully. Feb 9 12:31:51.014745 systemd[1]: Finished ssh-key-proc-cmdline.service. Feb 9 12:31:51.019129 tar[1470]: ./ Feb 9 12:31:51.019129 tar[1470]: ./loopback Feb 9 12:31:51.025102 jq[1476]: true Feb 9 12:31:51.025727 dbus-daemon[1434]: [system] Successfully activated service 'org.freedesktop.systemd1' Feb 9 12:31:51.026717 tar[1472]: linux-amd64/helm Feb 9 12:31:51.028143 tar[1471]: crictl Feb 9 12:31:51.031433 systemd[1]: tcsd.service: Skipped due to 'exec-condition'. Feb 9 12:31:51.031564 systemd[1]: Condition check resulted in tcsd.service being skipped. Feb 9 12:31:51.031668 systemd[1]: Started systemd-logind.service. Feb 9 12:31:51.034807 env[1477]: time="2024-02-09T12:31:51.034778694Z" level=info msg="starting containerd" revision=92b3a9d6f1b3bcc6dc74875cfdea653fe39f09c2 version=1.6.16 Feb 9 12:31:51.038586 tar[1470]: ./bandwidth Feb 9 12:31:51.042650 systemd[1]: Started update-engine.service. Feb 9 12:31:51.046448 env[1477]: time="2024-02-09T12:31:51.046425144Z" level=info msg="loading plugin \"io.containerd.content.v1.content\"..." type=io.containerd.content.v1 Feb 9 12:31:51.048362 env[1477]: time="2024-02-09T12:31:51.048348610Z" level=info msg="loading plugin \"io.containerd.snapshotter.v1.aufs\"..." type=io.containerd.snapshotter.v1 Feb 9 12:31:51.048963 env[1477]: time="2024-02-09T12:31:51.048943328Z" level=info msg="skip loading plugin \"io.containerd.snapshotter.v1.aufs\"..." error="aufs is not supported (modprobe aufs failed: exit status 1 \"modprobe: FATAL: Module aufs not found in directory /lib/modules/5.15.148-flatcar\\n\"): skip plugin" type=io.containerd.snapshotter.v1 Feb 9 12:31:51.050063 env[1477]: time="2024-02-09T12:31:51.048963835Z" level=info msg="loading plugin \"io.containerd.snapshotter.v1.btrfs\"..." type=io.containerd.snapshotter.v1 Feb 9 12:31:51.050650 env[1477]: time="2024-02-09T12:31:51.050631983Z" level=info msg="skip loading plugin \"io.containerd.snapshotter.v1.btrfs\"..." error="path /var/lib/containerd/io.containerd.snapshotter.v1.btrfs (ext4) must be a btrfs filesystem to be used with the btrfs snapshotter: skip plugin" type=io.containerd.snapshotter.v1 Feb 9 12:31:51.050686 env[1477]: time="2024-02-09T12:31:51.050650122Z" level=info msg="loading plugin \"io.containerd.snapshotter.v1.devmapper\"..." type=io.containerd.snapshotter.v1 Feb 9 12:31:51.050686 env[1477]: time="2024-02-09T12:31:51.050662108Z" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.devmapper" error="devmapper not configured" Feb 9 12:31:51.050686 env[1477]: time="2024-02-09T12:31:51.050670634Z" level=info msg="loading plugin \"io.containerd.snapshotter.v1.native\"..." type=io.containerd.snapshotter.v1 Feb 9 12:31:51.052671 env[1477]: time="2024-02-09T12:31:51.052658542Z" level=info msg="loading plugin \"io.containerd.snapshotter.v1.overlayfs\"..." type=io.containerd.snapshotter.v1 Feb 9 12:31:51.052807 env[1477]: time="2024-02-09T12:31:51.052797883Z" level=info msg="loading plugin \"io.containerd.snapshotter.v1.zfs\"..." type=io.containerd.snapshotter.v1 Feb 9 12:31:51.052842 bash[1505]: Updated "/home/core/.ssh/authorized_keys" Feb 9 12:31:51.052964 env[1477]: time="2024-02-09T12:31:51.052879729Z" level=info msg="skip loading plugin \"io.containerd.snapshotter.v1.zfs\"..." error="path /var/lib/containerd/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter: skip plugin" type=io.containerd.snapshotter.v1 Feb 9 12:31:51.052964 env[1477]: time="2024-02-09T12:31:51.052890355Z" level=info msg="loading plugin \"io.containerd.metadata.v1.bolt\"..." type=io.containerd.metadata.v1 Feb 9 12:31:51.052964 env[1477]: time="2024-02-09T12:31:51.052916899Z" level=warning msg="could not use snapshotter devmapper in metadata plugin" error="devmapper not configured" Feb 9 12:31:51.052964 env[1477]: time="2024-02-09T12:31:51.052926156Z" level=info msg="metadata content store policy set" policy=shared Feb 9 12:31:51.053173 systemd[1]: Started locksmithd.service. Feb 9 12:31:51.059664 systemd[1]: system-cloudinit@usr-share-oem-cloud\x2dconfig.yml.service was skipped because of an unmet condition check (ConditionFileNotEmpty=/usr/share/oem/cloud-config.yml). Feb 9 12:31:51.059750 systemd[1]: Reached target system-config.target. Feb 9 12:31:51.063631 env[1477]: time="2024-02-09T12:31:51.063606241Z" level=info msg="loading plugin \"io.containerd.differ.v1.walking\"..." type=io.containerd.differ.v1 Feb 9 12:31:51.063666 env[1477]: time="2024-02-09T12:31:51.063638094Z" level=info msg="loading plugin \"io.containerd.event.v1.exchange\"..." type=io.containerd.event.v1 Feb 9 12:31:51.063666 env[1477]: time="2024-02-09T12:31:51.063651021Z" level=info msg="loading plugin \"io.containerd.gc.v1.scheduler\"..." type=io.containerd.gc.v1 Feb 9 12:31:51.063705 env[1477]: time="2024-02-09T12:31:51.063676530Z" level=info msg="loading plugin \"io.containerd.service.v1.introspection-service\"..." type=io.containerd.service.v1 Feb 9 12:31:51.063705 env[1477]: time="2024-02-09T12:31:51.063689850Z" level=info msg="loading plugin \"io.containerd.service.v1.containers-service\"..." type=io.containerd.service.v1 Feb 9 12:31:51.063761 env[1477]: time="2024-02-09T12:31:51.063702257Z" level=info msg="loading plugin \"io.containerd.service.v1.content-service\"..." type=io.containerd.service.v1 Feb 9 12:31:51.063761 env[1477]: time="2024-02-09T12:31:51.063713930Z" level=info msg="loading plugin \"io.containerd.service.v1.diff-service\"..." type=io.containerd.service.v1 Feb 9 12:31:51.063761 env[1477]: time="2024-02-09T12:31:51.063726383Z" level=info msg="loading plugin \"io.containerd.service.v1.images-service\"..." type=io.containerd.service.v1 Feb 9 12:31:51.063761 env[1477]: time="2024-02-09T12:31:51.063738685Z" level=info msg="loading plugin \"io.containerd.service.v1.leases-service\"..." type=io.containerd.service.v1 Feb 9 12:31:51.063761 env[1477]: time="2024-02-09T12:31:51.063751132Z" level=info msg="loading plugin \"io.containerd.service.v1.namespaces-service\"..." type=io.containerd.service.v1 Feb 9 12:31:51.063854 env[1477]: time="2024-02-09T12:31:51.063762598Z" level=info msg="loading plugin \"io.containerd.service.v1.snapshots-service\"..." type=io.containerd.service.v1 Feb 9 12:31:51.063854 env[1477]: time="2024-02-09T12:31:51.063773875Z" level=info msg="loading plugin \"io.containerd.runtime.v1.linux\"..." type=io.containerd.runtime.v1 Feb 9 12:31:51.063896 env[1477]: time="2024-02-09T12:31:51.063852405Z" level=info msg="loading plugin \"io.containerd.runtime.v2.task\"..." type=io.containerd.runtime.v2 Feb 9 12:31:51.063922 env[1477]: time="2024-02-09T12:31:51.063912863Z" level=info msg="loading plugin \"io.containerd.monitor.v1.cgroups\"..." type=io.containerd.monitor.v1 Feb 9 12:31:51.064115 env[1477]: time="2024-02-09T12:31:51.064100285Z" level=info msg="loading plugin \"io.containerd.service.v1.tasks-service\"..." type=io.containerd.service.v1 Feb 9 12:31:51.064141 env[1477]: time="2024-02-09T12:31:51.064125570Z" level=info msg="loading plugin \"io.containerd.grpc.v1.introspection\"..." type=io.containerd.grpc.v1 Feb 9 12:31:51.064160 env[1477]: time="2024-02-09T12:31:51.064139438Z" level=info msg="loading plugin \"io.containerd.internal.v1.restart\"..." type=io.containerd.internal.v1 Feb 9 12:31:51.064195 env[1477]: time="2024-02-09T12:31:51.064174182Z" level=info msg="loading plugin \"io.containerd.grpc.v1.containers\"..." type=io.containerd.grpc.v1 Feb 9 12:31:51.064195 env[1477]: time="2024-02-09T12:31:51.064185358Z" level=info msg="loading plugin \"io.containerd.grpc.v1.content\"..." type=io.containerd.grpc.v1 Feb 9 12:31:51.064237 env[1477]: time="2024-02-09T12:31:51.064195245Z" level=info msg="loading plugin \"io.containerd.grpc.v1.diff\"..." type=io.containerd.grpc.v1 Feb 9 12:31:51.064237 env[1477]: time="2024-02-09T12:31:51.064204822Z" level=info msg="loading plugin \"io.containerd.grpc.v1.events\"..." type=io.containerd.grpc.v1 Feb 9 12:31:51.064237 env[1477]: time="2024-02-09T12:31:51.064215695Z" level=info msg="loading plugin \"io.containerd.grpc.v1.healthcheck\"..." type=io.containerd.grpc.v1 Feb 9 12:31:51.064237 env[1477]: time="2024-02-09T12:31:51.064225740Z" level=info msg="loading plugin \"io.containerd.grpc.v1.images\"..." type=io.containerd.grpc.v1 Feb 9 12:31:51.064298 env[1477]: time="2024-02-09T12:31:51.064236647Z" level=info msg="loading plugin \"io.containerd.grpc.v1.leases\"..." type=io.containerd.grpc.v1 Feb 9 12:31:51.064298 env[1477]: time="2024-02-09T12:31:51.064248513Z" level=info msg="loading plugin \"io.containerd.grpc.v1.namespaces\"..." type=io.containerd.grpc.v1 Feb 9 12:31:51.064298 env[1477]: time="2024-02-09T12:31:51.064260616Z" level=info msg="loading plugin \"io.containerd.internal.v1.opt\"..." type=io.containerd.internal.v1 Feb 9 12:31:51.064359 env[1477]: time="2024-02-09T12:31:51.064341815Z" level=info msg="loading plugin \"io.containerd.grpc.v1.snapshots\"..." type=io.containerd.grpc.v1 Feb 9 12:31:51.064359 env[1477]: time="2024-02-09T12:31:51.064355471Z" level=info msg="loading plugin \"io.containerd.grpc.v1.tasks\"..." type=io.containerd.grpc.v1 Feb 9 12:31:51.064401 env[1477]: time="2024-02-09T12:31:51.064366756Z" level=info msg="loading plugin \"io.containerd.grpc.v1.version\"..." type=io.containerd.grpc.v1 Feb 9 12:31:51.064401 env[1477]: time="2024-02-09T12:31:51.064377296Z" level=info msg="loading plugin \"io.containerd.tracing.processor.v1.otlp\"..." type=io.containerd.tracing.processor.v1 Feb 9 12:31:51.064401 env[1477]: time="2024-02-09T12:31:51.064390542Z" level=info msg="skip loading plugin \"io.containerd.tracing.processor.v1.otlp\"..." error="no OpenTelemetry endpoint: skip plugin" type=io.containerd.tracing.processor.v1 Feb 9 12:31:51.064456 env[1477]: time="2024-02-09T12:31:51.064401879Z" level=info msg="loading plugin \"io.containerd.internal.v1.tracing\"..." type=io.containerd.internal.v1 Feb 9 12:31:51.064456 env[1477]: time="2024-02-09T12:31:51.064419740Z" level=error msg="failed to initialize a tracing processor \"otlp\"" error="no OpenTelemetry endpoint: skip plugin" Feb 9 12:31:51.064456 env[1477]: time="2024-02-09T12:31:51.064446102Z" level=info msg="loading plugin \"io.containerd.grpc.v1.cri\"..." type=io.containerd.grpc.v1 Feb 9 12:31:51.064663 env[1477]: time="2024-02-09T12:31:51.064615392Z" level=info msg="Start cri plugin with config {PluginConfig:{ContainerdConfig:{Snapshotter:overlayfs DefaultRuntimeName:runc DefaultRuntime:{Type: Path: Engine: PodAnnotations:[] ContainerAnnotations:[] Root: Options:map[] PrivilegedWithoutHostDevices:false BaseRuntimeSpec: NetworkPluginConfDir: NetworkPluginMaxConfNum:0} UntrustedWorkloadRuntime:{Type: Path: Engine: PodAnnotations:[] ContainerAnnotations:[] Root: Options:map[] PrivilegedWithoutHostDevices:false BaseRuntimeSpec: NetworkPluginConfDir: NetworkPluginMaxConfNum:0} Runtimes:map[runc:{Type:io.containerd.runc.v2 Path: Engine: PodAnnotations:[] ContainerAnnotations:[] Root: Options:map[SystemdCgroup:true] PrivilegedWithoutHostDevices:false BaseRuntimeSpec: NetworkPluginConfDir: NetworkPluginMaxConfNum:0}] NoPivot:false DisableSnapshotAnnotations:true DiscardUnpackedLayers:false IgnoreRdtNotEnabledErrors:false} CniConfig:{NetworkPluginBinDir:/opt/cni/bin NetworkPluginConfDir:/etc/cni/net.d NetworkPluginMaxConfNum:1 NetworkPluginConfTemplate: IPPreference:} Registry:{ConfigPath: Mirrors:map[] Configs:map[] Auths:map[] Headers:map[]} ImageDecryption:{KeyModel:node} DisableTCPService:true StreamServerAddress:127.0.0.1 StreamServerPort:0 StreamIdleTimeout:4h0m0s EnableSelinux:true SelinuxCategoryRange:1024 SandboxImage:registry.k8s.io/pause:3.6 StatsCollectPeriod:10 SystemdCgroup:false EnableTLSStreaming:false X509KeyPairStreaming:{TLSCertFile: TLSKeyFile:} MaxContainerLogLineSize:16384 DisableCgroup:false DisableApparmor:false RestrictOOMScoreAdj:false MaxConcurrentDownloads:3 DisableProcMount:false UnsetSeccompProfile: TolerateMissingHugetlbController:true DisableHugetlbController:true DeviceOwnershipFromSecurityContext:false IgnoreImageDefinedVolumes:false NetNSMountsUnderStateDir:false EnableUnprivilegedPorts:false EnableUnprivilegedICMP:false} ContainerdRootDir:/var/lib/containerd ContainerdEndpoint:/run/containerd/containerd.sock RootDir:/var/lib/containerd/io.containerd.grpc.v1.cri StateDir:/run/containerd/io.containerd.grpc.v1.cri}" Feb 9 12:31:51.066740 env[1477]: time="2024-02-09T12:31:51.064669860Z" level=info msg="Connect containerd service" Feb 9 12:31:51.066740 env[1477]: time="2024-02-09T12:31:51.064693881Z" level=info msg="Get image filesystem path \"/var/lib/containerd/io.containerd.snapshotter.v1.overlayfs\"" Feb 9 12:31:51.066740 env[1477]: time="2024-02-09T12:31:51.065070204Z" level=error msg="failed to load cni during init, please check CRI plugin status before setting up network for pods" error="cni config load failed: no network config found in /etc/cni/net.d: cni plugin not initialized: failed to load cni config" Feb 9 12:31:51.066740 env[1477]: time="2024-02-09T12:31:51.065160563Z" level=info msg="Start subscribing containerd event" Feb 9 12:31:51.066740 env[1477]: time="2024-02-09T12:31:51.065192287Z" level=info msg="Start recovering state" Feb 9 12:31:51.066740 env[1477]: time="2024-02-09T12:31:51.065229564Z" level=info msg="Start event monitor" Feb 9 12:31:51.066740 env[1477]: time="2024-02-09T12:31:51.065227996Z" level=info msg=serving... address=/run/containerd/containerd.sock.ttrpc Feb 9 12:31:51.066740 env[1477]: time="2024-02-09T12:31:51.065243313Z" level=info msg="Start snapshots syncer" Feb 9 12:31:51.066740 env[1477]: time="2024-02-09T12:31:51.065249324Z" level=info msg="Start cni network conf syncer for default" Feb 9 12:31:51.066740 env[1477]: time="2024-02-09T12:31:51.065253388Z" level=info msg="Start streaming server" Feb 9 12:31:51.066740 env[1477]: time="2024-02-09T12:31:51.065265557Z" level=info msg=serving... address=/run/containerd/containerd.sock Feb 9 12:31:51.066740 env[1477]: time="2024-02-09T12:31:51.065298557Z" level=info msg="containerd successfully booted in 0.030893s" Feb 9 12:31:51.068644 systemd[1]: user-cloudinit-proc-cmdline.service was skipped because of an unmet condition check (ConditionKernelCommandLine=cloud-config-url). Feb 9 12:31:51.068725 systemd[1]: Reached target user-config.target. Feb 9 12:31:51.074202 tar[1470]: ./ptp Feb 9 12:31:51.078063 systemd[1]: Started containerd.service. Feb 9 12:31:51.084816 systemd[1]: Finished update-ssh-keys-after-ignition.service. Feb 9 12:31:51.098238 tar[1470]: ./vlan Feb 9 12:31:51.117984 locksmithd[1512]: locksmithd starting currentOperation="UPDATE_STATUS_IDLE" strategy="reboot" Feb 9 12:31:51.120285 tar[1470]: ./host-device Feb 9 12:31:51.141580 tar[1470]: ./tuning Feb 9 12:31:51.160353 tar[1470]: ./vrf Feb 9 12:31:51.180039 tar[1470]: ./sbr Feb 9 12:31:51.199291 tar[1470]: ./tap Feb 9 12:31:51.221281 tar[1470]: ./dhcp Feb 9 12:31:51.267597 systemd-networkd[1320]: bond0: Gained IPv6LL Feb 9 12:31:51.277300 tar[1470]: ./static Feb 9 12:31:51.279079 tar[1472]: linux-amd64/LICENSE Feb 9 12:31:51.279116 tar[1472]: linux-amd64/README.md Feb 9 12:31:51.281605 systemd[1]: Finished prepare-helm.service. Feb 9 12:31:51.293252 tar[1470]: ./firewall Feb 9 12:31:51.299914 systemd[1]: Finished prepare-critools.service. Feb 9 12:31:51.317608 tar[1470]: ./macvlan Feb 9 12:31:51.339585 tar[1470]: ./dummy Feb 9 12:31:51.343532 kernel: EXT4-fs (sda9): resized filesystem to 116605649 Feb 9 12:31:51.370701 extend-filesystems[1452]: Filesystem at /dev/sda9 is mounted on /; on-line resizing required Feb 9 12:31:51.370701 extend-filesystems[1452]: old_desc_blocks = 1, new_desc_blocks = 56 Feb 9 12:31:51.370701 extend-filesystems[1452]: The filesystem on /dev/sda9 is now 116605649 (4k) blocks long. Feb 9 12:31:51.407588 extend-filesystems[1436]: Resized filesystem in /dev/sda9 Feb 9 12:31:51.407588 extend-filesystems[1436]: Found sdb Feb 9 12:31:51.422579 tar[1470]: ./bridge Feb 9 12:31:51.422579 tar[1470]: ./ipvlan Feb 9 12:31:51.371154 systemd[1]: extend-filesystems.service: Deactivated successfully. Feb 9 12:31:51.371240 systemd[1]: Finished extend-filesystems.service. Feb 9 12:31:51.434116 tar[1470]: ./portmap Feb 9 12:31:51.454860 tar[1470]: ./host-local Feb 9 12:31:51.478415 systemd[1]: Finished prepare-cni-plugins.service. Feb 9 12:31:51.993392 sshd_keygen[1464]: ssh-keygen: generating new host keys: RSA ECDSA ED25519 Feb 9 12:31:52.004950 systemd[1]: Finished sshd-keygen.service. Feb 9 12:31:52.013350 systemd[1]: Starting issuegen.service... Feb 9 12:31:52.020772 systemd[1]: issuegen.service: Deactivated successfully. Feb 9 12:31:52.020846 systemd[1]: Finished issuegen.service. Feb 9 12:31:52.029291 systemd[1]: Starting systemd-user-sessions.service... Feb 9 12:31:52.038750 systemd[1]: Finished systemd-user-sessions.service. Feb 9 12:31:52.048164 systemd[1]: Started getty@tty1.service. Feb 9 12:31:52.056124 systemd[1]: Started serial-getty@ttyS1.service. Feb 9 12:31:52.065658 systemd[1]: Reached target getty.target. Feb 9 12:31:52.821693 kernel: mlx5_core 0000:02:00.0: lag map port 1:1 port 2:2 shared_fdb:0 Feb 9 12:31:56.771893 coreos-metadata[1428]: Feb 09 12:31:56.771 INFO Failed to fetch: error sending request for url (https://metadata.packet.net/metadata): error trying to connect: dns error: failed to lookup address information: Name or service not known Feb 9 12:31:56.772709 coreos-metadata[1431]: Feb 09 12:31:56.771 INFO Failed to fetch: error sending request for url (https://metadata.packet.net/metadata): error trying to connect: dns error: failed to lookup address information: Name or service not known Feb 9 12:31:57.075807 login[1539]: pam_unix(login:session): session opened for user core(uid=500) by LOGIN(uid=0) Feb 9 12:31:57.084123 systemd-logind[1465]: New session 1 of user core. Feb 9 12:31:57.084656 systemd[1]: Created slice user-500.slice. Feb 9 12:31:57.085159 systemd[1]: Starting user-runtime-dir@500.service... Feb 9 12:31:57.085384 login[1538]: pam_unix(login:session): session opened for user core(uid=500) by LOGIN(uid=0) Feb 9 12:31:57.087582 systemd-logind[1465]: New session 2 of user core. Feb 9 12:31:57.090158 systemd[1]: Finished user-runtime-dir@500.service. Feb 9 12:31:57.090839 systemd[1]: Starting user@500.service... Feb 9 12:31:57.092618 (systemd)[1543]: pam_unix(systemd-user:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:31:57.157668 systemd[1543]: Queued start job for default target default.target. Feb 9 12:31:57.157897 systemd[1543]: Reached target paths.target. Feb 9 12:31:57.157908 systemd[1543]: Reached target sockets.target. Feb 9 12:31:57.157916 systemd[1543]: Reached target timers.target. Feb 9 12:31:57.157923 systemd[1543]: Reached target basic.target. Feb 9 12:31:57.157943 systemd[1543]: Reached target default.target. Feb 9 12:31:57.157957 systemd[1543]: Startup finished in 62ms. Feb 9 12:31:57.158007 systemd[1]: Started user@500.service. Feb 9 12:31:57.158511 systemd[1]: Started session-1.scope. Feb 9 12:31:57.158896 systemd[1]: Started session-2.scope. Feb 9 12:31:57.772283 coreos-metadata[1428]: Feb 09 12:31:57.772 INFO Fetching https://metadata.packet.net/metadata: Attempt #2 Feb 9 12:31:57.773329 coreos-metadata[1431]: Feb 09 12:31:57.772 INFO Fetching https://metadata.packet.net/metadata: Attempt #2 Feb 9 12:31:58.248708 kernel: mlx5_core 0000:02:00.0: modify lag map port 1:2 port 2:2 Feb 9 12:31:58.248865 kernel: mlx5_core 0000:02:00.0: modify lag map port 1:1 port 2:2 Feb 9 12:31:58.828919 systemd[1]: Created slice system-sshd.slice. Feb 9 12:31:58.829515 systemd[1]: Started sshd@0-86.109.11.101:22-147.75.109.163:56184.service. Feb 9 12:31:58.843048 coreos-metadata[1431]: Feb 09 12:31:58.842 INFO Fetch successful Feb 9 12:31:58.850918 coreos-metadata[1428]: Feb 09 12:31:58.850 INFO Fetch successful Feb 9 12:31:58.868655 systemd[1]: Finished coreos-metadata.service. Feb 9 12:31:58.869554 systemd[1]: Started packet-phone-home.service. Feb 9 12:31:58.878540 curl[1568]: % Total % Received % Xferd Average Speed Time Time Time Current Feb 9 12:31:58.878737 curl[1568]: Dload Upload Total Spent Left Speed Feb 9 12:31:58.880981 sshd[1564]: Accepted publickey for core from 147.75.109.163 port 56184 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:31:58.882338 unknown[1428]: wrote ssh authorized keys file for user: core Feb 9 12:31:58.894170 sshd[1564]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:31:58.904786 systemd-logind[1465]: New session 3 of user core. Feb 9 12:31:58.907458 systemd[1]: Started session-3.scope. Feb 9 12:31:58.928782 update-ssh-keys[1569]: Updated "/home/core/.ssh/authorized_keys" Feb 9 12:31:58.929614 systemd[1]: Finished coreos-metadata-sshkeys@core.service. Feb 9 12:31:58.930239 systemd[1]: Reached target multi-user.target. Feb 9 12:31:58.932271 systemd[1]: Starting systemd-update-utmp-runlevel.service... Feb 9 12:31:58.943728 systemd[1]: systemd-update-utmp-runlevel.service: Deactivated successfully. Feb 9 12:31:58.943919 systemd[1]: Finished systemd-update-utmp-runlevel.service. Feb 9 12:31:58.944206 systemd[1]: Startup finished in 2.007s (kernel) + 19.311s (initrd) + 14.802s (userspace) = 36.121s. Feb 9 12:31:58.975705 systemd[1]: Started sshd@1-86.109.11.101:22-147.75.109.163:56186.service. Feb 9 12:31:58.335568 systemd-resolved[1420]: Clock change detected. Flushing caches. Feb 9 12:31:58.354925 systemd-journald[1260]: Time jumped backwards, rotating. Feb 9 12:31:58.335805 systemd-timesyncd[1421]: Contacted time server 129.146.193.200:123 (0.flatcar.pool.ntp.org). Feb 9 12:31:58.335956 systemd-timesyncd[1421]: Initial clock synchronization to Fri 2024-02-09 12:31:58.335445 UTC. Feb 9 12:31:58.374610 sshd[1574]: Accepted publickey for core from 147.75.109.163 port 56186 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:31:58.375298 sshd[1574]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:31:58.377234 systemd-logind[1465]: New session 4 of user core. Feb 9 12:31:58.377733 systemd[1]: Started session-4.scope. Feb 9 12:31:58.425434 curl[1568]: \u000d 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0\u000d 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 Feb 9 12:31:58.427747 systemd[1]: packet-phone-home.service: Deactivated successfully. Feb 9 12:31:58.430690 sshd[1574]: pam_unix(sshd:session): session closed for user core Feb 9 12:31:58.432054 systemd[1]: sshd@1-86.109.11.101:22-147.75.109.163:56186.service: Deactivated successfully. Feb 9 12:31:58.432345 systemd[1]: session-4.scope: Deactivated successfully. Feb 9 12:31:58.432698 systemd-logind[1465]: Session 4 logged out. Waiting for processes to exit. Feb 9 12:31:58.433187 systemd[1]: Started sshd@2-86.109.11.101:22-147.75.109.163:56192.service. Feb 9 12:31:58.433629 systemd-logind[1465]: Removed session 4. Feb 9 12:31:58.468184 sshd[1581]: Accepted publickey for core from 147.75.109.163 port 56192 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:31:58.469083 sshd[1581]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:31:58.471972 systemd-logind[1465]: New session 5 of user core. Feb 9 12:31:58.472572 systemd[1]: Started session-5.scope. Feb 9 12:31:58.525842 sshd[1581]: pam_unix(sshd:session): session closed for user core Feb 9 12:31:58.532375 systemd[1]: sshd@2-86.109.11.101:22-147.75.109.163:56192.service: Deactivated successfully. Feb 9 12:31:58.533914 systemd[1]: session-5.scope: Deactivated successfully. Feb 9 12:31:58.535506 systemd-logind[1465]: Session 5 logged out. Waiting for processes to exit. Feb 9 12:31:58.537981 systemd[1]: Started sshd@3-86.109.11.101:22-147.75.109.163:56204.service. Feb 9 12:31:58.540334 systemd-logind[1465]: Removed session 5. Feb 9 12:31:58.639986 sshd[1587]: Accepted publickey for core from 147.75.109.163 port 56204 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:31:58.641706 sshd[1587]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:31:58.646867 systemd-logind[1465]: New session 6 of user core. Feb 9 12:31:58.647987 systemd[1]: Started session-6.scope. Feb 9 12:31:58.706538 sshd[1587]: pam_unix(sshd:session): session closed for user core Feb 9 12:31:58.707903 systemd[1]: sshd@3-86.109.11.101:22-147.75.109.163:56204.service: Deactivated successfully. Feb 9 12:31:58.708186 systemd[1]: session-6.scope: Deactivated successfully. Feb 9 12:31:58.708581 systemd-logind[1465]: Session 6 logged out. Waiting for processes to exit. Feb 9 12:31:58.709019 systemd[1]: Started sshd@4-86.109.11.101:22-147.75.109.163:56208.service. Feb 9 12:31:58.709431 systemd-logind[1465]: Removed session 6. Feb 9 12:31:58.743762 sshd[1593]: Accepted publickey for core from 147.75.109.163 port 56208 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:31:58.744604 sshd[1593]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:31:58.747428 systemd-logind[1465]: New session 7 of user core. Feb 9 12:31:58.748041 systemd[1]: Started session-7.scope. Feb 9 12:31:58.829743 sudo[1597]: core : PWD=/home/core ; USER=root ; COMMAND=/usr/sbin/setenforce 1 Feb 9 12:31:58.830397 sudo[1597]: pam_unix(sudo:session): session opened for user root(uid=0) by (uid=500) Feb 9 12:31:58.846641 dbus-daemon[1434]: \xd0=]^bU: received setenforce notice (enforcing=-661772256) Feb 9 12:31:58.851656 sudo[1597]: pam_unix(sudo:session): session closed for user root Feb 9 12:31:58.864089 sshd[1593]: pam_unix(sshd:session): session closed for user core Feb 9 12:31:58.871015 systemd[1]: sshd@4-86.109.11.101:22-147.75.109.163:56208.service: Deactivated successfully. Feb 9 12:31:58.872675 systemd[1]: session-7.scope: Deactivated successfully. Feb 9 12:31:58.874358 systemd-logind[1465]: Session 7 logged out. Waiting for processes to exit. Feb 9 12:31:58.877079 systemd[1]: Started sshd@5-86.109.11.101:22-147.75.109.163:56210.service. Feb 9 12:31:58.879430 systemd-logind[1465]: Removed session 7. Feb 9 12:31:58.978895 sshd[1601]: Accepted publickey for core from 147.75.109.163 port 56210 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:31:58.980519 sshd[1601]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:31:58.985822 systemd-logind[1465]: New session 8 of user core. Feb 9 12:31:58.986981 systemd[1]: Started session-8.scope. Feb 9 12:31:59.049158 sudo[1605]: core : PWD=/home/core ; USER=root ; COMMAND=/usr/bin/rm -rf /etc/audit/rules.d/80-selinux.rules /etc/audit/rules.d/99-default.rules Feb 9 12:31:59.049269 sudo[1605]: pam_unix(sudo:session): session opened for user root(uid=0) by (uid=500) Feb 9 12:31:59.050931 sudo[1605]: pam_unix(sudo:session): session closed for user root Feb 9 12:31:59.053180 sudo[1604]: core : PWD=/home/core ; USER=root ; COMMAND=/usr/bin/systemctl restart audit-rules Feb 9 12:31:59.053298 sudo[1604]: pam_unix(sudo:session): session opened for user root(uid=0) by (uid=500) Feb 9 12:31:59.058268 systemd[1]: Stopping audit-rules.service... Feb 9 12:31:59.057000 audit: CONFIG_CHANGE auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=remove_rule key=(null) list=5 res=1 Feb 9 12:31:59.059118 auditctl[1608]: No rules Feb 9 12:31:59.059268 systemd[1]: audit-rules.service: Deactivated successfully. Feb 9 12:31:59.059350 systemd[1]: Stopped audit-rules.service. Feb 9 12:31:59.060101 systemd[1]: Starting audit-rules.service... Feb 9 12:31:59.064496 kernel: kauditd_printk_skb: 95 callbacks suppressed Feb 9 12:31:59.064525 kernel: audit: type=1305 audit(1707481919.057:172): auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=remove_rule key=(null) list=5 res=1 Feb 9 12:31:59.070185 augenrules[1625]: No rules Feb 9 12:31:59.070515 systemd[1]: Finished audit-rules.service. Feb 9 12:31:59.071008 sudo[1604]: pam_unix(sudo:session): session closed for user root Feb 9 12:31:59.071990 sshd[1601]: pam_unix(sshd:session): session closed for user core Feb 9 12:31:59.073642 systemd[1]: sshd@5-86.109.11.101:22-147.75.109.163:56210.service: Deactivated successfully. Feb 9 12:31:59.073981 systemd[1]: session-8.scope: Deactivated successfully. Feb 9 12:31:59.074288 systemd-logind[1465]: Session 8 logged out. Waiting for processes to exit. Feb 9 12:31:59.074860 systemd[1]: Started sshd@6-86.109.11.101:22-147.75.109.163:56212.service. Feb 9 12:31:59.075351 systemd-logind[1465]: Removed session 8. Feb 9 12:31:59.057000 audit[1608]: SYSCALL arch=c000003e syscall=44 success=yes exit=1056 a0=3 a1=7ffc4553fa30 a2=420 a3=0 items=0 ppid=1 pid=1608 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="auditctl" exe="/usr/sbin/auditctl" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:31:59.111066 kernel: audit: type=1300 audit(1707481919.057:172): arch=c000003e syscall=44 success=yes exit=1056 a0=3 a1=7ffc4553fa30 a2=420 a3=0 items=0 ppid=1 pid=1608 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="auditctl" exe="/usr/sbin/auditctl" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:31:59.111117 kernel: audit: type=1327 audit(1707481919.057:172): proctitle=2F7362696E2F617564697463746C002D44 Feb 9 12:31:59.057000 audit: PROCTITLE proctitle=2F7362696E2F617564697463746C002D44 Feb 9 12:31:59.120627 kernel: audit: type=1131 audit(1707481919.058:173): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=audit-rules comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:59.058000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=audit-rules comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:59.143026 kernel: audit: type=1130 audit(1707481919.069:174): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=audit-rules comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:59.069000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=audit-rules comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:59.165485 kernel: audit: type=1106 audit(1707481919.069:175): pid=1604 uid=500 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' Feb 9 12:31:59.069000 audit[1604]: USER_END pid=1604 uid=500 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' Feb 9 12:31:59.171681 sshd[1631]: Accepted publickey for core from 147.75.109.163 port 56212 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:31:59.172492 sshd[1631]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:31:59.174635 systemd-logind[1465]: New session 9 of user core. Feb 9 12:31:59.175014 systemd[1]: Started session-9.scope. Feb 9 12:31:59.191458 kernel: audit: type=1104 audit(1707481919.069:176): pid=1604 uid=500 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' Feb 9 12:31:59.069000 audit[1604]: CRED_DISP pid=1604 uid=500 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' Feb 9 12:31:59.214984 kernel: audit: type=1106 audit(1707481919.071:177): pid=1601 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:31:59.071000 audit[1601]: USER_END pid=1601 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:31:59.221918 sudo[1634]: core : PWD=/home/core ; USER=root ; COMMAND=/home/core/install.sh Feb 9 12:31:59.222025 sudo[1634]: pam_unix(sudo:session): session opened for user root(uid=0) by (uid=500) Feb 9 12:31:59.247188 kernel: audit: type=1104 audit(1707481919.071:178): pid=1601 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:31:59.071000 audit[1601]: CRED_DISP pid=1601 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:31:59.273158 kernel: audit: type=1131 audit(1707481919.072:179): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@5-86.109.11.101:22-147.75.109.163:56210 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:59.072000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@5-86.109.11.101:22-147.75.109.163:56210 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:59.073000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@6-86.109.11.101:22-147.75.109.163:56212 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:31:59.170000 audit[1631]: USER_ACCT pid=1631 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:31:59.171000 audit[1631]: CRED_ACQ pid=1631 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:31:59.171000 audit[1631]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffd00b52e0 a2=3 a3=0 items=0 ppid=1 pid=1631 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=9 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:31:59.171000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:31:59.175000 audit[1631]: USER_START pid=1631 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:31:59.176000 audit[1633]: CRED_ACQ pid=1633 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:31:59.220000 audit[1634]: USER_ACCT pid=1634 uid=500 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' Feb 9 12:31:59.220000 audit[1634]: CRED_REFR pid=1634 uid=500 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' Feb 9 12:31:59.221000 audit[1634]: USER_START pid=1634 uid=500 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' Feb 9 12:32:03.158676 systemd[1]: Starting systemd-networkd-wait-online.service... Feb 9 12:32:03.162791 systemd[1]: Finished systemd-networkd-wait-online.service. Feb 9 12:32:03.161000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-networkd-wait-online comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:03.162989 systemd[1]: Reached target network-online.target. Feb 9 12:32:03.163679 systemd[1]: Starting docker.service... Feb 9 12:32:03.185958 env[1654]: time="2024-02-09T12:32:03.185924291Z" level=info msg="Starting up" Feb 9 12:32:03.186755 env[1654]: time="2024-02-09T12:32:03.186739944Z" level=info msg="parsed scheme: \"unix\"" module=grpc Feb 9 12:32:03.186755 env[1654]: time="2024-02-09T12:32:03.186752630Z" level=info msg="scheme \"unix\" not registered, fallback to default scheme" module=grpc Feb 9 12:32:03.186834 env[1654]: time="2024-02-09T12:32:03.186769429Z" level=info msg="ccResolverWrapper: sending update to cc: {[{unix:///var/run/docker/libcontainerd/docker-containerd.sock 0 }] }" module=grpc Feb 9 12:32:03.186834 env[1654]: time="2024-02-09T12:32:03.186777908Z" level=info msg="ClientConn switching balancer to \"pick_first\"" module=grpc Feb 9 12:32:03.187833 env[1654]: time="2024-02-09T12:32:03.187790107Z" level=info msg="parsed scheme: \"unix\"" module=grpc Feb 9 12:32:03.187833 env[1654]: time="2024-02-09T12:32:03.187801460Z" level=info msg="scheme \"unix\" not registered, fallback to default scheme" module=grpc Feb 9 12:32:03.187833 env[1654]: time="2024-02-09T12:32:03.187810993Z" level=info msg="ccResolverWrapper: sending update to cc: {[{unix:///var/run/docker/libcontainerd/docker-containerd.sock 0 }] }" module=grpc Feb 9 12:32:03.187833 env[1654]: time="2024-02-09T12:32:03.187817301Z" level=info msg="ClientConn switching balancer to \"pick_first\"" module=grpc Feb 9 12:32:03.221165 env[1654]: time="2024-02-09T12:32:03.221140545Z" level=info msg="Loading containers: start." Feb 9 12:32:03.251000 audit[1698]: NETFILTER_CFG table=nat:2 family=2 entries=2 op=nft_register_chain pid=1698 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.251000 audit[1698]: SYSCALL arch=c000003e syscall=46 success=yes exit=116 a0=3 a1=7ffe80f0d8e0 a2=0 a3=7ffe80f0d8cc items=0 ppid=1654 pid=1698 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.251000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D74006E6174002D4E00444F434B4552 Feb 9 12:32:03.252000 audit[1700]: NETFILTER_CFG table=filter:3 family=2 entries=2 op=nft_register_chain pid=1700 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.252000 audit[1700]: SYSCALL arch=c000003e syscall=46 success=yes exit=124 a0=3 a1=7ffde8f06fa0 a2=0 a3=7ffde8f06f8c items=0 ppid=1654 pid=1700 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.252000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D740066696C746572002D4E00444F434B4552 Feb 9 12:32:03.252000 audit[1702]: NETFILTER_CFG table=filter:4 family=2 entries=1 op=nft_register_chain pid=1702 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.252000 audit[1702]: SYSCALL arch=c000003e syscall=46 success=yes exit=112 a0=3 a1=7ffcc41caec0 a2=0 a3=7ffcc41caeac items=0 ppid=1654 pid=1702 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.252000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D740066696C746572002D4E00444F434B45522D49534F4C4154494F4E2D53544147452D31 Feb 9 12:32:03.253000 audit[1704]: NETFILTER_CFG table=filter:5 family=2 entries=1 op=nft_register_chain pid=1704 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.253000 audit[1704]: SYSCALL arch=c000003e syscall=46 success=yes exit=112 a0=3 a1=7ffe3c462110 a2=0 a3=7ffe3c4620fc items=0 ppid=1654 pid=1704 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.253000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D740066696C746572002D4E00444F434B45522D49534F4C4154494F4E2D53544147452D32 Feb 9 12:32:03.255000 audit[1706]: NETFILTER_CFG table=filter:6 family=2 entries=1 op=nft_register_rule pid=1706 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.255000 audit[1706]: SYSCALL arch=c000003e syscall=46 success=yes exit=228 a0=3 a1=7ffe4f045930 a2=0 a3=7ffe4f04591c items=0 ppid=1654 pid=1706 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.255000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D4100444F434B45522D49534F4C4154494F4E2D53544147452D31002D6A0052455455524E Feb 9 12:32:03.296000 audit[1711]: NETFILTER_CFG table=filter:7 family=2 entries=1 op=nft_register_rule pid=1711 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.296000 audit[1711]: SYSCALL arch=c000003e syscall=46 success=yes exit=228 a0=3 a1=7ffde1f5b490 a2=0 a3=7ffde1f5b47c items=0 ppid=1654 pid=1711 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.296000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D4100444F434B45522D49534F4C4154494F4E2D53544147452D32002D6A0052455455524E Feb 9 12:32:03.302000 audit[1713]: NETFILTER_CFG table=filter:8 family=2 entries=1 op=nft_register_chain pid=1713 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.302000 audit[1713]: SYSCALL arch=c000003e syscall=46 success=yes exit=96 a0=3 a1=7ffd187741f0 a2=0 a3=7ffd187741dc items=0 ppid=1654 pid=1713 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.302000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D740066696C746572002D4E00444F434B45522D55534552 Feb 9 12:32:03.305000 audit[1715]: NETFILTER_CFG table=filter:9 family=2 entries=1 op=nft_register_rule pid=1715 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.305000 audit[1715]: SYSCALL arch=c000003e syscall=46 success=yes exit=212 a0=3 a1=7ffeb41f75e0 a2=0 a3=7ffeb41f75cc items=0 ppid=1654 pid=1715 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.305000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D4100444F434B45522D55534552002D6A0052455455524E Feb 9 12:32:03.308000 audit[1717]: NETFILTER_CFG table=filter:10 family=2 entries=2 op=nft_register_chain pid=1717 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.308000 audit[1717]: SYSCALL arch=c000003e syscall=46 success=yes exit=308 a0=3 a1=7ffcfce3c410 a2=0 a3=7ffcfce3c3fc items=0 ppid=1654 pid=1717 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.308000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D4900464F5257415244002D6A00444F434B45522D55534552 Feb 9 12:32:03.321000 audit[1721]: NETFILTER_CFG table=filter:11 family=2 entries=1 op=nft_unregister_rule pid=1721 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.321000 audit[1721]: SYSCALL arch=c000003e syscall=46 success=yes exit=216 a0=3 a1=7fff04b18160 a2=0 a3=7fff04b1814c items=0 ppid=1654 pid=1721 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.321000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D4400464F5257415244002D6A00444F434B45522D55534552 Feb 9 12:32:03.324000 audit[1722]: NETFILTER_CFG table=filter:12 family=2 entries=1 op=nft_register_rule pid=1722 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.324000 audit[1722]: SYSCALL arch=c000003e syscall=46 success=yes exit=224 a0=3 a1=7ffdc8b691c0 a2=0 a3=7ffdc8b691ac items=0 ppid=1654 pid=1722 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.324000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D4900464F5257415244002D6A00444F434B45522D55534552 Feb 9 12:32:03.348272 kernel: Initializing XFRM netlink socket Feb 9 12:32:03.389300 env[1654]: time="2024-02-09T12:32:03.389253663Z" level=info msg="Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can be used to set a preferred IP address" Feb 9 12:32:03.400000 audit[1730]: NETFILTER_CFG table=nat:13 family=2 entries=2 op=nft_register_chain pid=1730 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.400000 audit[1730]: SYSCALL arch=c000003e syscall=46 success=yes exit=492 a0=3 a1=7ffff5b2a650 a2=0 a3=7ffff5b2a63c items=0 ppid=1654 pid=1730 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.400000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D74006E6174002D4900504F5354524F5554494E47002D73003137322E31372E302E302F31360000002D6F00646F636B657230002D6A004D415351554552414445 Feb 9 12:32:03.422000 audit[1733]: NETFILTER_CFG table=nat:14 family=2 entries=1 op=nft_register_rule pid=1733 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.422000 audit[1733]: SYSCALL arch=c000003e syscall=46 success=yes exit=288 a0=3 a1=7ffd434b50b0 a2=0 a3=7ffd434b509c items=0 ppid=1654 pid=1733 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.422000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D74006E6174002D4900444F434B4552002D6900646F636B657230002D6A0052455455524E Feb 9 12:32:03.423000 audit[1736]: NETFILTER_CFG table=filter:15 family=2 entries=1 op=nft_register_rule pid=1736 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.423000 audit[1736]: SYSCALL arch=c000003e syscall=46 success=yes exit=376 a0=3 a1=7ffc41f1a0b0 a2=0 a3=7ffc41f1a09c items=0 ppid=1654 pid=1736 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.423000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D4900464F5257415244002D6900646F636B657230002D6F00646F636B657230002D6A00414343455054 Feb 9 12:32:03.425000 audit[1738]: NETFILTER_CFG table=filter:16 family=2 entries=1 op=nft_register_rule pid=1738 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.425000 audit[1738]: SYSCALL arch=c000003e syscall=46 success=yes exit=376 a0=3 a1=7ffddadccb50 a2=0 a3=7ffddadccb3c items=0 ppid=1654 pid=1738 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.425000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D4900464F5257415244002D6900646F636B6572300000002D6F00646F636B657230002D6A00414343455054 Feb 9 12:32:03.426000 audit[1740]: NETFILTER_CFG table=nat:17 family=2 entries=2 op=nft_register_chain pid=1740 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.426000 audit[1740]: SYSCALL arch=c000003e syscall=46 success=yes exit=356 a0=3 a1=7ffe18e2c800 a2=0 a3=7ffe18e2c7ec items=0 ppid=1654 pid=1740 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.426000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D74006E6174002D4100505245524F5554494E47002D6D006164647274797065002D2D6473742D74797065004C4F43414C002D6A00444F434B4552 Feb 9 12:32:03.427000 audit[1742]: NETFILTER_CFG table=nat:18 family=2 entries=2 op=nft_register_chain pid=1742 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.427000 audit[1742]: SYSCALL arch=c000003e syscall=46 success=yes exit=444 a0=3 a1=7ffd6ca3ead0 a2=0 a3=7ffd6ca3eabc items=0 ppid=1654 pid=1742 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.427000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D74006E6174002D41004F5554505554002D6D006164647274797065002D2D6473742D74797065004C4F43414C002D6A00444F434B45520000002D2D647374003132372E302E302E302F38 Feb 9 12:32:03.428000 audit[1744]: NETFILTER_CFG table=filter:19 family=2 entries=1 op=nft_register_rule pid=1744 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.428000 audit[1744]: SYSCALL arch=c000003e syscall=46 success=yes exit=304 a0=3 a1=7fff47dd9c50 a2=0 a3=7fff47dd9c3c items=0 ppid=1654 pid=1744 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.428000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D4900464F5257415244002D6F00646F636B657230002D6A00444F434B4552 Feb 9 12:32:03.434000 audit[1747]: NETFILTER_CFG table=filter:20 family=2 entries=1 op=nft_register_rule pid=1747 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.434000 audit[1747]: SYSCALL arch=c000003e syscall=46 success=yes exit=508 a0=3 a1=7ffef21e6860 a2=0 a3=7ffef21e684c items=0 ppid=1654 pid=1747 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.434000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D4900464F5257415244002D6F00646F636B657230002D6D00636F6E6E747261636B002D2D637473746174650052454C415445442C45535441424C4953484544002D6A00414343455054 Feb 9 12:32:03.435000 audit[1749]: NETFILTER_CFG table=filter:21 family=2 entries=1 op=nft_register_rule pid=1749 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.435000 audit[1749]: SYSCALL arch=c000003e syscall=46 success=yes exit=240 a0=3 a1=7fffe9b72980 a2=0 a3=7fffe9b7296c items=0 ppid=1654 pid=1749 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.435000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D4900464F5257415244002D6A00444F434B45522D49534F4C4154494F4E2D53544147452D31 Feb 9 12:32:03.436000 audit[1751]: NETFILTER_CFG table=filter:22 family=2 entries=1 op=nft_register_rule pid=1751 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.436000 audit[1751]: SYSCALL arch=c000003e syscall=46 success=yes exit=428 a0=3 a1=7fff6f366020 a2=0 a3=7fff6f36600c items=0 ppid=1654 pid=1751 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.436000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D740066696C746572002D4900444F434B45522D49534F4C4154494F4E2D53544147452D31002D6900646F636B6572300000002D6F00646F636B657230002D6A00444F434B45522D49534F4C4154494F4E2D53544147452D32 Feb 9 12:32:03.437000 audit[1753]: NETFILTER_CFG table=filter:23 family=2 entries=1 op=nft_register_rule pid=1753 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.437000 audit[1753]: SYSCALL arch=c000003e syscall=46 success=yes exit=312 a0=3 a1=7fff7173eea0 a2=0 a3=7fff7173ee8c items=0 ppid=1654 pid=1753 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.437000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D740066696C746572002D4900444F434B45522D49534F4C4154494F4E2D53544147452D32002D6F00646F636B657230002D6A0044524F50 Feb 9 12:32:03.439138 systemd-networkd[1320]: docker0: Link UP Feb 9 12:32:03.442000 audit[1757]: NETFILTER_CFG table=filter:24 family=2 entries=1 op=nft_unregister_rule pid=1757 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.442000 audit[1757]: SYSCALL arch=c000003e syscall=46 success=yes exit=228 a0=3 a1=7fffd1f43200 a2=0 a3=7fffd1f431ec items=0 ppid=1654 pid=1757 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.442000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D4400464F5257415244002D6A00444F434B45522D55534552 Feb 9 12:32:03.442000 audit[1758]: NETFILTER_CFG table=filter:25 family=2 entries=1 op=nft_register_rule pid=1758 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:03.442000 audit[1758]: SYSCALL arch=c000003e syscall=46 success=yes exit=224 a0=3 a1=7ffee1bbadb0 a2=0 a3=7ffee1bbad9c items=0 ppid=1654 pid=1758 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:03.442000 audit: PROCTITLE proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D4900464F5257415244002D6A00444F434B45522D55534552 Feb 9 12:32:03.444285 env[1654]: time="2024-02-09T12:32:03.444255647Z" level=info msg="Loading containers: done." Feb 9 12:32:03.450993 systemd[1]: var-lib-docker-overlay2-opaque\x2dbug\x2dcheck3433403897-merged.mount: Deactivated successfully. Feb 9 12:32:03.451834 env[1654]: time="2024-02-09T12:32:03.451788806Z" level=warning msg="Not using native diff for overlay2, this may cause degraded performance for building images: kernel has CONFIG_OVERLAY_FS_REDIRECT_DIR enabled" storage-driver=overlay2 Feb 9 12:32:03.451952 env[1654]: time="2024-02-09T12:32:03.451911605Z" level=info msg="Docker daemon" commit=112bdf3343 graphdriver(s)=overlay2 version=20.10.23 Feb 9 12:32:03.452008 env[1654]: time="2024-02-09T12:32:03.451980692Z" level=info msg="Daemon has completed initialization" Feb 9 12:32:03.460096 systemd[1]: Started docker.service. Feb 9 12:32:03.458000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=docker comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:03.464851 env[1654]: time="2024-02-09T12:32:03.464795740Z" level=info msg="API listen on /run/docker.sock" Feb 9 12:32:03.481068 systemd[1]: Reloading. Feb 9 12:32:03.530050 /usr/lib/systemd/system-generators/torcx-generator[1807]: time="2024-02-09T12:32:03Z" level=debug msg="common configuration parsed" base_dir=/var/lib/torcx/ conf_dir=/etc/torcx/ run_dir=/run/torcx/ store_paths="[/usr/share/torcx/store /usr/share/oem/torcx/store/3510.3.2 /usr/share/oem/torcx/store /var/lib/torcx/store/3510.3.2 /var/lib/torcx/store]" Feb 9 12:32:03.530065 /usr/lib/systemd/system-generators/torcx-generator[1807]: time="2024-02-09T12:32:03Z" level=info msg="torcx already run" Feb 9 12:32:03.598195 systemd[1]: /usr/lib/systemd/system/locksmithd.service:8: Unit uses CPUShares=; please use CPUWeight= instead. Support for CPUShares= will be removed soon. Feb 9 12:32:03.598207 systemd[1]: /usr/lib/systemd/system/locksmithd.service:9: Unit uses MemoryLimit=; please use MemoryMax= instead. Support for MemoryLimit= will be removed soon. Feb 9 12:32:03.615216 systemd[1]: /run/systemd/system/docker.socket:8: ListenStream= references a path below legacy directory /var/run/, updating /var/run/docker.sock → /run/docker.sock; please update the unit file accordingly. Feb 9 12:32:03.657000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.657000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.657000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.657000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.657000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.657000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.657000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.657000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.657000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.657000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.657000 audit: BPF prog-id=37 op=LOAD Feb 9 12:32:03.657000 audit: BPF prog-id=26 op=UNLOAD Feb 9 12:32:03.658000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.658000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.658000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.658000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.658000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.658000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.658000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.658000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.658000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.658000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.658000 audit: BPF prog-id=38 op=LOAD Feb 9 12:32:03.658000 audit: BPF prog-id=30 op=UNLOAD Feb 9 12:32:03.659000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.659000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.659000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.659000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.659000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.659000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.659000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.659000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.659000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.659000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.659000 audit: BPF prog-id=39 op=LOAD Feb 9 12:32:03.659000 audit: BPF prog-id=31 op=UNLOAD Feb 9 12:32:03.659000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.659000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.659000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.659000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.659000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.659000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.659000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.659000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.659000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.659000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.659000 audit: BPF prog-id=40 op=LOAD Feb 9 12:32:03.659000 audit: BPF prog-id=35 op=UNLOAD Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit: BPF prog-id=41 op=LOAD Feb 9 12:32:03.660000 audit: BPF prog-id=21 op=UNLOAD Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit: BPF prog-id=42 op=LOAD Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.660000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit: BPF prog-id=43 op=LOAD Feb 9 12:32:03.661000 audit: BPF prog-id=22 op=UNLOAD Feb 9 12:32:03.661000 audit: BPF prog-id=23 op=UNLOAD Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit: BPF prog-id=44 op=LOAD Feb 9 12:32:03.661000 audit: BPF prog-id=32 op=UNLOAD Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit: BPF prog-id=45 op=LOAD Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.661000 audit: BPF prog-id=46 op=LOAD Feb 9 12:32:03.661000 audit: BPF prog-id=33 op=UNLOAD Feb 9 12:32:03.661000 audit: BPF prog-id=34 op=UNLOAD Feb 9 12:32:03.662000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.662000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.662000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.662000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.662000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.662000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.662000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.662000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.662000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.662000 audit: BPF prog-id=47 op=LOAD Feb 9 12:32:03.662000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.662000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.662000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.662000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.662000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.662000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.662000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.662000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.662000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.662000 audit: BPF prog-id=48 op=LOAD Feb 9 12:32:03.662000 audit: BPF prog-id=24 op=UNLOAD Feb 9 12:32:03.662000 audit: BPF prog-id=25 op=UNLOAD Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit: BPF prog-id=49 op=LOAD Feb 9 12:32:03.663000 audit: BPF prog-id=27 op=UNLOAD Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit: BPF prog-id=50 op=LOAD Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:03.663000 audit: BPF prog-id=51 op=LOAD Feb 9 12:32:03.663000 audit: BPF prog-id=28 op=UNLOAD Feb 9 12:32:03.663000 audit: BPF prog-id=29 op=UNLOAD Feb 9 12:32:03.668560 systemd[1]: Started kubelet.service. Feb 9 12:32:03.667000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:03.692679 kubelet[1866]: E0209 12:32:03.692613 1866 run.go:74] "command failed" err="failed to load kubelet config file, path: /var/lib/kubelet/config.yaml, error: failed to load Kubelet config file /var/lib/kubelet/config.yaml, error failed to read kubelet config file \"/var/lib/kubelet/config.yaml\", error: open /var/lib/kubelet/config.yaml: no such file or directory" Feb 9 12:32:03.693880 systemd[1]: kubelet.service: Main process exited, code=exited, status=1/FAILURE Feb 9 12:32:03.693947 systemd[1]: kubelet.service: Failed with result 'exit-code'. Feb 9 12:32:03.692000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' Feb 9 12:32:04.626690 env[1477]: time="2024-02-09T12:32:04.626603380Z" level=info msg="PullImage \"registry.k8s.io/kube-apiserver:v1.28.6\"" Feb 9 12:32:05.209193 systemd[1]: var-lib-containerd-tmpmounts-containerd\x2dmount3763128757.mount: Deactivated successfully. Feb 9 12:32:07.206012 env[1477]: time="2024-02-09T12:32:07.205950650Z" level=info msg="ImageCreate event &ImageCreate{Name:registry.k8s.io/kube-apiserver:v1.28.6,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:07.206620 env[1477]: time="2024-02-09T12:32:07.206569677Z" level=info msg="ImageCreate event &ImageCreate{Name:sha256:70e88c5e3a8e409ff4604a5fdb1dacb736ea02ba0b7a3da635f294e953906f47,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:07.207633 env[1477]: time="2024-02-09T12:32:07.207611698Z" level=info msg="ImageUpdate event &ImageUpdate{Name:registry.k8s.io/kube-apiserver:v1.28.6,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:07.208903 env[1477]: time="2024-02-09T12:32:07.208861876Z" level=info msg="ImageCreate event &ImageCreate{Name:registry.k8s.io/kube-apiserver@sha256:98a686df810b9f1de8e3b2ae869e79c51a36e7434d33c53f011852618aec0a68,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:07.209175 env[1477]: time="2024-02-09T12:32:07.209142512Z" level=info msg="PullImage \"registry.k8s.io/kube-apiserver:v1.28.6\" returns image reference \"sha256:70e88c5e3a8e409ff4604a5fdb1dacb736ea02ba0b7a3da635f294e953906f47\"" Feb 9 12:32:07.219524 env[1477]: time="2024-02-09T12:32:07.219451677Z" level=info msg="PullImage \"registry.k8s.io/kube-controller-manager:v1.28.6\"" Feb 9 12:32:09.977187 env[1477]: time="2024-02-09T12:32:09.977157476Z" level=info msg="ImageCreate event &ImageCreate{Name:registry.k8s.io/kube-controller-manager:v1.28.6,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:09.977863 env[1477]: time="2024-02-09T12:32:09.977843103Z" level=info msg="ImageCreate event &ImageCreate{Name:sha256:18dbd2df3bb54036300d2af8b20ef60d479173946ff089a4d16e258b27faa55c,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:09.979050 env[1477]: time="2024-02-09T12:32:09.979036869Z" level=info msg="ImageUpdate event &ImageUpdate{Name:registry.k8s.io/kube-controller-manager:v1.28.6,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:09.979969 env[1477]: time="2024-02-09T12:32:09.979926008Z" level=info msg="ImageCreate event &ImageCreate{Name:registry.k8s.io/kube-controller-manager@sha256:80bdcd72cfe26028bb2fed75732fc2f511c35fa8d1edc03deae11f3490713c9e,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:09.980849 env[1477]: time="2024-02-09T12:32:09.980834341Z" level=info msg="PullImage \"registry.k8s.io/kube-controller-manager:v1.28.6\" returns image reference \"sha256:18dbd2df3bb54036300d2af8b20ef60d479173946ff089a4d16e258b27faa55c\"" Feb 9 12:32:09.986535 env[1477]: time="2024-02-09T12:32:09.986492086Z" level=info msg="PullImage \"registry.k8s.io/kube-scheduler:v1.28.6\"" Feb 9 12:32:10.393701 systemd[1]: Started sshd@7-86.109.11.101:22-104.248.145.46:54768.service. Feb 9 12:32:10.392000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@7-86.109.11.101:22-104.248.145.46:54768 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:10.399424 kernel: kauditd_printk_skb: 259 callbacks suppressed Feb 9 12:32:10.399499 kernel: audit: type=1130 audit(1707481930.392:389): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@7-86.109.11.101:22-104.248.145.46:54768 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:11.387583 env[1477]: time="2024-02-09T12:32:11.387535547Z" level=info msg="ImageCreate event &ImageCreate{Name:registry.k8s.io/kube-scheduler:v1.28.6,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:11.388140 env[1477]: time="2024-02-09T12:32:11.388099374Z" level=info msg="ImageCreate event &ImageCreate{Name:sha256:7597ecaaf12074e2980eee086736dbd01e566dc266351560001aa47dbbb0e5fe,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:11.389097 env[1477]: time="2024-02-09T12:32:11.389052664Z" level=info msg="ImageUpdate event &ImageUpdate{Name:registry.k8s.io/kube-scheduler:v1.28.6,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:11.390268 env[1477]: time="2024-02-09T12:32:11.390217503Z" level=info msg="ImageCreate event &ImageCreate{Name:registry.k8s.io/kube-scheduler@sha256:a89db556c34d652d403d909882dbd97336f2e935b1c726b2e2b2c0400186ac39,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:11.390638 env[1477]: time="2024-02-09T12:32:11.390582816Z" level=info msg="PullImage \"registry.k8s.io/kube-scheduler:v1.28.6\" returns image reference \"sha256:7597ecaaf12074e2980eee086736dbd01e566dc266351560001aa47dbbb0e5fe\"" Feb 9 12:32:11.395157 sshd[1939]: Invalid user jonfra from 104.248.145.46 port 54768 Feb 9 12:32:11.396764 sshd[1939]: pam_faillock(sshd:auth): User unknown Feb 9 12:32:11.396914 env[1477]: time="2024-02-09T12:32:11.396782556Z" level=info msg="PullImage \"registry.k8s.io/kube-proxy:v1.28.6\"" Feb 9 12:32:11.397112 sshd[1939]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:32:11.397131 sshd[1939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.145.46 Feb 9 12:32:11.397327 sshd[1939]: pam_faillock(sshd:auth): User unknown Feb 9 12:32:11.396000 audit[1939]: USER_AUTH pid=1939 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="jonfra" exe="/usr/sbin/sshd" hostname=104.248.145.46 addr=104.248.145.46 terminal=ssh res=failed' Feb 9 12:32:11.474308 kernel: audit: type=1100 audit(1707481931.396:390): pid=1939 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="jonfra" exe="/usr/sbin/sshd" hostname=104.248.145.46 addr=104.248.145.46 terminal=ssh res=failed' Feb 9 12:32:12.285846 systemd[1]: var-lib-containerd-tmpmounts-containerd\x2dmount1367810502.mount: Deactivated successfully. Feb 9 12:32:12.861968 env[1477]: time="2024-02-09T12:32:12.861914336Z" level=info msg="ImageCreate event &ImageCreate{Name:registry.k8s.io/kube-proxy:v1.28.6,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:12.862524 env[1477]: time="2024-02-09T12:32:12.862483042Z" level=info msg="ImageCreate event &ImageCreate{Name:sha256:342a759d88156b4f56ba522a1aed0e3d32d72542545346b40877f6583bebe05f,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:12.863199 env[1477]: time="2024-02-09T12:32:12.863160457Z" level=info msg="ImageUpdate event &ImageUpdate{Name:registry.k8s.io/kube-proxy:v1.28.6,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:12.863914 env[1477]: time="2024-02-09T12:32:12.863881795Z" level=info msg="ImageCreate event &ImageCreate{Name:registry.k8s.io/kube-proxy@sha256:3898a1671ae42be1cd3c2e777549bc7b5b306b8da3a224b747365f6679fb902a,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:12.864207 env[1477]: time="2024-02-09T12:32:12.864174434Z" level=info msg="PullImage \"registry.k8s.io/kube-proxy:v1.28.6\" returns image reference \"sha256:342a759d88156b4f56ba522a1aed0e3d32d72542545346b40877f6583bebe05f\"" Feb 9 12:32:12.870449 env[1477]: time="2024-02-09T12:32:12.870419559Z" level=info msg="PullImage \"registry.k8s.io/pause:3.9\"" Feb 9 12:32:12.871315 sshd[1939]: Failed password for invalid user jonfra from 104.248.145.46 port 54768 ssh2 Feb 9 12:32:13.093578 sshd[1939]: Received disconnect from 104.248.145.46 port 54768:11: Bye Bye [preauth] Feb 9 12:32:13.093578 sshd[1939]: Disconnected from invalid user jonfra 104.248.145.46 port 54768 [preauth] Feb 9 12:32:13.096126 systemd[1]: sshd@7-86.109.11.101:22-104.248.145.46:54768.service: Deactivated successfully. Feb 9 12:32:13.095000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@7-86.109.11.101:22-104.248.145.46:54768 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:13.176417 kernel: audit: type=1131 audit(1707481933.095:391): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@7-86.109.11.101:22-104.248.145.46:54768 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:13.347605 systemd[1]: var-lib-containerd-tmpmounts-containerd\x2dmount832340353.mount: Deactivated successfully. Feb 9 12:32:13.349047 env[1477]: time="2024-02-09T12:32:13.349002707Z" level=info msg="ImageCreate event &ImageCreate{Name:registry.k8s.io/pause:3.9,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:13.349667 env[1477]: time="2024-02-09T12:32:13.349618422Z" level=info msg="ImageCreate event &ImageCreate{Name:sha256:e6f1816883972d4be47bd48879a08919b96afcd344132622e4d444987919323c,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:13.350415 env[1477]: time="2024-02-09T12:32:13.350372594Z" level=info msg="ImageUpdate event &ImageUpdate{Name:registry.k8s.io/pause:3.9,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:13.351286 env[1477]: time="2024-02-09T12:32:13.351247323Z" level=info msg="ImageCreate event &ImageCreate{Name:registry.k8s.io/pause@sha256:7031c1b283388d2c2e09b57badb803c05ebed362dc88d84b480cc47f72a21097,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:13.351483 env[1477]: time="2024-02-09T12:32:13.351441028Z" level=info msg="PullImage \"registry.k8s.io/pause:3.9\" returns image reference \"sha256:e6f1816883972d4be47bd48879a08919b96afcd344132622e4d444987919323c\"" Feb 9 12:32:13.356656 env[1477]: time="2024-02-09T12:32:13.356638645Z" level=info msg="PullImage \"registry.k8s.io/etcd:3.5.9-0\"" Feb 9 12:32:13.792434 systemd[1]: kubelet.service: Scheduled restart job, restart counter is at 1. Feb 9 12:32:13.792910 systemd[1]: Stopped kubelet.service. Feb 9 12:32:13.791000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:13.796171 systemd[1]: Started kubelet.service. Feb 9 12:32:13.822821 kubelet[1975]: E0209 12:32:13.822801 1975 run.go:74] "command failed" err="failed to load kubelet config file, path: /var/lib/kubelet/config.yaml, error: failed to load Kubelet config file /var/lib/kubelet/config.yaml, error failed to read kubelet config file \"/var/lib/kubelet/config.yaml\", error: open /var/lib/kubelet/config.yaml: no such file or directory" Feb 9 12:32:13.824944 systemd[1]: kubelet.service: Main process exited, code=exited, status=1/FAILURE Feb 9 12:32:13.825011 systemd[1]: kubelet.service: Failed with result 'exit-code'. Feb 9 12:32:13.791000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:13.861127 systemd[1]: var-lib-containerd-tmpmounts-containerd\x2dmount2017673121.mount: Deactivated successfully. Feb 9 12:32:13.913937 kernel: audit: type=1130 audit(1707481933.791:392): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:13.913973 kernel: audit: type=1131 audit(1707481933.791:393): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:13.913991 kernel: audit: type=1130 audit(1707481933.795:394): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:13.795000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:13.975568 kernel: audit: type=1131 audit(1707481933.823:395): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' Feb 9 12:32:13.823000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' Feb 9 12:32:15.328525 systemd[1]: Started sshd@8-86.109.11.101:22-163.228.248.90:21239.service. Feb 9 12:32:15.327000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@8-86.109.11.101:22-163.228.248.90:21239 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:15.419352 kernel: audit: type=1130 audit(1707481935.327:396): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@8-86.109.11.101:22-163.228.248.90:21239 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:16.338692 sshd[1993]: Invalid user neel from 163.228.248.90 port 21239 Feb 9 12:32:16.339993 sshd[1993]: pam_faillock(sshd:auth): User unknown Feb 9 12:32:16.340213 sshd[1993]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:32:16.340248 sshd[1993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.228.248.90 Feb 9 12:32:16.340528 sshd[1993]: pam_faillock(sshd:auth): User unknown Feb 9 12:32:16.339000 audit[1993]: USER_AUTH pid=1993 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="neel" exe="/usr/sbin/sshd" hostname=163.228.248.90 addr=163.228.248.90 terminal=ssh res=failed' Feb 9 12:32:16.431314 kernel: audit: type=1100 audit(1707481936.339:397): pid=1993 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="neel" exe="/usr/sbin/sshd" hostname=163.228.248.90 addr=163.228.248.90 terminal=ssh res=failed' Feb 9 12:32:16.906698 env[1477]: time="2024-02-09T12:32:16.906650574Z" level=info msg="ImageCreate event &ImageCreate{Name:registry.k8s.io/etcd:3.5.9-0,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:16.907411 env[1477]: time="2024-02-09T12:32:16.907367149Z" level=info msg="ImageCreate event &ImageCreate{Name:sha256:73deb9a3f702532592a4167455f8bf2e5f5d900bcc959ba2fd2d35c321de1af9,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:16.908539 env[1477]: time="2024-02-09T12:32:16.908494142Z" level=info msg="ImageUpdate event &ImageUpdate{Name:registry.k8s.io/etcd:3.5.9-0,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:16.909973 env[1477]: time="2024-02-09T12:32:16.909939857Z" level=info msg="ImageCreate event &ImageCreate{Name:registry.k8s.io/etcd@sha256:e013d0d5e4e25d00c61a7ff839927a1f36479678f11e49502b53a5e0b14f10c3,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:16.910434 env[1477]: time="2024-02-09T12:32:16.910400124Z" level=info msg="PullImage \"registry.k8s.io/etcd:3.5.9-0\" returns image reference \"sha256:73deb9a3f702532592a4167455f8bf2e5f5d900bcc959ba2fd2d35c321de1af9\"" Feb 9 12:32:16.915893 env[1477]: time="2024-02-09T12:32:16.915847249Z" level=info msg="PullImage \"registry.k8s.io/coredns/coredns:v1.10.1\"" Feb 9 12:32:17.500409 systemd[1]: var-lib-containerd-tmpmounts-containerd\x2dmount3654643566.mount: Deactivated successfully. Feb 9 12:32:17.979345 env[1477]: time="2024-02-09T12:32:17.979302180Z" level=info msg="ImageCreate event &ImageCreate{Name:registry.k8s.io/coredns/coredns:v1.10.1,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:17.980049 env[1477]: time="2024-02-09T12:32:17.980034272Z" level=info msg="ImageCreate event &ImageCreate{Name:sha256:ead0a4a53df89fd173874b46093b6e62d8c72967bbf606d672c9e8c9b601a4fc,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:17.981510 env[1477]: time="2024-02-09T12:32:17.981465521Z" level=info msg="ImageUpdate event &ImageUpdate{Name:registry.k8s.io/coredns/coredns:v1.10.1,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:17.982257 env[1477]: time="2024-02-09T12:32:17.982197606Z" level=info msg="ImageCreate event &ImageCreate{Name:registry.k8s.io/coredns/coredns@sha256:a0ead06651cf580044aeb0a0feba63591858fb2e43ade8c9dea45a6a89ae7e5e,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:17.982694 env[1477]: time="2024-02-09T12:32:17.982636814Z" level=info msg="PullImage \"registry.k8s.io/coredns/coredns:v1.10.1\" returns image reference \"sha256:ead0a4a53df89fd173874b46093b6e62d8c72967bbf606d672c9e8c9b601a4fc\"" Feb 9 12:32:18.502521 sshd[1993]: Failed password for invalid user neel from 163.228.248.90 port 21239 ssh2 Feb 9 12:32:19.617270 sshd[1993]: Received disconnect from 163.228.248.90 port 21239:11: Bye Bye [preauth] Feb 9 12:32:19.617270 sshd[1993]: Disconnected from invalid user neel 163.228.248.90 port 21239 [preauth] Feb 9 12:32:19.617980 systemd[1]: sshd@8-86.109.11.101:22-163.228.248.90:21239.service: Deactivated successfully. Feb 9 12:32:19.616000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@8-86.109.11.101:22-163.228.248.90:21239 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:19.649119 systemd[1]: Started sshd@9-86.109.11.101:22-101.35.54.203:39806.service. Feb 9 12:32:19.647000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@9-86.109.11.101:22-101.35.54.203:39806 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:19.709311 kernel: audit: type=1131 audit(1707481939.616:398): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@8-86.109.11.101:22-163.228.248.90:21239 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:19.709343 kernel: audit: type=1130 audit(1707481939.647:399): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@9-86.109.11.101:22-101.35.54.203:39806 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:20.115906 systemd[1]: Stopped kubelet.service. Feb 9 12:32:20.114000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:20.125231 systemd[1]: Reloading. Feb 9 12:32:20.159337 /usr/lib/systemd/system-generators/torcx-generator[2143]: time="2024-02-09T12:32:20Z" level=debug msg="common configuration parsed" base_dir=/var/lib/torcx/ conf_dir=/etc/torcx/ run_dir=/run/torcx/ store_paths="[/usr/share/torcx/store /usr/share/oem/torcx/store/3510.3.2 /usr/share/oem/torcx/store /var/lib/torcx/store/3510.3.2 /var/lib/torcx/store]" Feb 9 12:32:20.159414 /usr/lib/systemd/system-generators/torcx-generator[2143]: time="2024-02-09T12:32:20Z" level=info msg="torcx already run" Feb 9 12:32:20.114000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:20.183284 kernel: audit: type=1130 audit(1707481940.114:400): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:20.183345 kernel: audit: type=1131 audit(1707481940.114:401): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:20.267562 systemd[1]: /usr/lib/systemd/system/locksmithd.service:8: Unit uses CPUShares=; please use CPUWeight= instead. Support for CPUShares= will be removed soon. Feb 9 12:32:20.267569 systemd[1]: /usr/lib/systemd/system/locksmithd.service:9: Unit uses MemoryLimit=; please use MemoryMax= instead. Support for MemoryLimit= will be removed soon. Feb 9 12:32:20.279684 systemd[1]: /run/systemd/system/docker.socket:8: ListenStream= references a path below legacy directory /var/run/, updating /var/run/docker.sock → /run/docker.sock; please update the unit file accordingly. Feb 9 12:32:20.322000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.322000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.450915 kernel: audit: type=1400 audit(1707481940.322:402): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.450976 kernel: audit: type=1400 audit(1707481940.322:403): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.450992 kernel: audit: type=1400 audit(1707481940.322:404): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.322000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.514439 kernel: audit: type=1400 audit(1707481940.322:405): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.322000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.578279 kernel: audit: type=1400 audit(1707481940.322:406): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.322000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.322000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.322000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.322000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.322000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.449000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.449000 audit: BPF prog-id=52 op=LOAD Feb 9 12:32:20.449000 audit: BPF prog-id=37 op=UNLOAD Feb 9 12:32:20.450000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.450000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.450000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.450000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.450000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.450000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.450000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.450000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.450000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.577000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.577000 audit: BPF prog-id=53 op=LOAD Feb 9 12:32:20.577000 audit: BPF prog-id=38 op=UNLOAD Feb 9 12:32:20.577000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.577000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.577000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.577000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.577000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.577000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.577000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.577000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.577000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.640000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.640000 audit: BPF prog-id=54 op=LOAD Feb 9 12:32:20.640000 audit: BPF prog-id=39 op=UNLOAD Feb 9 12:32:20.641000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.641000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.641000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.641000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.641000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.641000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.641000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.641000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.641000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.641000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.641000 audit: BPF prog-id=55 op=LOAD Feb 9 12:32:20.641000 audit: BPF prog-id=40 op=UNLOAD Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit: BPF prog-id=56 op=LOAD Feb 9 12:32:20.642000 audit: BPF prog-id=41 op=UNLOAD Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit: BPF prog-id=57 op=LOAD Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.642000 audit: BPF prog-id=58 op=LOAD Feb 9 12:32:20.642000 audit: BPF prog-id=42 op=UNLOAD Feb 9 12:32:20.642000 audit: BPF prog-id=43 op=UNLOAD Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit: BPF prog-id=59 op=LOAD Feb 9 12:32:20.643000 audit: BPF prog-id=44 op=UNLOAD Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit: BPF prog-id=60 op=LOAD Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.643000 audit: BPF prog-id=61 op=LOAD Feb 9 12:32:20.643000 audit: BPF prog-id=45 op=UNLOAD Feb 9 12:32:20.643000 audit: BPF prog-id=46 op=UNLOAD Feb 9 12:32:20.644000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.644000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.644000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.644000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.644000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.644000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.644000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.644000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.644000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.644000 audit: BPF prog-id=62 op=LOAD Feb 9 12:32:20.644000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.644000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.644000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.644000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.644000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.644000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.644000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.644000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.644000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.644000 audit: BPF prog-id=63 op=LOAD Feb 9 12:32:20.644000 audit: BPF prog-id=47 op=UNLOAD Feb 9 12:32:20.644000 audit: BPF prog-id=48 op=UNLOAD Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit: BPF prog-id=64 op=LOAD Feb 9 12:32:20.645000 audit: BPF prog-id=49 op=UNLOAD Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit: BPF prog-id=65 op=LOAD Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:20.645000 audit: BPF prog-id=66 op=LOAD Feb 9 12:32:20.645000 audit: BPF prog-id=50 op=UNLOAD Feb 9 12:32:20.645000 audit: BPF prog-id=51 op=UNLOAD Feb 9 12:32:20.650184 sshd[2116]: Invalid user brio from 101.35.54.203 port 39806 Feb 9 12:32:20.651452 sshd[2116]: pam_faillock(sshd:auth): User unknown Feb 9 12:32:20.652498 sshd[2116]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:32:20.651000 audit[2116]: USER_AUTH pid=2116 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="brio" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:32:20.652000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:20.652516 sshd[2116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.35.54.203 Feb 9 12:32:20.653710 systemd[1]: Started kubelet.service. Feb 9 12:32:20.652941 sshd[2116]: pam_faillock(sshd:auth): User unknown Feb 9 12:32:20.677450 kubelet[2204]: Flag --container-runtime-endpoint has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/ for more information. Feb 9 12:32:20.677450 kubelet[2204]: Flag --pod-infra-container-image has been deprecated, will be removed in a future release. Image garbage collector will get sandbox image information from CRI. Feb 9 12:32:20.677450 kubelet[2204]: Flag --volume-plugin-dir has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/ for more information. Feb 9 12:32:20.677450 kubelet[2204]: I0209 12:32:20.677434 2204 server.go:203] "--pod-infra-container-image will not be pruned by the image garbage collector in kubelet and should also be set in the remote runtime" Feb 9 12:32:21.139457 kubelet[2204]: I0209 12:32:21.139413 2204 server.go:467] "Kubelet version" kubeletVersion="v1.28.1" Feb 9 12:32:21.139457 kubelet[2204]: I0209 12:32:21.139424 2204 server.go:469] "Golang settings" GOGC="" GOMAXPROCS="" GOTRACEBACK="" Feb 9 12:32:21.139590 kubelet[2204]: I0209 12:32:21.139557 2204 server.go:895] "Client rotation is on, will bootstrap in background" Feb 9 12:32:21.142196 kubelet[2204]: I0209 12:32:21.142163 2204 dynamic_cafile_content.go:157] "Starting controller" name="client-ca-bundle::/etc/kubernetes/pki/ca.crt" Feb 9 12:32:21.142869 kubelet[2204]: E0209 12:32:21.142835 2204 certificate_manager.go:562] kubernetes.io/kube-apiserver-client-kubelet: Failed while requesting a signed certificate from the control plane: cannot create certificate signing request: Post "https://86.109.11.101:6443/apis/certificates.k8s.io/v1/certificatesigningrequests": dial tcp 86.109.11.101:6443: connect: connection refused Feb 9 12:32:21.163061 kubelet[2204]: I0209 12:32:21.163026 2204 server.go:725] "--cgroups-per-qos enabled, but --cgroup-root was not specified. defaulting to /" Feb 9 12:32:21.163149 kubelet[2204]: I0209 12:32:21.163144 2204 container_manager_linux.go:265] "Container manager verified user specified cgroup-root exists" cgroupRoot=[] Feb 9 12:32:21.163330 kubelet[2204]: I0209 12:32:21.163290 2204 container_manager_linux.go:270] "Creating Container Manager object based on Node Config" nodeConfig={"RuntimeCgroupsName":"","SystemCgroupsName":"","KubeletCgroupsName":"","KubeletOOMScoreAdj":-999,"ContainerRuntime":"","CgroupsPerQOS":true,"CgroupRoot":"/","CgroupDriver":"systemd","KubeletRootDir":"/var/lib/kubelet","ProtectKernelDefaults":false,"KubeReservedCgroupName":"","SystemReservedCgroupName":"","ReservedSystemCPUs":{},"EnforceNodeAllocatable":{"pods":{}},"KubeReserved":null,"SystemReserved":null,"HardEvictionThresholds":[{"Signal":"memory.available","Operator":"LessThan","Value":{"Quantity":"100Mi","Percentage":0},"GracePeriod":0,"MinReclaim":null},{"Signal":"nodefs.available","Operator":"LessThan","Value":{"Quantity":null,"Percentage":0.1},"GracePeriod":0,"MinReclaim":null},{"Signal":"nodefs.inodesFree","Operator":"LessThan","Value":{"Quantity":null,"Percentage":0.05},"GracePeriod":0,"MinReclaim":null},{"Signal":"imagefs.available","Operator":"LessThan","Value":{"Quantity":null,"Percentage":0.15},"GracePeriod":0,"MinReclaim":null}],"QOSReserved":{},"CPUManagerPolicy":"none","CPUManagerPolicyOptions":null,"TopologyManagerScope":"container","CPUManagerReconcilePeriod":10000000000,"ExperimentalMemoryManagerPolicy":"None","ExperimentalMemoryManagerReservedMemory":null,"PodPidsLimit":-1,"EnforceCPULimits":true,"CPUCFSQuotaPeriod":100000000,"TopologyManagerPolicy":"none","TopologyManagerPolicyOptions":null} Feb 9 12:32:21.163330 kubelet[2204]: I0209 12:32:21.163303 2204 topology_manager.go:138] "Creating topology manager with none policy" Feb 9 12:32:21.163330 kubelet[2204]: I0209 12:32:21.163308 2204 container_manager_linux.go:301] "Creating device plugin manager" Feb 9 12:32:21.163437 kubelet[2204]: I0209 12:32:21.163357 2204 state_mem.go:36] "Initialized new in-memory state store" Feb 9 12:32:21.163437 kubelet[2204]: I0209 12:32:21.163396 2204 kubelet.go:393] "Attempting to sync node with API server" Feb 9 12:32:21.163437 kubelet[2204]: I0209 12:32:21.163404 2204 kubelet.go:298] "Adding static pod path" path="/etc/kubernetes/manifests" Feb 9 12:32:21.163437 kubelet[2204]: I0209 12:32:21.163415 2204 kubelet.go:309] "Adding apiserver pod source" Feb 9 12:32:21.163437 kubelet[2204]: I0209 12:32:21.163423 2204 apiserver.go:42] "Waiting for node sync before watching apiserver pods" Feb 9 12:32:21.163675 kubelet[2204]: W0209 12:32:21.163655 2204 reflector.go:535] vendor/k8s.io/client-go/informers/factory.go:150: failed to list *v1.Node: Get "https://86.109.11.101:6443/api/v1/nodes?fieldSelector=metadata.name%3Dci-3510.3.2-a-260490bd8e&limit=500&resourceVersion=0": dial tcp 86.109.11.101:6443: connect: connection refused Feb 9 12:32:21.163711 kubelet[2204]: E0209 12:32:21.163681 2204 reflector.go:147] vendor/k8s.io/client-go/informers/factory.go:150: Failed to watch *v1.Node: failed to list *v1.Node: Get "https://86.109.11.101:6443/api/v1/nodes?fieldSelector=metadata.name%3Dci-3510.3.2-a-260490bd8e&limit=500&resourceVersion=0": dial tcp 86.109.11.101:6443: connect: connection refused Feb 9 12:32:21.163746 kubelet[2204]: I0209 12:32:21.163710 2204 kuberuntime_manager.go:257] "Container runtime initialized" containerRuntime="containerd" version="1.6.16" apiVersion="v1" Feb 9 12:32:21.163746 kubelet[2204]: W0209 12:32:21.163704 2204 reflector.go:535] vendor/k8s.io/client-go/informers/factory.go:150: failed to list *v1.Service: Get "https://86.109.11.101:6443/api/v1/services?limit=500&resourceVersion=0": dial tcp 86.109.11.101:6443: connect: connection refused Feb 9 12:32:21.163807 kubelet[2204]: E0209 12:32:21.163769 2204 reflector.go:147] vendor/k8s.io/client-go/informers/factory.go:150: Failed to watch *v1.Service: failed to list *v1.Service: Get "https://86.109.11.101:6443/api/v1/services?limit=500&resourceVersion=0": dial tcp 86.109.11.101:6443: connect: connection refused Feb 9 12:32:21.164038 kubelet[2204]: W0209 12:32:21.163987 2204 probe.go:268] Flexvolume plugin directory at /opt/libexec/kubernetes/kubelet-plugins/volume/exec/ does not exist. Recreating. Feb 9 12:32:21.164413 kubelet[2204]: I0209 12:32:21.164365 2204 server.go:1232] "Started kubelet" Feb 9 12:32:21.164467 kubelet[2204]: I0209 12:32:21.164424 2204 server.go:162] "Starting to listen" address="0.0.0.0" port=10250 Feb 9 12:32:21.164467 kubelet[2204]: I0209 12:32:21.164430 2204 ratelimit.go:65] "Setting rate limiting for podresources endpoint" qps=100 burstTokens=10 Feb 9 12:32:21.164658 kubelet[2204]: I0209 12:32:21.164647 2204 server.go:233] "Starting to serve the podresources API" endpoint="unix:/var/lib/kubelet/pod-resources/kubelet.sock" Feb 9 12:32:21.164693 kubelet[2204]: E0209 12:32:21.164616 2204 event.go:289] Unable to write event: '&v1.Event{TypeMeta:v1.TypeMeta{Kind:"", APIVersion:""}, ObjectMeta:v1.ObjectMeta{Name:"ci-3510.3.2-a-260490bd8e.17b231c7637eca84", GenerateName:"", Namespace:"default", SelfLink:"", UID:"", ResourceVersion:"", Generation:0, CreationTimestamp:time.Date(1, time.January, 1, 0, 0, 0, 0, time.UTC), DeletionTimestamp:, DeletionGracePeriodSeconds:(*int64)(nil), Labels:map[string]string(nil), Annotations:map[string]string(nil), OwnerReferences:[]v1.OwnerReference(nil), Finalizers:[]string(nil), ManagedFields:[]v1.ManagedFieldsEntry(nil)}, InvolvedObject:v1.ObjectReference{Kind:"Node", Namespace:"", Name:"ci-3510.3.2-a-260490bd8e", UID:"ci-3510.3.2-a-260490bd8e", APIVersion:"", ResourceVersion:"", FieldPath:""}, Reason:"Starting", Message:"Starting kubelet.", Source:v1.EventSource{Component:"kubelet", Host:"ci-3510.3.2-a-260490bd8e"}, FirstTimestamp:time.Date(2024, time.February, 9, 12, 32, 21, 164345988, time.Local), LastTimestamp:time.Date(2024, time.February, 9, 12, 32, 21, 164345988, time.Local), Count:1, Type:"Normal", EventTime:time.Date(1, time.January, 1, 0, 0, 0, 0, time.UTC), Series:(*v1.EventSeries)(nil), Action:"", Related:(*v1.ObjectReference)(nil), ReportingController:"kubelet", ReportingInstance:"ci-3510.3.2-a-260490bd8e"}': 'Post "https://86.109.11.101:6443/api/v1/namespaces/default/events": dial tcp 86.109.11.101:6443: connect: connection refused'(may retry after sleeping) Feb 9 12:32:21.164759 kubelet[2204]: E0209 12:32:21.164752 2204 cri_stats_provider.go:448] "Failed to get the info of the filesystem with mountpoint" err="unable to find data in memory cache" mountpoint="/var/lib/containerd/io.containerd.snapshotter.v1.overlayfs" Feb 9 12:32:21.164785 kubelet[2204]: E0209 12:32:21.164763 2204 kubelet.go:1431] "Image garbage collection failed once. Stats initialization may not have completed yet" err="invalid capacity 0 on image filesystem" Feb 9 12:32:21.164000 audit[2204]: AVC avc: denied { mac_admin } for pid=2204 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:21.164000 audit: SELINUX_ERR op=setxattr invalid_context="system_u:object_r:container_file_t:s0" Feb 9 12:32:21.164000 audit[2204]: SYSCALL arch=c000003e syscall=188 success=no exit=-22 a0=c0007c8bd0 a1=c0007c4678 a2=c0007c8ba0 a3=25 items=0 ppid=1 pid=2204 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/opt/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:21.164000 audit: PROCTITLE proctitle=2F6F70742F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 Feb 9 12:32:21.164000 audit[2204]: AVC avc: denied { mac_admin } for pid=2204 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:21.164000 audit: SELINUX_ERR op=setxattr invalid_context="system_u:object_r:container_file_t:s0" Feb 9 12:32:21.164000 audit[2204]: SYSCALL arch=c000003e syscall=188 success=no exit=-22 a0=c0007b63e0 a1=c0007c4690 a2=c0007c8c60 a3=25 items=0 ppid=1 pid=2204 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/opt/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:21.164000 audit: PROCTITLE proctitle=2F6F70742F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 Feb 9 12:32:21.165698 kubelet[2204]: I0209 12:32:21.165420 2204 kubelet.go:1386] "Unprivileged containerized plugins might not work, could not set selinux context on plugin registration dir" path="/var/lib/kubelet/plugins_registry" err="setxattr /var/lib/kubelet/plugins_registry: invalid argument" Feb 9 12:32:21.165698 kubelet[2204]: I0209 12:32:21.165456 2204 kubelet.go:1390] "Unprivileged containerized plugins might not work, could not set selinux context on plugins dir" path="/var/lib/kubelet/plugins" err="setxattr /var/lib/kubelet/plugins: invalid argument" Feb 9 12:32:21.165698 kubelet[2204]: I0209 12:32:21.165499 2204 server.go:462] "Adding debug handlers to kubelet server" Feb 9 12:32:21.165698 kubelet[2204]: I0209 12:32:21.165503 2204 fs_resource_analyzer.go:67] "Starting FS ResourceAnalyzer" Feb 9 12:32:21.165698 kubelet[2204]: I0209 12:32:21.165589 2204 volume_manager.go:291] "Starting Kubelet Volume Manager" Feb 9 12:32:21.165698 kubelet[2204]: I0209 12:32:21.165643 2204 desired_state_of_world_populator.go:151] "Desired state populator starts to run" Feb 9 12:32:21.165698 kubelet[2204]: E0209 12:32:21.165649 2204 kubelet_node_status.go:458] "Error getting the current node from lister" err="node \"ci-3510.3.2-a-260490bd8e\" not found" Feb 9 12:32:21.165698 kubelet[2204]: I0209 12:32:21.165671 2204 reconciler_new.go:29] "Reconciler: start to sync state" Feb 9 12:32:21.165891 kubelet[2204]: E0209 12:32:21.165837 2204 controller.go:146] "Failed to ensure lease exists, will retry" err="Get \"https://86.109.11.101:6443/apis/coordination.k8s.io/v1/namespaces/kube-node-lease/leases/ci-3510.3.2-a-260490bd8e?timeout=10s\": dial tcp 86.109.11.101:6443: connect: connection refused" interval="200ms" Feb 9 12:32:21.165891 kubelet[2204]: W0209 12:32:21.165832 2204 reflector.go:535] vendor/k8s.io/client-go/informers/factory.go:150: failed to list *v1.CSIDriver: Get "https://86.109.11.101:6443/apis/storage.k8s.io/v1/csidrivers?limit=500&resourceVersion=0": dial tcp 86.109.11.101:6443: connect: connection refused Feb 9 12:32:21.165891 kubelet[2204]: E0209 12:32:21.165867 2204 reflector.go:147] vendor/k8s.io/client-go/informers/factory.go:150: Failed to watch *v1.CSIDriver: failed to list *v1.CSIDriver: Get "https://86.109.11.101:6443/apis/storage.k8s.io/v1/csidrivers?limit=500&resourceVersion=0": dial tcp 86.109.11.101:6443: connect: connection refused Feb 9 12:32:21.166000 audit[2228]: NETFILTER_CFG table=mangle:26 family=2 entries=2 op=nft_register_chain pid=2228 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:21.166000 audit[2228]: SYSCALL arch=c000003e syscall=46 success=yes exit=136 a0=3 a1=7ffe4108a0f0 a2=0 a3=7ffe4108a0dc items=0 ppid=2204 pid=2228 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:21.166000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D49505441424C45532D48494E54002D74006D616E676C65 Feb 9 12:32:21.166000 audit[2229]: NETFILTER_CFG table=filter:27 family=2 entries=1 op=nft_register_chain pid=2229 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:21.166000 audit[2229]: SYSCALL arch=c000003e syscall=46 success=yes exit=100 a0=3 a1=7ffc4e82eba0 a2=0 a3=7ffc4e82eb8c items=0 ppid=2204 pid=2229 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:21.166000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D4649524557414C4C002D740066696C746572 Feb 9 12:32:21.167000 audit[2231]: NETFILTER_CFG table=filter:28 family=2 entries=2 op=nft_register_chain pid=2231 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:21.167000 audit[2231]: SYSCALL arch=c000003e syscall=46 success=yes exit=312 a0=3 a1=7ffe208ff080 a2=0 a3=7ffe208ff06c items=0 ppid=2204 pid=2231 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:21.167000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D49004F5554505554002D740066696C746572002D6A004B5542452D4649524557414C4C Feb 9 12:32:21.168000 audit[2233]: NETFILTER_CFG table=filter:29 family=2 entries=2 op=nft_register_chain pid=2233 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:21.168000 audit[2233]: SYSCALL arch=c000003e syscall=46 success=yes exit=312 a0=3 a1=7fff846ae250 a2=0 a3=7fff846ae23c items=0 ppid=2204 pid=2233 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:21.168000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4900494E505554002D740066696C746572002D6A004B5542452D4649524557414C4C Feb 9 12:32:21.171000 audit[2236]: NETFILTER_CFG table=filter:30 family=2 entries=1 op=nft_register_rule pid=2236 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:21.171000 audit[2236]: SYSCALL arch=c000003e syscall=46 success=yes exit=924 a0=3 a1=7fff1518c260 a2=0 a3=7fff1518c24c items=0 ppid=2204 pid=2236 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:21.171000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D41004B5542452D4649524557414C4C002D740066696C746572002D6D00636F6D6D656E74002D2D636F6D6D656E7400626C6F636B20696E636F6D696E67206C6F63616C6E657420636F6E6E656374696F6E73002D2D647374003132372E302E302E302F38 Feb 9 12:32:21.172951 kubelet[2204]: I0209 12:32:21.172919 2204 kubelet_network_linux.go:50] "Initialized iptables rules." protocol="IPv4" Feb 9 12:32:21.172000 audit[2237]: NETFILTER_CFG table=mangle:31 family=10 entries=2 op=nft_register_chain pid=2237 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:21.172000 audit[2237]: SYSCALL arch=c000003e syscall=46 success=yes exit=136 a0=3 a1=7ffc3d363450 a2=0 a3=7ffc3d36343c items=0 ppid=2204 pid=2237 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:21.172000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4E004B5542452D49505441424C45532D48494E54002D74006D616E676C65 Feb 9 12:32:21.172000 audit[2239]: NETFILTER_CFG table=mangle:32 family=2 entries=1 op=nft_register_chain pid=2239 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:21.172000 audit[2239]: SYSCALL arch=c000003e syscall=46 success=yes exit=104 a0=3 a1=7ffe9fb42bc0 a2=0 a3=7ffe9fb42bac items=0 ppid=2204 pid=2239 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:21.172000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D4B5542454C45542D43414E415259002D74006D616E676C65 Feb 9 12:32:21.173685 kubelet[2204]: I0209 12:32:21.173505 2204 kubelet_network_linux.go:50] "Initialized iptables rules." protocol="IPv6" Feb 9 12:32:21.173685 kubelet[2204]: I0209 12:32:21.173521 2204 status_manager.go:217] "Starting to sync pod status with apiserver" Feb 9 12:32:21.173685 kubelet[2204]: I0209 12:32:21.173531 2204 kubelet.go:2303] "Starting kubelet main sync loop" Feb 9 12:32:21.173685 kubelet[2204]: E0209 12:32:21.173575 2204 kubelet.go:2327] "Skipping pod synchronization" err="[container runtime status check may not have completed yet, PLEG is not healthy: pleg has yet to be successful]" Feb 9 12:32:21.173978 kubelet[2204]: W0209 12:32:21.173953 2204 reflector.go:535] vendor/k8s.io/client-go/informers/factory.go:150: failed to list *v1.RuntimeClass: Get "https://86.109.11.101:6443/apis/node.k8s.io/v1/runtimeclasses?limit=500&resourceVersion=0": dial tcp 86.109.11.101:6443: connect: connection refused Feb 9 12:32:21.174004 kubelet[2204]: E0209 12:32:21.173988 2204 reflector.go:147] vendor/k8s.io/client-go/informers/factory.go:150: Failed to watch *v1.RuntimeClass: failed to list *v1.RuntimeClass: Get "https://86.109.11.101:6443/apis/node.k8s.io/v1/runtimeclasses?limit=500&resourceVersion=0": dial tcp 86.109.11.101:6443: connect: connection refused Feb 9 12:32:21.172000 audit[2240]: NETFILTER_CFG table=nat:33 family=2 entries=1 op=nft_register_chain pid=2240 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:21.172000 audit[2240]: SYSCALL arch=c000003e syscall=46 success=yes exit=100 a0=3 a1=7ffeacd74a80 a2=0 a3=7ffeacd74a6c items=0 ppid=2204 pid=2240 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:21.172000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D4B5542454C45542D43414E415259002D74006E6174 Feb 9 12:32:21.172000 audit[2241]: NETFILTER_CFG table=mangle:34 family=10 entries=1 op=nft_register_chain pid=2241 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:21.172000 audit[2241]: SYSCALL arch=c000003e syscall=46 success=yes exit=104 a0=3 a1=7ffeb9e51410 a2=0 a3=7ffeb9e513fc items=0 ppid=2204 pid=2241 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:21.172000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4E004B5542452D4B5542454C45542D43414E415259002D74006D616E676C65 Feb 9 12:32:21.173000 audit[2242]: NETFILTER_CFG table=filter:35 family=2 entries=1 op=nft_register_chain pid=2242 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:21.173000 audit[2242]: SYSCALL arch=c000003e syscall=46 success=yes exit=104 a0=3 a1=7fffc6653610 a2=0 a3=7fffc66535fc items=0 ppid=2204 pid=2242 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:21.173000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D4B5542454C45542D43414E415259002D740066696C746572 Feb 9 12:32:21.173000 audit[2243]: NETFILTER_CFG table=nat:36 family=10 entries=2 op=nft_register_chain pid=2243 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:21.173000 audit[2243]: SYSCALL arch=c000003e syscall=46 success=yes exit=128 a0=3 a1=7ffdbcfad430 a2=0 a3=7ffdbcfad41c items=0 ppid=2204 pid=2243 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:21.173000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4E004B5542452D4B5542454C45542D43414E415259002D74006E6174 Feb 9 12:32:21.173000 audit[2244]: NETFILTER_CFG table=filter:37 family=10 entries=2 op=nft_register_chain pid=2244 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:21.173000 audit[2244]: SYSCALL arch=c000003e syscall=46 success=yes exit=136 a0=3 a1=7ffc8c0ccb40 a2=0 a3=7ffc8c0ccb2c items=0 ppid=2204 pid=2244 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:21.173000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4E004B5542452D4B5542454C45542D43414E415259002D740066696C746572 Feb 9 12:32:21.191122 kubelet[2204]: I0209 12:32:21.191070 2204 cpu_manager.go:214] "Starting CPU manager" policy="none" Feb 9 12:32:21.191122 kubelet[2204]: I0209 12:32:21.191077 2204 cpu_manager.go:215] "Reconciling" reconcilePeriod="10s" Feb 9 12:32:21.191122 kubelet[2204]: I0209 12:32:21.191085 2204 state_mem.go:36] "Initialized new in-memory state store" Feb 9 12:32:21.192026 kubelet[2204]: I0209 12:32:21.191994 2204 policy_none.go:49] "None policy: Start" Feb 9 12:32:21.192238 kubelet[2204]: I0209 12:32:21.192225 2204 memory_manager.go:169] "Starting memorymanager" policy="None" Feb 9 12:32:21.192265 kubelet[2204]: I0209 12:32:21.192248 2204 state_mem.go:35] "Initializing new in-memory state store" Feb 9 12:32:21.194506 systemd[1]: Created slice kubepods.slice. Feb 9 12:32:21.196742 systemd[1]: Created slice kubepods-burstable.slice. Feb 9 12:32:21.198196 systemd[1]: Created slice kubepods-besteffort.slice. Feb 9 12:32:21.220000 audit[2204]: AVC avc: denied { mac_admin } for pid=2204 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:21.220000 audit: SELINUX_ERR op=setxattr invalid_context="system_u:object_r:container_file_t:s0" Feb 9 12:32:21.220000 audit[2204]: SYSCALL arch=c000003e syscall=188 success=no exit=-22 a0=c000e70510 a1=c001288d98 a2=c000e704e0 a3=25 items=0 ppid=1 pid=2204 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/opt/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:21.220000 audit: PROCTITLE proctitle=2F6F70742F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 Feb 9 12:32:21.222387 kubelet[2204]: I0209 12:32:21.222008 2204 manager.go:471] "Failed to read data from checkpoint" checkpoint="kubelet_internal_checkpoint" err="checkpoint is not found" Feb 9 12:32:21.222387 kubelet[2204]: I0209 12:32:21.222097 2204 server.go:88] "Unprivileged containerized plugins might not work. Could not set selinux context on socket dir" path="/var/lib/kubelet/device-plugins/" err="setxattr /var/lib/kubelet/device-plugins/: invalid argument" Feb 9 12:32:21.222728 kubelet[2204]: I0209 12:32:21.222671 2204 plugin_manager.go:118] "Starting Kubelet Plugin Manager" Feb 9 12:32:21.223333 kubelet[2204]: E0209 12:32:21.223309 2204 eviction_manager.go:258] "Eviction manager: failed to get summary stats" err="failed to get node info: node \"ci-3510.3.2-a-260490bd8e\" not found" Feb 9 12:32:21.269870 kubelet[2204]: I0209 12:32:21.269779 2204 kubelet_node_status.go:70] "Attempting to register node" node="ci-3510.3.2-a-260490bd8e" Feb 9 12:32:21.270532 kubelet[2204]: E0209 12:32:21.270453 2204 kubelet_node_status.go:92] "Unable to register node with API server" err="Post \"https://86.109.11.101:6443/api/v1/nodes\": dial tcp 86.109.11.101:6443: connect: connection refused" node="ci-3510.3.2-a-260490bd8e" Feb 9 12:32:21.274741 kubelet[2204]: I0209 12:32:21.274648 2204 topology_manager.go:215] "Topology Admit Handler" podUID="35b68acd48b36a2481c968623e909753" podNamespace="kube-system" podName="kube-scheduler-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:21.277660 kubelet[2204]: I0209 12:32:21.277584 2204 topology_manager.go:215] "Topology Admit Handler" podUID="6a767ef805e5d5e36c96c93631fd2a26" podNamespace="kube-system" podName="kube-apiserver-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:21.280781 kubelet[2204]: I0209 12:32:21.280741 2204 topology_manager.go:215] "Topology Admit Handler" podUID="eff92a695d2caca746ff631dfa5da5d7" podNamespace="kube-system" podName="kube-controller-manager-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:21.291151 systemd[1]: Created slice kubepods-burstable-pod35b68acd48b36a2481c968623e909753.slice. Feb 9 12:32:21.333852 systemd[1]: Created slice kubepods-burstable-pod6a767ef805e5d5e36c96c93631fd2a26.slice. Feb 9 12:32:21.357472 systemd[1]: Created slice kubepods-burstable-podeff92a695d2caca746ff631dfa5da5d7.slice. Feb 9 12:32:21.366598 kubelet[2204]: I0209 12:32:21.366507 2204 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"k8s-certs\" (UniqueName: \"kubernetes.io/host-path/6a767ef805e5d5e36c96c93631fd2a26-k8s-certs\") pod \"kube-apiserver-ci-3510.3.2-a-260490bd8e\" (UID: \"6a767ef805e5d5e36c96c93631fd2a26\") " pod="kube-system/kube-apiserver-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:21.366598 kubelet[2204]: E0209 12:32:21.366592 2204 controller.go:146] "Failed to ensure lease exists, will retry" err="Get \"https://86.109.11.101:6443/apis/coordination.k8s.io/v1/namespaces/kube-node-lease/leases/ci-3510.3.2-a-260490bd8e?timeout=10s\": dial tcp 86.109.11.101:6443: connect: connection refused" interval="400ms" Feb 9 12:32:21.366867 kubelet[2204]: I0209 12:32:21.366594 2204 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"usr-share-ca-certificates\" (UniqueName: \"kubernetes.io/host-path/6a767ef805e5d5e36c96c93631fd2a26-usr-share-ca-certificates\") pod \"kube-apiserver-ci-3510.3.2-a-260490bd8e\" (UID: \"6a767ef805e5d5e36c96c93631fd2a26\") " pod="kube-system/kube-apiserver-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:21.366867 kubelet[2204]: I0209 12:32:21.366696 2204 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"kubeconfig\" (UniqueName: \"kubernetes.io/host-path/35b68acd48b36a2481c968623e909753-kubeconfig\") pod \"kube-scheduler-ci-3510.3.2-a-260490bd8e\" (UID: \"35b68acd48b36a2481c968623e909753\") " pod="kube-system/kube-scheduler-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:21.366867 kubelet[2204]: I0209 12:32:21.366813 2204 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"ca-certs\" (UniqueName: \"kubernetes.io/host-path/6a767ef805e5d5e36c96c93631fd2a26-ca-certs\") pod \"kube-apiserver-ci-3510.3.2-a-260490bd8e\" (UID: \"6a767ef805e5d5e36c96c93631fd2a26\") " pod="kube-system/kube-apiserver-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:21.467828 kubelet[2204]: I0209 12:32:21.467632 2204 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"flexvolume-dir\" (UniqueName: \"kubernetes.io/host-path/eff92a695d2caca746ff631dfa5da5d7-flexvolume-dir\") pod \"kube-controller-manager-ci-3510.3.2-a-260490bd8e\" (UID: \"eff92a695d2caca746ff631dfa5da5d7\") " pod="kube-system/kube-controller-manager-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:21.467828 kubelet[2204]: I0209 12:32:21.467729 2204 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"ca-certs\" (UniqueName: \"kubernetes.io/host-path/eff92a695d2caca746ff631dfa5da5d7-ca-certs\") pod \"kube-controller-manager-ci-3510.3.2-a-260490bd8e\" (UID: \"eff92a695d2caca746ff631dfa5da5d7\") " pod="kube-system/kube-controller-manager-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:21.467828 kubelet[2204]: I0209 12:32:21.467789 2204 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"k8s-certs\" (UniqueName: \"kubernetes.io/host-path/eff92a695d2caca746ff631dfa5da5d7-k8s-certs\") pod \"kube-controller-manager-ci-3510.3.2-a-260490bd8e\" (UID: \"eff92a695d2caca746ff631dfa5da5d7\") " pod="kube-system/kube-controller-manager-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:21.468271 kubelet[2204]: I0209 12:32:21.467885 2204 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"kubeconfig\" (UniqueName: \"kubernetes.io/host-path/eff92a695d2caca746ff631dfa5da5d7-kubeconfig\") pod \"kube-controller-manager-ci-3510.3.2-a-260490bd8e\" (UID: \"eff92a695d2caca746ff631dfa5da5d7\") " pod="kube-system/kube-controller-manager-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:21.468271 kubelet[2204]: I0209 12:32:21.467974 2204 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"usr-share-ca-certificates\" (UniqueName: \"kubernetes.io/host-path/eff92a695d2caca746ff631dfa5da5d7-usr-share-ca-certificates\") pod \"kube-controller-manager-ci-3510.3.2-a-260490bd8e\" (UID: \"eff92a695d2caca746ff631dfa5da5d7\") " pod="kube-system/kube-controller-manager-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:21.475249 kubelet[2204]: I0209 12:32:21.475192 2204 kubelet_node_status.go:70] "Attempting to register node" node="ci-3510.3.2-a-260490bd8e" Feb 9 12:32:21.475887 kubelet[2204]: E0209 12:32:21.475852 2204 kubelet_node_status.go:92] "Unable to register node with API server" err="Post \"https://86.109.11.101:6443/api/v1/nodes\": dial tcp 86.109.11.101:6443: connect: connection refused" node="ci-3510.3.2-a-260490bd8e" Feb 9 12:32:21.628554 env[1477]: time="2024-02-09T12:32:21.628467696Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:kube-scheduler-ci-3510.3.2-a-260490bd8e,Uid:35b68acd48b36a2481c968623e909753,Namespace:kube-system,Attempt:0,}" Feb 9 12:32:21.639433 env[1477]: time="2024-02-09T12:32:21.639363874Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:kube-apiserver-ci-3510.3.2-a-260490bd8e,Uid:6a767ef805e5d5e36c96c93631fd2a26,Namespace:kube-system,Attempt:0,}" Feb 9 12:32:21.662898 env[1477]: time="2024-02-09T12:32:21.662827269Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:kube-controller-manager-ci-3510.3.2-a-260490bd8e,Uid:eff92a695d2caca746ff631dfa5da5d7,Namespace:kube-system,Attempt:0,}" Feb 9 12:32:21.768142 kubelet[2204]: E0209 12:32:21.767983 2204 controller.go:146] "Failed to ensure lease exists, will retry" err="Get \"https://86.109.11.101:6443/apis/coordination.k8s.io/v1/namespaces/kube-node-lease/leases/ci-3510.3.2-a-260490bd8e?timeout=10s\": dial tcp 86.109.11.101:6443: connect: connection refused" interval="800ms" Feb 9 12:32:21.879960 kubelet[2204]: I0209 12:32:21.879868 2204 kubelet_node_status.go:70] "Attempting to register node" node="ci-3510.3.2-a-260490bd8e" Feb 9 12:32:21.880625 kubelet[2204]: E0209 12:32:21.880554 2204 kubelet_node_status.go:92] "Unable to register node with API server" err="Post \"https://86.109.11.101:6443/api/v1/nodes\": dial tcp 86.109.11.101:6443: connect: connection refused" node="ci-3510.3.2-a-260490bd8e" Feb 9 12:32:22.009533 kubelet[2204]: W0209 12:32:22.009384 2204 reflector.go:535] vendor/k8s.io/client-go/informers/factory.go:150: failed to list *v1.Node: Get "https://86.109.11.101:6443/api/v1/nodes?fieldSelector=metadata.name%3Dci-3510.3.2-a-260490bd8e&limit=500&resourceVersion=0": dial tcp 86.109.11.101:6443: connect: connection refused Feb 9 12:32:22.009533 kubelet[2204]: E0209 12:32:22.009517 2204 reflector.go:147] vendor/k8s.io/client-go/informers/factory.go:150: Failed to watch *v1.Node: failed to list *v1.Node: Get "https://86.109.11.101:6443/api/v1/nodes?fieldSelector=metadata.name%3Dci-3510.3.2-a-260490bd8e&limit=500&resourceVersion=0": dial tcp 86.109.11.101:6443: connect: connection refused Feb 9 12:32:22.118679 systemd[1]: var-lib-containerd-tmpmounts-containerd\x2dmount147459042.mount: Deactivated successfully. Feb 9 12:32:22.120542 env[1477]: time="2024-02-09T12:32:22.120523606Z" level=info msg="ImageCreate event &ImageCreate{Name:registry.k8s.io/pause:3.6,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:22.121821 env[1477]: time="2024-02-09T12:32:22.121773359Z" level=info msg="ImageUpdate event &ImageUpdate{Name:registry.k8s.io/pause:3.6,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:22.122383 env[1477]: time="2024-02-09T12:32:22.122369425Z" level=info msg="ImageCreate event &ImageCreate{Name:sha256:6270bb605e12e581514ada5fd5b3216f727db55dc87d5889c790e4c760683fee,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:22.123505 env[1477]: time="2024-02-09T12:32:22.123482642Z" level=info msg="ImageUpdate event &ImageUpdate{Name:registry.k8s.io/pause:3.6,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:22.124196 env[1477]: time="2024-02-09T12:32:22.124182094Z" level=info msg="ImageUpdate event &ImageUpdate{Name:sha256:6270bb605e12e581514ada5fd5b3216f727db55dc87d5889c790e4c760683fee,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:22.125928 env[1477]: time="2024-02-09T12:32:22.125881831Z" level=info msg="ImageUpdate event &ImageUpdate{Name:registry.k8s.io/pause:3.6,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:22.126394 env[1477]: time="2024-02-09T12:32:22.126354151Z" level=info msg="ImageUpdate event &ImageUpdate{Name:sha256:6270bb605e12e581514ada5fd5b3216f727db55dc87d5889c790e4c760683fee,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:22.127923 env[1477]: time="2024-02-09T12:32:22.127909619Z" level=info msg="ImageUpdate event &ImageUpdate{Name:registry.k8s.io/pause:3.6,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:22.129169 env[1477]: time="2024-02-09T12:32:22.129157123Z" level=info msg="ImageCreate event &ImageCreate{Name:registry.k8s.io/pause@sha256:3d380ca8864549e74af4b29c10f9cb0956236dfb01c40ca076fb6c37253234db,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:22.129594 env[1477]: time="2024-02-09T12:32:22.129582854Z" level=info msg="ImageUpdate event &ImageUpdate{Name:registry.k8s.io/pause:3.6,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:22.129961 env[1477]: time="2024-02-09T12:32:22.129950918Z" level=info msg="ImageUpdate event &ImageUpdate{Name:registry.k8s.io/pause@sha256:3d380ca8864549e74af4b29c10f9cb0956236dfb01c40ca076fb6c37253234db,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:22.130379 env[1477]: time="2024-02-09T12:32:22.130365824Z" level=info msg="ImageUpdate event &ImageUpdate{Name:registry.k8s.io/pause@sha256:3d380ca8864549e74af4b29c10f9cb0956236dfb01c40ca076fb6c37253234db,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:22.135774 env[1477]: time="2024-02-09T12:32:22.135737317Z" level=info msg="loading plugin \"io.containerd.event.v1.publisher\"..." runtime=io.containerd.runc.v2 type=io.containerd.event.v1 Feb 9 12:32:22.135774 env[1477]: time="2024-02-09T12:32:22.135759715Z" level=info msg="loading plugin \"io.containerd.internal.v1.shutdown\"..." runtime=io.containerd.runc.v2 type=io.containerd.internal.v1 Feb 9 12:32:22.135774 env[1477]: time="2024-02-09T12:32:22.135766578Z" level=info msg="loading plugin \"io.containerd.ttrpc.v1.task\"..." runtime=io.containerd.runc.v2 type=io.containerd.ttrpc.v1 Feb 9 12:32:22.135925 env[1477]: time="2024-02-09T12:32:22.135845339Z" level=info msg="starting signal loop" namespace=k8s.io path=/run/containerd/io.containerd.runtime.v2.task/k8s.io/de9ef640a50ad3986f97cb7ffac0dd3af0c9efeb42922b3d4ab6a6967e3b4623 pid=2254 runtime=io.containerd.runc.v2 Feb 9 12:32:22.137279 env[1477]: time="2024-02-09T12:32:22.137241018Z" level=info msg="loading plugin \"io.containerd.event.v1.publisher\"..." runtime=io.containerd.runc.v2 type=io.containerd.event.v1 Feb 9 12:32:22.137279 env[1477]: time="2024-02-09T12:32:22.137266495Z" level=info msg="loading plugin \"io.containerd.internal.v1.shutdown\"..." runtime=io.containerd.runc.v2 type=io.containerd.internal.v1 Feb 9 12:32:22.137279 env[1477]: time="2024-02-09T12:32:22.137273455Z" level=info msg="loading plugin \"io.containerd.ttrpc.v1.task\"..." runtime=io.containerd.runc.v2 type=io.containerd.ttrpc.v1 Feb 9 12:32:22.137384 env[1477]: time="2024-02-09T12:32:22.137286698Z" level=info msg="loading plugin \"io.containerd.event.v1.publisher\"..." runtime=io.containerd.runc.v2 type=io.containerd.event.v1 Feb 9 12:32:22.137384 env[1477]: time="2024-02-09T12:32:22.137306901Z" level=info msg="loading plugin \"io.containerd.internal.v1.shutdown\"..." runtime=io.containerd.runc.v2 type=io.containerd.internal.v1 Feb 9 12:32:22.137384 env[1477]: time="2024-02-09T12:32:22.137314647Z" level=info msg="loading plugin \"io.containerd.ttrpc.v1.task\"..." runtime=io.containerd.runc.v2 type=io.containerd.ttrpc.v1 Feb 9 12:32:22.137384 env[1477]: time="2024-02-09T12:32:22.137342933Z" level=info msg="starting signal loop" namespace=k8s.io path=/run/containerd/io.containerd.runtime.v2.task/k8s.io/1732c498a8bb46d83ce23c5ef8dce653f7056d9c08b2a7feb98a113a7ef54aaf pid=2277 runtime=io.containerd.runc.v2 Feb 9 12:32:22.137384 env[1477]: time="2024-02-09T12:32:22.137370709Z" level=info msg="starting signal loop" namespace=k8s.io path=/run/containerd/io.containerd.runtime.v2.task/k8s.io/e623ef6176585d74c471253af968e1f29798455242ec32dc833ebda6ce88743e pid=2278 runtime=io.containerd.runc.v2 Feb 9 12:32:22.143025 systemd[1]: Started cri-containerd-e623ef6176585d74c471253af968e1f29798455242ec32dc833ebda6ce88743e.scope. Feb 9 12:32:22.147000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.162878 kubelet[2204]: W0209 12:32:22.162847 2204 reflector.go:535] vendor/k8s.io/client-go/informers/factory.go:150: failed to list *v1.CSIDriver: Get "https://86.109.11.101:6443/apis/storage.k8s.io/v1/csidrivers?limit=500&resourceVersion=0": dial tcp 86.109.11.101:6443: connect: connection refused Feb 9 12:32:22.162932 kubelet[2204]: E0209 12:32:22.162885 2204 reflector.go:147] vendor/k8s.io/client-go/informers/factory.go:150: Failed to watch *v1.CSIDriver: failed to list *v1.CSIDriver: Get "https://86.109.11.101:6443/apis/storage.k8s.io/v1/csidrivers?limit=500&resourceVersion=0": dial tcp 86.109.11.101:6443: connect: connection refused Feb 9 12:32:22.175634 kernel: kauditd_printk_skb: 217 callbacks suppressed Feb 9 12:32:22.175718 kernel: audit: type=1400 audit(1707481942.147:591): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.147000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.256277 kubelet[2204]: W0209 12:32:22.256252 2204 reflector.go:535] vendor/k8s.io/client-go/informers/factory.go:150: failed to list *v1.RuntimeClass: Get "https://86.109.11.101:6443/apis/node.k8s.io/v1/runtimeclasses?limit=500&resourceVersion=0": dial tcp 86.109.11.101:6443: connect: connection refused Feb 9 12:32:22.256277 kubelet[2204]: E0209 12:32:22.256279 2204 reflector.go:147] vendor/k8s.io/client-go/informers/factory.go:150: Failed to watch *v1.RuntimeClass: failed to list *v1.RuntimeClass: Get "https://86.109.11.101:6443/apis/node.k8s.io/v1/runtimeclasses?limit=500&resourceVersion=0": dial tcp 86.109.11.101:6443: connect: connection refused Feb 9 12:32:22.303944 kernel: audit: type=1400 audit(1707481942.147:592): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.303982 kernel: audit: type=1400 audit(1707481942.147:593): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.147000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.305748 systemd[1]: Started cri-containerd-1732c498a8bb46d83ce23c5ef8dce653f7056d9c08b2a7feb98a113a7ef54aaf.scope. Feb 9 12:32:22.306317 systemd[1]: Started cri-containerd-de9ef640a50ad3986f97cb7ffac0dd3af0c9efeb42922b3d4ab6a6967e3b4623.scope. Feb 9 12:32:22.368314 kernel: audit: type=1400 audit(1707481942.147:594): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.147000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.432983 kernel: audit: type=1400 audit(1707481942.147:595): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.147000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.497655 kernel: audit: type=1400 audit(1707481942.147:596): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.147000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.562285 kernel: audit: audit_backlog=65 > audit_backlog_limit=64 Feb 9 12:32:22.562312 kernel: audit: type=1400 audit(1707481942.147:597): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.147000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.568874 kubelet[2204]: E0209 12:32:22.568861 2204 controller.go:146] "Failed to ensure lease exists, will retry" err="Get \"https://86.109.11.101:6443/apis/coordination.k8s.io/v1/namespaces/kube-node-lease/leases/ci-3510.3.2-a-260490bd8e?timeout=10s\": dial tcp 86.109.11.101:6443: connect: connection refused" interval="1.6s" Feb 9 12:32:22.589671 kernel: audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 Feb 9 12:32:22.589697 kernel: audit: backlog limit exceeded Feb 9 12:32:22.147000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.147000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.302000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.302000 audit: BPF prog-id=67 op=LOAD Feb 9 12:32:22.303000 audit[2303]: AVC avc: denied { bpf } for pid=2303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.303000 audit[2303]: SYSCALL arch=c000003e syscall=321 success=yes exit=0 a0=f a1=c000147c48 a2=10 a3=1c items=0 ppid=2278 pid=2303 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.303000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6536323365663631373635383564373463343731323533616639363865 Feb 9 12:32:22.303000 audit[2303]: AVC avc: denied { perfmon } for pid=2303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.303000 audit[2303]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c0001476b0 a2=3c a3=c items=0 ppid=2278 pid=2303 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.303000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6536323365663631373635383564373463343731323533616639363865 Feb 9 12:32:22.303000 audit[2303]: AVC avc: denied { bpf } for pid=2303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.303000 audit[2303]: AVC avc: denied { bpf } for pid=2303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.303000 audit[2303]: AVC avc: denied { bpf } for pid=2303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.303000 audit[2303]: AVC avc: denied { perfmon } for pid=2303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.303000 audit[2303]: AVC avc: denied { perfmon } for pid=2303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.303000 audit[2303]: AVC avc: denied { perfmon } for pid=2303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.303000 audit[2303]: AVC avc: denied { perfmon } for pid=2303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.303000 audit[2303]: AVC avc: denied { perfmon } for pid=2303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.303000 audit[2303]: AVC avc: denied { bpf } for pid=2303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.309000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.309000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.309000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.309000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.309000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.309000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.309000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.309000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.309000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.303000 audit[2303]: AVC avc: denied { bpf } for pid=2303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.303000 audit: BPF prog-id=69 op=LOAD Feb 9 12:32:22.496000 audit: BPF prog-id=68 op=LOAD Feb 9 12:32:22.303000 audit[2303]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c0001479d8 a2=78 a3=c000309010 items=0 ppid=2278 pid=2303 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.303000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6536323365663631373635383564373463343731323533616639363865 Feb 9 12:32:22.496000 audit[2303]: AVC avc: denied { bpf } for pid=2303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[2303]: AVC avc: denied { bpf } for pid=2303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[2303]: AVC avc: denied { perfmon } for pid=2303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[2303]: AVC avc: denied { perfmon } for pid=2303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[2303]: AVC avc: denied { perfmon } for pid=2303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[2303]: AVC avc: denied { perfmon } for pid=2303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[2303]: AVC avc: denied { perfmon } for pid=2303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[2303]: AVC avc: denied { bpf } for pid=2303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[2279]: AVC avc: denied { bpf } for pid=2279 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[2279]: SYSCALL arch=c000003e syscall=321 success=yes exit=0 a0=f a1=c000199c48 a2=10 a3=1c items=0 ppid=2254 pid=2279 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.496000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6465396566363430613530616433393836663937636237666661633064 Feb 9 12:32:22.496000 audit[2279]: AVC avc: denied { perfmon } for pid=2279 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[2279]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=0 a1=c0001996b0 a2=3c a3=c items=0 ppid=2254 pid=2279 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.496000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6465396566363430613530616433393836663937636237666661633064 Feb 9 12:32:22.496000 audit[2279]: AVC avc: denied { bpf } for pid=2279 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[2279]: AVC avc: denied { bpf } for pid=2279 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[2279]: AVC avc: denied { bpf } for pid=2279 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[2279]: AVC avc: denied { perfmon } for pid=2279 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[2279]: AVC avc: denied { perfmon } for pid=2279 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[2279]: AVC avc: denied { perfmon } for pid=2279 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[2279]: AVC avc: denied { perfmon } for pid=2279 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[2279]: AVC avc: denied { perfmon } for pid=2279 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[2279]: AVC avc: denied { bpf } for pid=2279 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[2303]: AVC avc: denied { bpf } for pid=2303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[2303]: SYSCALL arch=c000003e syscall=321 success=yes exit=17 a0=5 a1=c000147770 a2=78 a3=c000309058 items=0 ppid=2278 pid=2303 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.496000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6536323365663631373635383564373463343731323533616639363865 Feb 9 12:32:22.652000 audit: BPF prog-id=70 op=UNLOAD Feb 9 12:32:22.652000 audit: BPF prog-id=69 op=UNLOAD Feb 9 12:32:22.652000 audit[2303]: AVC avc: denied { bpf } for pid=2303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.652000 audit[2303]: AVC avc: denied { bpf } for pid=2303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.652000 audit[2303]: AVC avc: denied { bpf } for pid=2303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.652000 audit[2303]: AVC avc: denied { perfmon } for pid=2303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.652000 audit[2303]: AVC avc: denied { perfmon } for pid=2303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.496000 audit[2279]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c0001999d8 a2=78 a3=c000226380 items=0 ppid=2254 pid=2279 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.496000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6465396566363430613530616433393836663937636237666661633064 Feb 9 12:32:22.652000 audit[2303]: AVC avc: denied { perfmon } for pid=2303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.652000 audit[2303]: AVC avc: denied { perfmon } for pid=2303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.652000 audit[2303]: AVC avc: denied { perfmon } for pid=2303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.652000 audit[2303]: AVC avc: denied { bpf } for pid=2303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.652000 audit[2279]: AVC avc: denied { bpf } for pid=2279 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.652000 audit[2279]: AVC avc: denied { bpf } for pid=2279 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.652000 audit[2279]: AVC avc: denied { perfmon } for pid=2279 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.652000 audit[2279]: AVC avc: denied { perfmon } for pid=2279 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.652000 audit[2279]: AVC avc: denied { perfmon } for pid=2279 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.652000 audit[2279]: AVC avc: denied { perfmon } for pid=2279 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.652000 audit[2279]: AVC avc: denied { perfmon } for pid=2279 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.652000 audit[2279]: AVC avc: denied { bpf } for pid=2279 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.663303 kubelet[2204]: W0209 12:32:22.663269 2204 reflector.go:535] vendor/k8s.io/client-go/informers/factory.go:150: failed to list *v1.Service: Get "https://86.109.11.101:6443/api/v1/services?limit=500&resourceVersion=0": dial tcp 86.109.11.101:6443: connect: connection refused Feb 9 12:32:22.663303 kubelet[2204]: E0209 12:32:22.663303 2204 reflector.go:147] vendor/k8s.io/client-go/informers/factory.go:150: Failed to watch *v1.Service: failed to list *v1.Service: Get "https://86.109.11.101:6443/api/v1/services?limit=500&resourceVersion=0": dial tcp 86.109.11.101:6443: connect: connection refused Feb 9 12:32:22.681761 kubelet[2204]: I0209 12:32:22.681745 2204 kubelet_node_status.go:70] "Attempting to register node" node="ci-3510.3.2-a-260490bd8e" Feb 9 12:32:22.681874 kubelet[2204]: E0209 12:32:22.681858 2204 kubelet_node_status.go:92] "Unable to register node with API server" err="Post \"https://86.109.11.101:6443/api/v1/nodes\": dial tcp 86.109.11.101:6443: connect: connection refused" node="ci-3510.3.2-a-260490bd8e" Feb 9 12:32:22.698375 sshd[2116]: Failed password for invalid user brio from 101.35.54.203 port 39806 ssh2 Feb 9 12:32:22.706000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.652000 audit[2279]: AVC avc: denied { bpf } for pid=2279 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.652000 audit: BPF prog-id=72 op=LOAD Feb 9 12:32:22.652000 audit[2279]: SYSCALL arch=c000003e syscall=321 success=yes exit=18 a0=5 a1=c000199770 a2=78 a3=c0002263c8 items=0 ppid=2254 pid=2279 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.652000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6465396566363430613530616433393836663937636237666661633064 Feb 9 12:32:22.706000 audit: BPF prog-id=72 op=UNLOAD Feb 9 12:32:22.652000 audit[2303]: AVC avc: denied { bpf } for pid=2303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.652000 audit: BPF prog-id=73 op=LOAD Feb 9 12:32:22.652000 audit[2303]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c000147c30 a2=78 a3=c000309468 items=0 ppid=2278 pid=2303 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.652000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6536323365663631373635383564373463343731323533616639363865 Feb 9 12:32:22.706000 audit: BPF prog-id=71 op=UNLOAD Feb 9 12:32:22.706000 audit[2279]: AVC avc: denied { bpf } for pid=2279 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[2279]: AVC avc: denied { bpf } for pid=2279 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[2279]: AVC avc: denied { bpf } for pid=2279 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[2279]: AVC avc: denied { perfmon } for pid=2279 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[2279]: AVC avc: denied { perfmon } for pid=2279 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[2279]: AVC avc: denied { perfmon } for pid=2279 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[2279]: AVC avc: denied { perfmon } for pid=2279 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[2279]: AVC avc: denied { perfmon } for pid=2279 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[2279]: AVC avc: denied { bpf } for pid=2279 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit: BPF prog-id=74 op=LOAD Feb 9 12:32:22.706000 audit[2279]: AVC avc: denied { bpf } for pid=2279 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit: BPF prog-id=75 op=LOAD Feb 9 12:32:22.706000 audit[2279]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c000199c30 a2=78 a3=c0002267d8 items=0 ppid=2254 pid=2279 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.706000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6465396566363430613530616433393836663937636237666661633064 Feb 9 12:32:22.706000 audit[2302]: AVC avc: denied { bpf } for pid=2302 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[2302]: SYSCALL arch=c000003e syscall=321 success=yes exit=0 a0=f a1=c000197c48 a2=10 a3=1c items=0 ppid=2277 pid=2302 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.706000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3137333263343938613862623436643833636532336335656638646365 Feb 9 12:32:22.706000 audit[2302]: AVC avc: denied { perfmon } for pid=2302 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[2302]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=0 a1=c0001976b0 a2=3c a3=c items=0 ppid=2277 pid=2302 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.706000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3137333263343938613862623436643833636532336335656638646365 Feb 9 12:32:22.706000 audit[2302]: AVC avc: denied { bpf } for pid=2302 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[2302]: AVC avc: denied { bpf } for pid=2302 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[2302]: AVC avc: denied { bpf } for pid=2302 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[2302]: AVC avc: denied { perfmon } for pid=2302 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[2302]: AVC avc: denied { perfmon } for pid=2302 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[2302]: AVC avc: denied { perfmon } for pid=2302 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[2302]: AVC avc: denied { perfmon } for pid=2302 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[2302]: AVC avc: denied { perfmon } for pid=2302 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[2302]: AVC avc: denied { bpf } for pid=2302 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit[2302]: AVC avc: denied { bpf } for pid=2302 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.706000 audit: BPF prog-id=76 op=LOAD Feb 9 12:32:22.706000 audit[2302]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c0001979d8 a2=78 a3=c000092c50 items=0 ppid=2277 pid=2302 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.706000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3137333263343938613862623436643833636532336335656638646365 Feb 9 12:32:22.707000 audit[2302]: AVC avc: denied { bpf } for pid=2302 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.707000 audit[2302]: AVC avc: denied { bpf } for pid=2302 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.707000 audit[2302]: AVC avc: denied { perfmon } for pid=2302 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.707000 audit[2302]: AVC avc: denied { perfmon } for pid=2302 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.707000 audit[2302]: AVC avc: denied { perfmon } for pid=2302 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.707000 audit[2302]: AVC avc: denied { perfmon } for pid=2302 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.707000 audit[2302]: AVC avc: denied { perfmon } for pid=2302 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.707000 audit[2302]: AVC avc: denied { bpf } for pid=2302 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.707000 audit[2302]: AVC avc: denied { bpf } for pid=2302 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.707000 audit: BPF prog-id=77 op=LOAD Feb 9 12:32:22.707000 audit[2302]: SYSCALL arch=c000003e syscall=321 success=yes exit=18 a0=5 a1=c000197770 a2=78 a3=c000092c98 items=0 ppid=2277 pid=2302 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.707000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3137333263343938613862623436643833636532336335656638646365 Feb 9 12:32:22.707000 audit: BPF prog-id=77 op=UNLOAD Feb 9 12:32:22.707000 audit: BPF prog-id=76 op=UNLOAD Feb 9 12:32:22.707000 audit[2302]: AVC avc: denied { bpf } for pid=2302 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.707000 audit[2302]: AVC avc: denied { bpf } for pid=2302 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.707000 audit[2302]: AVC avc: denied { bpf } for pid=2302 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.707000 audit[2302]: AVC avc: denied { perfmon } for pid=2302 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.707000 audit[2302]: AVC avc: denied { perfmon } for pid=2302 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.707000 audit[2302]: AVC avc: denied { perfmon } for pid=2302 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.707000 audit[2302]: AVC avc: denied { perfmon } for pid=2302 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.707000 audit[2302]: AVC avc: denied { perfmon } for pid=2302 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.707000 audit[2302]: AVC avc: denied { bpf } for pid=2302 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.707000 audit[2302]: AVC avc: denied { bpf } for pid=2302 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.707000 audit: BPF prog-id=78 op=LOAD Feb 9 12:32:22.707000 audit[2302]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c000197c30 a2=78 a3=c0000930a8 items=0 ppid=2277 pid=2302 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.707000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3137333263343938613862623436643833636532336335656638646365 Feb 9 12:32:22.725320 env[1477]: time="2024-02-09T12:32:22.725292568Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:kube-scheduler-ci-3510.3.2-a-260490bd8e,Uid:35b68acd48b36a2481c968623e909753,Namespace:kube-system,Attempt:0,} returns sandbox id \"de9ef640a50ad3986f97cb7ffac0dd3af0c9efeb42922b3d4ab6a6967e3b4623\"" Feb 9 12:32:22.725555 env[1477]: time="2024-02-09T12:32:22.725445723Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:kube-controller-manager-ci-3510.3.2-a-260490bd8e,Uid:eff92a695d2caca746ff631dfa5da5d7,Namespace:kube-system,Attempt:0,} returns sandbox id \"e623ef6176585d74c471253af968e1f29798455242ec32dc833ebda6ce88743e\"" Feb 9 12:32:22.726950 env[1477]: time="2024-02-09T12:32:22.726909833Z" level=info msg="CreateContainer within sandbox \"de9ef640a50ad3986f97cb7ffac0dd3af0c9efeb42922b3d4ab6a6967e3b4623\" for container &ContainerMetadata{Name:kube-scheduler,Attempt:0,}" Feb 9 12:32:22.727037 env[1477]: time="2024-02-09T12:32:22.726999842Z" level=info msg="CreateContainer within sandbox \"e623ef6176585d74c471253af968e1f29798455242ec32dc833ebda6ce88743e\" for container &ContainerMetadata{Name:kube-controller-manager,Attempt:0,}" Feb 9 12:32:22.731725 env[1477]: time="2024-02-09T12:32:22.731710823Z" level=info msg="CreateContainer within sandbox \"de9ef640a50ad3986f97cb7ffac0dd3af0c9efeb42922b3d4ab6a6967e3b4623\" for &ContainerMetadata{Name:kube-scheduler,Attempt:0,} returns container id \"1b4b0ab58d46b6fbce53a7660da5abaffd87226af81b7a209c4b5f4a28a0b1a4\"" Feb 9 12:32:22.731992 env[1477]: time="2024-02-09T12:32:22.731952247Z" level=info msg="StartContainer for \"1b4b0ab58d46b6fbce53a7660da5abaffd87226af81b7a209c4b5f4a28a0b1a4\"" Feb 9 12:32:22.732595 env[1477]: time="2024-02-09T12:32:22.732551772Z" level=info msg="CreateContainer within sandbox \"e623ef6176585d74c471253af968e1f29798455242ec32dc833ebda6ce88743e\" for &ContainerMetadata{Name:kube-controller-manager,Attempt:0,} returns container id \"3ff467ad6644fe2887be8425100c4f16b0f273c5a42a53fcc609e8262ef9dbd6\"" Feb 9 12:32:22.732752 env[1477]: time="2024-02-09T12:32:22.732713487Z" level=info msg="StartContainer for \"3ff467ad6644fe2887be8425100c4f16b0f273c5a42a53fcc609e8262ef9dbd6\"" Feb 9 12:32:22.737469 env[1477]: time="2024-02-09T12:32:22.737440558Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:kube-apiserver-ci-3510.3.2-a-260490bd8e,Uid:6a767ef805e5d5e36c96c93631fd2a26,Namespace:kube-system,Attempt:0,} returns sandbox id \"1732c498a8bb46d83ce23c5ef8dce653f7056d9c08b2a7feb98a113a7ef54aaf\"" Feb 9 12:32:22.738755 env[1477]: time="2024-02-09T12:32:22.738739231Z" level=info msg="CreateContainer within sandbox \"1732c498a8bb46d83ce23c5ef8dce653f7056d9c08b2a7feb98a113a7ef54aaf\" for container &ContainerMetadata{Name:kube-apiserver,Attempt:0,}" Feb 9 12:32:22.739660 systemd[1]: Started cri-containerd-3ff467ad6644fe2887be8425100c4f16b0f273c5a42a53fcc609e8262ef9dbd6.scope. Feb 9 12:32:22.743240 env[1477]: time="2024-02-09T12:32:22.743209457Z" level=info msg="CreateContainer within sandbox \"1732c498a8bb46d83ce23c5ef8dce653f7056d9c08b2a7feb98a113a7ef54aaf\" for &ContainerMetadata{Name:kube-apiserver,Attempt:0,} returns container id \"7cb70e0a7012b04a7297ed7b6ce2ed50af8907f09a759b3969defb092728c58c\"" Feb 9 12:32:22.743510 env[1477]: time="2024-02-09T12:32:22.743490093Z" level=info msg="StartContainer for \"7cb70e0a7012b04a7297ed7b6ce2ed50af8907f09a759b3969defb092728c58c\"" Feb 9 12:32:22.745000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit: BPF prog-id=79 op=LOAD Feb 9 12:32:22.745000 audit[2380]: AVC avc: denied { bpf } for pid=2380 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit[2380]: SYSCALL arch=c000003e syscall=321 success=yes exit=0 a0=f a1=c000117c48 a2=10 a3=1c items=0 ppid=2278 pid=2380 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.745000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3366663436376164363634346665323838376265383432353130306334 Feb 9 12:32:22.745000 audit[2380]: AVC avc: denied { perfmon } for pid=2380 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit[2380]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=0 a1=c0001176b0 a2=3c a3=8 items=0 ppid=2278 pid=2380 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.745000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3366663436376164363634346665323838376265383432353130306334 Feb 9 12:32:22.745000 audit[2380]: AVC avc: denied { bpf } for pid=2380 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit[2380]: AVC avc: denied { bpf } for pid=2380 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit[2380]: AVC avc: denied { bpf } for pid=2380 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit[2380]: AVC avc: denied { perfmon } for pid=2380 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit[2380]: AVC avc: denied { perfmon } for pid=2380 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit[2380]: AVC avc: denied { perfmon } for pid=2380 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit[2380]: AVC avc: denied { perfmon } for pid=2380 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit[2380]: AVC avc: denied { perfmon } for pid=2380 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit[2380]: AVC avc: denied { bpf } for pid=2380 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit[2380]: AVC avc: denied { bpf } for pid=2380 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.745000 audit: BPF prog-id=80 op=LOAD Feb 9 12:32:22.745000 audit[2380]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c0001179d8 a2=78 a3=c0003ca120 items=0 ppid=2278 pid=2380 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.745000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3366663436376164363634346665323838376265383432353130306334 Feb 9 12:32:22.746000 audit[2380]: AVC avc: denied { bpf } for pid=2380 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.746000 audit[2380]: AVC avc: denied { bpf } for pid=2380 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.746000 audit[2380]: AVC avc: denied { perfmon } for pid=2380 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.746000 audit[2380]: AVC avc: denied { perfmon } for pid=2380 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.746000 audit[2380]: AVC avc: denied { perfmon } for pid=2380 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.746000 audit[2380]: AVC avc: denied { perfmon } for pid=2380 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.746000 audit[2380]: AVC avc: denied { perfmon } for pid=2380 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.746000 audit[2380]: AVC avc: denied { bpf } for pid=2380 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.746000 audit[2380]: AVC avc: denied { bpf } for pid=2380 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.746000 audit: BPF prog-id=81 op=LOAD Feb 9 12:32:22.746000 audit[2380]: SYSCALL arch=c000003e syscall=321 success=yes exit=18 a0=5 a1=c000117770 a2=78 a3=c0003ca168 items=0 ppid=2278 pid=2380 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.746000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3366663436376164363634346665323838376265383432353130306334 Feb 9 12:32:22.746000 audit: BPF prog-id=81 op=UNLOAD Feb 9 12:32:22.746000 audit: BPF prog-id=80 op=UNLOAD Feb 9 12:32:22.746000 audit[2380]: AVC avc: denied { bpf } for pid=2380 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.746000 audit[2380]: AVC avc: denied { bpf } for pid=2380 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.746000 audit[2380]: AVC avc: denied { bpf } for pid=2380 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.746000 audit[2380]: AVC avc: denied { perfmon } for pid=2380 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.746000 audit[2380]: AVC avc: denied { perfmon } for pid=2380 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.746000 audit[2380]: AVC avc: denied { perfmon } for pid=2380 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.746000 audit[2380]: AVC avc: denied { perfmon } for pid=2380 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.746000 audit[2380]: AVC avc: denied { perfmon } for pid=2380 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.746000 audit[2380]: AVC avc: denied { bpf } for pid=2380 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.746000 audit[2380]: AVC avc: denied { bpf } for pid=2380 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.746000 audit: BPF prog-id=82 op=LOAD Feb 9 12:32:22.746000 audit[2380]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c000117c30 a2=78 a3=c0003ca578 items=0 ppid=2278 pid=2380 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.746000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3366663436376164363634346665323838376265383432353130306334 Feb 9 12:32:22.751934 systemd[1]: Started cri-containerd-1b4b0ab58d46b6fbce53a7660da5abaffd87226af81b7a209c4b5f4a28a0b1a4.scope. Feb 9 12:32:22.756000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.756000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.756000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.756000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.756000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.756000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.756000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.756000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.756000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.756000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.756000 audit: BPF prog-id=83 op=LOAD Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { bpf } for pid=2379 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: SYSCALL arch=c000003e syscall=321 success=yes exit=0 a0=f a1=c0001bdc48 a2=10 a3=1c items=0 ppid=2254 pid=2379 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.757000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3162346230616235386434366236666263653533613736363064613561 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { perfmon } for pid=2379 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=0 a1=c0001bd6b0 a2=3c a3=8 items=0 ppid=2254 pid=2379 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.757000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3162346230616235386434366236666263653533613736363064613561 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { bpf } for pid=2379 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { bpf } for pid=2379 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { bpf } for pid=2379 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { perfmon } for pid=2379 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { perfmon } for pid=2379 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { perfmon } for pid=2379 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { perfmon } for pid=2379 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { perfmon } for pid=2379 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { bpf } for pid=2379 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { bpf } for pid=2379 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit: BPF prog-id=84 op=LOAD Feb 9 12:32:22.757000 audit[2379]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c0001bd9d8 a2=78 a3=c00009f770 items=0 ppid=2254 pid=2379 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.757000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3162346230616235386434366236666263653533613736363064613561 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { bpf } for pid=2379 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { bpf } for pid=2379 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { perfmon } for pid=2379 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { perfmon } for pid=2379 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { perfmon } for pid=2379 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { perfmon } for pid=2379 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { perfmon } for pid=2379 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { bpf } for pid=2379 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { bpf } for pid=2379 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit: BPF prog-id=85 op=LOAD Feb 9 12:32:22.757000 audit[2379]: SYSCALL arch=c000003e syscall=321 success=yes exit=18 a0=5 a1=c0001bd770 a2=78 a3=c00009f7b8 items=0 ppid=2254 pid=2379 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.757000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3162346230616235386434366236666263653533613736363064613561 Feb 9 12:32:22.757000 audit: BPF prog-id=85 op=UNLOAD Feb 9 12:32:22.757000 audit: BPF prog-id=84 op=UNLOAD Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { bpf } for pid=2379 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { bpf } for pid=2379 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { bpf } for pid=2379 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { perfmon } for pid=2379 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { perfmon } for pid=2379 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { perfmon } for pid=2379 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { perfmon } for pid=2379 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { perfmon } for pid=2379 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { bpf } for pid=2379 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit[2379]: AVC avc: denied { bpf } for pid=2379 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.757000 audit: BPF prog-id=86 op=LOAD Feb 9 12:32:22.757000 audit[2379]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c0001bdc30 a2=78 a3=c00009fbc8 items=0 ppid=2254 pid=2379 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.757000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3162346230616235386434366236666263653533613736363064613561 Feb 9 12:32:22.762888 systemd[1]: Started cri-containerd-7cb70e0a7012b04a7297ed7b6ce2ed50af8907f09a759b3969defb092728c58c.scope. Feb 9 12:32:22.767000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.767000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.767000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.767000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.767000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.767000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.767000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.767000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.767000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.767000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.767000 audit: BPF prog-id=87 op=LOAD Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { bpf } for pid=2414 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: SYSCALL arch=c000003e syscall=321 success=yes exit=0 a0=f a1=c000147c48 a2=10 a3=1c items=0 ppid=2277 pid=2414 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.768000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3763623730653061373031326230346137323937656437623663653265 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { perfmon } for pid=2414 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=0 a1=c0001476b0 a2=3c a3=8 items=0 ppid=2277 pid=2414 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.768000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3763623730653061373031326230346137323937656437623663653265 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { bpf } for pid=2414 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { bpf } for pid=2414 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { bpf } for pid=2414 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { perfmon } for pid=2414 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { perfmon } for pid=2414 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { perfmon } for pid=2414 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { perfmon } for pid=2414 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { perfmon } for pid=2414 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { bpf } for pid=2414 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { bpf } for pid=2414 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit: BPF prog-id=88 op=LOAD Feb 9 12:32:22.768000 audit[2414]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c0001479d8 a2=78 a3=c000025770 items=0 ppid=2277 pid=2414 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.768000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3763623730653061373031326230346137323937656437623663653265 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { bpf } for pid=2414 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { bpf } for pid=2414 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { perfmon } for pid=2414 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { perfmon } for pid=2414 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { perfmon } for pid=2414 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { perfmon } for pid=2414 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { perfmon } for pid=2414 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { bpf } for pid=2414 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { bpf } for pid=2414 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit: BPF prog-id=89 op=LOAD Feb 9 12:32:22.768000 audit[2414]: SYSCALL arch=c000003e syscall=321 success=yes exit=18 a0=5 a1=c000147770 a2=78 a3=c0000257b8 items=0 ppid=2277 pid=2414 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.768000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3763623730653061373031326230346137323937656437623663653265 Feb 9 12:32:22.768000 audit: BPF prog-id=89 op=UNLOAD Feb 9 12:32:22.768000 audit: BPF prog-id=88 op=UNLOAD Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { bpf } for pid=2414 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { bpf } for pid=2414 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { bpf } for pid=2414 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { perfmon } for pid=2414 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { perfmon } for pid=2414 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { perfmon } for pid=2414 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { perfmon } for pid=2414 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { perfmon } for pid=2414 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { bpf } for pid=2414 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit[2414]: AVC avc: denied { bpf } for pid=2414 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:22.768000 audit: BPF prog-id=90 op=LOAD Feb 9 12:32:22.768000 audit[2414]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c000147c30 a2=78 a3=c000025bc8 items=0 ppid=2277 pid=2414 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:22.768000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3763623730653061373031326230346137323937656437623663653265 Feb 9 12:32:22.776247 env[1477]: time="2024-02-09T12:32:22.776199359Z" level=info msg="StartContainer for \"1b4b0ab58d46b6fbce53a7660da5abaffd87226af81b7a209c4b5f4a28a0b1a4\" returns successfully" Feb 9 12:32:22.776836 env[1477]: time="2024-02-09T12:32:22.776820845Z" level=info msg="StartContainer for \"3ff467ad6644fe2887be8425100c4f16b0f273c5a42a53fcc609e8262ef9dbd6\" returns successfully" Feb 9 12:32:22.799191 env[1477]: time="2024-02-09T12:32:22.799167362Z" level=info msg="StartContainer for \"7cb70e0a7012b04a7297ed7b6ce2ed50af8907f09a759b3969defb092728c58c\" returns successfully" Feb 9 12:32:23.321000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:32:23.321000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:32:23.321000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=7 a1=c0001b4040 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:32:23.321000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=8 a1=c000cde090 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:32:23.321000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:32:23.321000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:32:23.455000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:32:23.455000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:32:23.455000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=40 a1=c0038a8fc0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:32:23.455000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=42 a1=c006dd4080 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:32:23.455000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:32:23.455000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:32:23.456000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="sda9" ino=521007 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:32:23.456000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=40 a1=c00308eab0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:32:23.456000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:32:23.456000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="sda9" ino=521013 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:32:23.456000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=40 a1=c0042281e0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:32:23.456000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:32:23.457000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:32:23.457000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=50 a1=c002d44300 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:32:23.457000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:32:23.457000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:32:23.457000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=53 a1=c00628a240 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:32:23.457000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:32:23.817351 kubelet[2204]: E0209 12:32:23.817290 2204 csi_plugin.go:295] Failed to initialize CSINode: error updating CSINode annotation: timed out waiting for the condition; caused by: nodes "ci-3510.3.2-a-260490bd8e" not found Feb 9 12:32:23.973253 sshd[2116]: Received disconnect from 101.35.54.203 port 39806:11: Bye Bye [preauth] Feb 9 12:32:23.973253 sshd[2116]: Disconnected from invalid user brio 101.35.54.203 port 39806 [preauth] Feb 9 12:32:23.975596 systemd[1]: sshd@9-86.109.11.101:22-101.35.54.203:39806.service: Deactivated successfully. Feb 9 12:32:23.975000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@9-86.109.11.101:22-101.35.54.203:39806 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:24.177067 kubelet[2204]: E0209 12:32:24.176908 2204 nodelease.go:49] "Failed to get node when trying to set owner ref to the node lease" err="nodes \"ci-3510.3.2-a-260490bd8e\" not found" node="ci-3510.3.2-a-260490bd8e" Feb 9 12:32:24.194735 kubelet[2204]: E0209 12:32:24.194683 2204 csi_plugin.go:295] Failed to initialize CSINode: error updating CSINode annotation: timed out waiting for the condition; caused by: nodes "ci-3510.3.2-a-260490bd8e" not found Feb 9 12:32:24.285876 kubelet[2204]: I0209 12:32:24.285820 2204 kubelet_node_status.go:70] "Attempting to register node" node="ci-3510.3.2-a-260490bd8e" Feb 9 12:32:24.292724 kubelet[2204]: I0209 12:32:24.292670 2204 kubelet_node_status.go:73] "Successfully registered node" node="ci-3510.3.2-a-260490bd8e" Feb 9 12:32:24.312006 kubelet[2204]: E0209 12:32:24.311951 2204 kubelet_node_status.go:458] "Error getting the current node from lister" err="node \"ci-3510.3.2-a-260490bd8e\" not found" Feb 9 12:32:24.412843 kubelet[2204]: E0209 12:32:24.412780 2204 kubelet_node_status.go:458] "Error getting the current node from lister" err="node \"ci-3510.3.2-a-260490bd8e\" not found" Feb 9 12:32:24.513762 kubelet[2204]: E0209 12:32:24.513615 2204 kubelet_node_status.go:458] "Error getting the current node from lister" err="node \"ci-3510.3.2-a-260490bd8e\" not found" Feb 9 12:32:24.614703 kubelet[2204]: E0209 12:32:24.614638 2204 kubelet_node_status.go:458] "Error getting the current node from lister" err="node \"ci-3510.3.2-a-260490bd8e\" not found" Feb 9 12:32:24.715130 kubelet[2204]: E0209 12:32:24.715048 2204 kubelet_node_status.go:458] "Error getting the current node from lister" err="node \"ci-3510.3.2-a-260490bd8e\" not found" Feb 9 12:32:24.816291 kubelet[2204]: E0209 12:32:24.816199 2204 kubelet_node_status.go:458] "Error getting the current node from lister" err="node \"ci-3510.3.2-a-260490bd8e\" not found" Feb 9 12:32:24.917309 kubelet[2204]: E0209 12:32:24.917222 2204 kubelet_node_status.go:458] "Error getting the current node from lister" err="node \"ci-3510.3.2-a-260490bd8e\" not found" Feb 9 12:32:25.164638 kubelet[2204]: I0209 12:32:25.164448 2204 apiserver.go:52] "Watching apiserver" Feb 9 12:32:25.266928 kubelet[2204]: I0209 12:32:25.266860 2204 desired_state_of_world_populator.go:159] "Finished populating initial desired state of world" Feb 9 12:32:25.268147 kubelet[2204]: W0209 12:32:25.268098 2204 warnings.go:70] metadata.name: this is used in the Pod's hostname, which can result in surprising behavior; a DNS label is recommended: [must not contain dots] Feb 9 12:32:25.599829 systemd[1]: Started sshd@10-86.109.11.101:22-135.125.161.64:59884.service. Feb 9 12:32:25.598000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@10-86.109.11.101:22-135.125.161.64:59884 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:26.347972 kubelet[2204]: W0209 12:32:26.347873 2204 warnings.go:70] metadata.name: this is used in the Pod's hostname, which can result in surprising behavior; a DNS label is recommended: [must not contain dots] Feb 9 12:32:26.469809 sshd[2520]: Invalid user fernanlo from 135.125.161.64 port 59884 Feb 9 12:32:26.475367 sshd[2520]: pam_faillock(sshd:auth): User unknown Feb 9 12:32:26.476202 sshd[2520]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:32:26.476312 sshd[2520]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=135.125.161.64 Feb 9 12:32:26.477112 sshd[2520]: pam_faillock(sshd:auth): User unknown Feb 9 12:32:26.476000 audit[2520]: USER_AUTH pid=2520 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="fernanlo" exe="/usr/sbin/sshd" hostname=135.125.161.64 addr=135.125.161.64 terminal=ssh res=failed' Feb 9 12:32:26.759540 systemd[1]: Reloading. Feb 9 12:32:26.793492 /usr/lib/systemd/system-generators/torcx-generator[2546]: time="2024-02-09T12:32:26Z" level=debug msg="common configuration parsed" base_dir=/var/lib/torcx/ conf_dir=/etc/torcx/ run_dir=/run/torcx/ store_paths="[/usr/share/torcx/store /usr/share/oem/torcx/store/3510.3.2 /usr/share/oem/torcx/store /var/lib/torcx/store/3510.3.2 /var/lib/torcx/store]" Feb 9 12:32:26.793515 /usr/lib/systemd/system-generators/torcx-generator[2546]: time="2024-02-09T12:32:26Z" level=info msg="torcx already run" Feb 9 12:32:26.856790 systemd[1]: /usr/lib/systemd/system/locksmithd.service:8: Unit uses CPUShares=; please use CPUWeight= instead. Support for CPUShares= will be removed soon. Feb 9 12:32:26.856800 systemd[1]: /usr/lib/systemd/system/locksmithd.service:9: Unit uses MemoryLimit=; please use MemoryMax= instead. Support for MemoryLimit= will be removed soon. Feb 9 12:32:26.873606 systemd[1]: /run/systemd/system/docker.socket:8: ListenStream= references a path below legacy directory /var/run/, updating /var/run/docker.sock → /run/docker.sock; please update the unit file accordingly. Feb 9 12:32:26.927000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.927000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.927000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.927000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.927000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.927000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.927000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.927000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.927000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.928000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.928000 audit: BPF prog-id=91 op=LOAD Feb 9 12:32:26.928000 audit: BPF prog-id=52 op=UNLOAD Feb 9 12:32:26.928000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.928000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.928000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.928000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.928000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.928000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.928000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.928000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.928000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.928000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.928000 audit: BPF prog-id=92 op=LOAD Feb 9 12:32:26.928000 audit: BPF prog-id=74 op=UNLOAD Feb 9 12:32:26.929000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.929000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.929000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.929000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.929000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.929000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.929000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.929000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.929000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.929000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.929000 audit: BPF prog-id=93 op=LOAD Feb 9 12:32:26.929000 audit: BPF prog-id=68 op=UNLOAD Feb 9 12:32:26.929000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.929000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.929000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.929000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.929000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.929000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.929000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.929000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.929000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.929000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.929000 audit: BPF prog-id=94 op=LOAD Feb 9 12:32:26.929000 audit: BPF prog-id=79 op=UNLOAD Feb 9 12:32:26.930000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.930000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.930000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.930000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.930000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.930000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.930000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.930000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.930000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.930000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.930000 audit: BPF prog-id=95 op=LOAD Feb 9 12:32:26.930000 audit: BPF prog-id=53 op=UNLOAD Feb 9 12:32:26.930000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.930000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.930000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.930000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.930000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.930000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.930000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.930000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.930000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.930000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.930000 audit: BPF prog-id=96 op=LOAD Feb 9 12:32:26.930000 audit: BPF prog-id=54 op=UNLOAD Feb 9 12:32:26.931000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.931000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.931000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.931000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.931000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.931000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.931000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.931000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.931000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.931000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.931000 audit: BPF prog-id=97 op=LOAD Feb 9 12:32:26.931000 audit: BPF prog-id=55 op=UNLOAD Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit: BPF prog-id=98 op=LOAD Feb 9 12:32:26.932000 audit: BPF prog-id=56 op=UNLOAD Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit: BPF prog-id=99 op=LOAD Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.932000 audit: BPF prog-id=100 op=LOAD Feb 9 12:32:26.932000 audit: BPF prog-id=57 op=UNLOAD Feb 9 12:32:26.932000 audit: BPF prog-id=58 op=UNLOAD Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit: BPF prog-id=101 op=LOAD Feb 9 12:32:26.933000 audit: BPF prog-id=59 op=UNLOAD Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit: BPF prog-id=102 op=LOAD Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit: BPF prog-id=103 op=LOAD Feb 9 12:32:26.933000 audit: BPF prog-id=60 op=UNLOAD Feb 9 12:32:26.933000 audit: BPF prog-id=61 op=UNLOAD Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit: BPF prog-id=104 op=LOAD Feb 9 12:32:26.933000 audit: BPF prog-id=87 op=UNLOAD Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.933000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.934000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.934000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.934000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.934000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.934000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.934000 audit: BPF prog-id=105 op=LOAD Feb 9 12:32:26.934000 audit: BPF prog-id=83 op=UNLOAD Feb 9 12:32:26.934000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.934000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.934000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.934000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.934000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.934000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.934000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.934000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.934000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.934000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.934000 audit: BPF prog-id=106 op=LOAD Feb 9 12:32:26.934000 audit: BPF prog-id=67 op=UNLOAD Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit: BPF prog-id=107 op=LOAD Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit: BPF prog-id=108 op=LOAD Feb 9 12:32:26.935000 audit: BPF prog-id=62 op=UNLOAD Feb 9 12:32:26.935000 audit: BPF prog-id=63 op=UNLOAD Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.935000 audit: BPF prog-id=109 op=LOAD Feb 9 12:32:26.935000 audit: BPF prog-id=64 op=UNLOAD Feb 9 12:32:26.935000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.936000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.936000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.936000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.936000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.936000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.936000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.936000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.936000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.936000 audit: BPF prog-id=110 op=LOAD Feb 9 12:32:26.936000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.936000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.936000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.936000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.936000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.936000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.936000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.936000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.936000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:26.936000 audit: BPF prog-id=111 op=LOAD Feb 9 12:32:26.936000 audit: BPF prog-id=65 op=UNLOAD Feb 9 12:32:26.936000 audit: BPF prog-id=66 op=UNLOAD Feb 9 12:32:26.943481 kubelet[2204]: I0209 12:32:26.943416 2204 dynamic_cafile_content.go:171] "Shutting down controller" name="client-ca-bundle::/etc/kubernetes/pki/ca.crt" Feb 9 12:32:26.943438 systemd[1]: Stopping kubelet.service... Feb 9 12:32:26.961928 systemd[1]: kubelet.service: Deactivated successfully. Feb 9 12:32:26.962412 systemd[1]: Stopped kubelet.service. Feb 9 12:32:26.961000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:26.966245 systemd[1]: Started kubelet.service. Feb 9 12:32:26.965000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:26.993861 kubelet[2604]: Flag --container-runtime-endpoint has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/ for more information. Feb 9 12:32:26.993861 kubelet[2604]: Flag --pod-infra-container-image has been deprecated, will be removed in a future release. Image garbage collector will get sandbox image information from CRI. Feb 9 12:32:26.993861 kubelet[2604]: Flag --volume-plugin-dir has been deprecated, This parameter should be set via the config file specified by the Kubelet's --config flag. See https://kubernetes.io/docs/tasks/administer-cluster/kubelet-config-file/ for more information. Feb 9 12:32:26.994155 kubelet[2604]: I0209 12:32:26.993896 2604 server.go:203] "--pod-infra-container-image will not be pruned by the image garbage collector in kubelet and should also be set in the remote runtime" Feb 9 12:32:26.996531 kubelet[2604]: I0209 12:32:26.996489 2604 server.go:467] "Kubelet version" kubeletVersion="v1.28.1" Feb 9 12:32:26.996531 kubelet[2604]: I0209 12:32:26.996499 2604 server.go:469] "Golang settings" GOGC="" GOMAXPROCS="" GOTRACEBACK="" Feb 9 12:32:26.997027 kubelet[2604]: I0209 12:32:26.997017 2604 server.go:895] "Client rotation is on, will bootstrap in background" Feb 9 12:32:26.998087 kubelet[2604]: I0209 12:32:26.998079 2604 certificate_store.go:130] Loading cert/key pair from "/var/lib/kubelet/pki/kubelet-client-current.pem". Feb 9 12:32:26.998649 kubelet[2604]: I0209 12:32:26.998606 2604 dynamic_cafile_content.go:157] "Starting controller" name="client-ca-bundle::/etc/kubernetes/pki/ca.crt" Feb 9 12:32:27.016959 kubelet[2604]: I0209 12:32:27.016893 2604 server.go:725] "--cgroups-per-qos enabled, but --cgroup-root was not specified. defaulting to /" Feb 9 12:32:27.017009 kubelet[2604]: I0209 12:32:27.016999 2604 container_manager_linux.go:265] "Container manager verified user specified cgroup-root exists" cgroupRoot=[] Feb 9 12:32:27.017095 kubelet[2604]: I0209 12:32:27.017088 2604 container_manager_linux.go:270] "Creating Container Manager object based on Node Config" nodeConfig={"RuntimeCgroupsName":"","SystemCgroupsName":"","KubeletCgroupsName":"","KubeletOOMScoreAdj":-999,"ContainerRuntime":"","CgroupsPerQOS":true,"CgroupRoot":"/","CgroupDriver":"systemd","KubeletRootDir":"/var/lib/kubelet","ProtectKernelDefaults":false,"KubeReservedCgroupName":"","SystemReservedCgroupName":"","ReservedSystemCPUs":{},"EnforceNodeAllocatable":{"pods":{}},"KubeReserved":null,"SystemReserved":null,"HardEvictionThresholds":[{"Signal":"memory.available","Operator":"LessThan","Value":{"Quantity":"100Mi","Percentage":0},"GracePeriod":0,"MinReclaim":null},{"Signal":"nodefs.available","Operator":"LessThan","Value":{"Quantity":null,"Percentage":0.1},"GracePeriod":0,"MinReclaim":null},{"Signal":"nodefs.inodesFree","Operator":"LessThan","Value":{"Quantity":null,"Percentage":0.05},"GracePeriod":0,"MinReclaim":null},{"Signal":"imagefs.available","Operator":"LessThan","Value":{"Quantity":null,"Percentage":0.15},"GracePeriod":0,"MinReclaim":null}],"QOSReserved":{},"CPUManagerPolicy":"none","CPUManagerPolicyOptions":null,"TopologyManagerScope":"container","CPUManagerReconcilePeriod":10000000000,"ExperimentalMemoryManagerPolicy":"None","ExperimentalMemoryManagerReservedMemory":null,"PodPidsLimit":-1,"EnforceCPULimits":true,"CPUCFSQuotaPeriod":100000000,"TopologyManagerPolicy":"none","TopologyManagerPolicyOptions":null} Feb 9 12:32:27.017153 kubelet[2604]: I0209 12:32:27.017101 2604 topology_manager.go:138] "Creating topology manager with none policy" Feb 9 12:32:27.017153 kubelet[2604]: I0209 12:32:27.017106 2604 container_manager_linux.go:301] "Creating device plugin manager" Feb 9 12:32:27.017153 kubelet[2604]: I0209 12:32:27.017126 2604 state_mem.go:36] "Initialized new in-memory state store" Feb 9 12:32:27.017210 kubelet[2604]: I0209 12:32:27.017166 2604 kubelet.go:393] "Attempting to sync node with API server" Feb 9 12:32:27.017210 kubelet[2604]: I0209 12:32:27.017173 2604 kubelet.go:298] "Adding static pod path" path="/etc/kubernetes/manifests" Feb 9 12:32:27.017210 kubelet[2604]: I0209 12:32:27.017186 2604 kubelet.go:309] "Adding apiserver pod source" Feb 9 12:32:27.017210 kubelet[2604]: I0209 12:32:27.017195 2604 apiserver.go:42] "Waiting for node sync before watching apiserver pods" Feb 9 12:32:27.017514 kubelet[2604]: I0209 12:32:27.017504 2604 kuberuntime_manager.go:257] "Container runtime initialized" containerRuntime="containerd" version="1.6.16" apiVersion="v1" Feb 9 12:32:27.017846 kubelet[2604]: I0209 12:32:27.017838 2604 server.go:1232] "Started kubelet" Feb 9 12:32:27.017917 kubelet[2604]: I0209 12:32:27.017909 2604 server.go:162] "Starting to listen" address="0.0.0.0" port=10250 Feb 9 12:32:27.017940 kubelet[2604]: I0209 12:32:27.017927 2604 ratelimit.go:65] "Setting rate limiting for podresources endpoint" qps=100 burstTokens=10 Feb 9 12:32:27.018161 kubelet[2604]: I0209 12:32:27.018150 2604 server.go:233] "Starting to serve the podresources API" endpoint="unix:/var/lib/kubelet/pod-resources/kubelet.sock" Feb 9 12:32:27.018479 kubelet[2604]: E0209 12:32:27.018464 2604 cri_stats_provider.go:448] "Failed to get the info of the filesystem with mountpoint" err="unable to find data in memory cache" mountpoint="/var/lib/containerd/io.containerd.snapshotter.v1.overlayfs" Feb 9 12:32:27.018525 kubelet[2604]: E0209 12:32:27.018483 2604 kubelet.go:1431] "Image garbage collection failed once. Stats initialization may not have completed yet" err="invalid capacity 0 on image filesystem" Feb 9 12:32:27.019369 kubelet[2604]: I0209 12:32:27.019359 2604 server.go:462] "Adding debug handlers to kubelet server" Feb 9 12:32:27.018000 audit[2604]: AVC avc: denied { mac_admin } for pid=2604 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:27.018000 audit: SELINUX_ERR op=setxattr invalid_context="system_u:object_r:container_file_t:s0" Feb 9 12:32:27.018000 audit[2604]: SYSCALL arch=c000003e syscall=188 success=no exit=-22 a0=c000676900 a1=c0005703f0 a2=c0006768d0 a3=25 items=0 ppid=1 pid=2604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/opt/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:27.018000 audit: PROCTITLE proctitle=2F6F70742F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 Feb 9 12:32:27.018000 audit[2604]: AVC avc: denied { mac_admin } for pid=2604 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:27.018000 audit: SELINUX_ERR op=setxattr invalid_context="system_u:object_r:container_file_t:s0" Feb 9 12:32:27.018000 audit[2604]: SYSCALL arch=c000003e syscall=188 success=no exit=-22 a0=c000a9a2a0 a1=c000570408 a2=c000676990 a3=25 items=0 ppid=1 pid=2604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/opt/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:27.018000 audit: PROCTITLE proctitle=2F6F70742F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 Feb 9 12:32:27.019726 kubelet[2604]: I0209 12:32:27.019388 2604 kubelet.go:1386] "Unprivileged containerized plugins might not work, could not set selinux context on plugin registration dir" path="/var/lib/kubelet/plugins_registry" err="setxattr /var/lib/kubelet/plugins_registry: invalid argument" Feb 9 12:32:27.019726 kubelet[2604]: I0209 12:32:27.019407 2604 kubelet.go:1390] "Unprivileged containerized plugins might not work, could not set selinux context on plugins dir" path="/var/lib/kubelet/plugins" err="setxattr /var/lib/kubelet/plugins: invalid argument" Feb 9 12:32:27.019726 kubelet[2604]: I0209 12:32:27.019422 2604 fs_resource_analyzer.go:67] "Starting FS ResourceAnalyzer" Feb 9 12:32:27.019726 kubelet[2604]: I0209 12:32:27.019442 2604 volume_manager.go:291] "Starting Kubelet Volume Manager" Feb 9 12:32:27.019726 kubelet[2604]: E0209 12:32:27.019468 2604 kubelet_node_status.go:458] "Error getting the current node from lister" err="node \"ci-3510.3.2-a-260490bd8e\" not found" Feb 9 12:32:27.019726 kubelet[2604]: I0209 12:32:27.019468 2604 desired_state_of_world_populator.go:151] "Desired state populator starts to run" Feb 9 12:32:27.019726 kubelet[2604]: I0209 12:32:27.019540 2604 reconciler_new.go:29] "Reconciler: start to sync state" Feb 9 12:32:27.023386 kubelet[2604]: I0209 12:32:27.023373 2604 kubelet_network_linux.go:50] "Initialized iptables rules." protocol="IPv4" Feb 9 12:32:27.024221 kubelet[2604]: I0209 12:32:27.024206 2604 kubelet_network_linux.go:50] "Initialized iptables rules." protocol="IPv6" Feb 9 12:32:27.024292 kubelet[2604]: I0209 12:32:27.024237 2604 status_manager.go:217] "Starting to sync pod status with apiserver" Feb 9 12:32:27.024292 kubelet[2604]: I0209 12:32:27.024259 2604 kubelet.go:2303] "Starting kubelet main sync loop" Feb 9 12:32:27.024344 kubelet[2604]: E0209 12:32:27.024304 2604 kubelet.go:2327] "Skipping pod synchronization" err="[container runtime status check may not have completed yet, PLEG is not healthy: pleg has yet to be successful]" Feb 9 12:32:27.039014 kubelet[2604]: I0209 12:32:27.038980 2604 cpu_manager.go:214] "Starting CPU manager" policy="none" Feb 9 12:32:27.039014 kubelet[2604]: I0209 12:32:27.038990 2604 cpu_manager.go:215] "Reconciling" reconcilePeriod="10s" Feb 9 12:32:27.039014 kubelet[2604]: I0209 12:32:27.038998 2604 state_mem.go:36] "Initialized new in-memory state store" Feb 9 12:32:27.039130 kubelet[2604]: I0209 12:32:27.039080 2604 state_mem.go:88] "Updated default CPUSet" cpuSet="" Feb 9 12:32:27.039130 kubelet[2604]: I0209 12:32:27.039093 2604 state_mem.go:96] "Updated CPUSet assignments" assignments={} Feb 9 12:32:27.039130 kubelet[2604]: I0209 12:32:27.039096 2604 policy_none.go:49] "None policy: Start" Feb 9 12:32:27.039461 kubelet[2604]: I0209 12:32:27.039426 2604 memory_manager.go:169] "Starting memorymanager" policy="None" Feb 9 12:32:27.039461 kubelet[2604]: I0209 12:32:27.039436 2604 state_mem.go:35] "Initializing new in-memory state store" Feb 9 12:32:27.039510 kubelet[2604]: I0209 12:32:27.039495 2604 state_mem.go:75] "Updated machine memory state" Feb 9 12:32:27.041297 kubelet[2604]: I0209 12:32:27.041271 2604 manager.go:471] "Failed to read data from checkpoint" checkpoint="kubelet_internal_checkpoint" err="checkpoint is not found" Feb 9 12:32:27.040000 audit[2604]: AVC avc: denied { mac_admin } for pid=2604 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:27.040000 audit: SELINUX_ERR op=setxattr invalid_context="system_u:object_r:container_file_t:s0" Feb 9 12:32:27.040000 audit[2604]: SYSCALL arch=c000003e syscall=188 success=no exit=-22 a0=c001102a50 a1=c000ff9bf0 a2=c001102a20 a3=25 items=0 ppid=1 pid=2604 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/opt/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:27.040000 audit: PROCTITLE proctitle=2F6F70742F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 Feb 9 12:32:27.041447 kubelet[2604]: I0209 12:32:27.041305 2604 server.go:88] "Unprivileged containerized plugins might not work. Could not set selinux context on socket dir" path="/var/lib/kubelet/device-plugins/" err="setxattr /var/lib/kubelet/device-plugins/: invalid argument" Feb 9 12:32:27.041447 kubelet[2604]: I0209 12:32:27.041422 2604 plugin_manager.go:118] "Starting Kubelet Plugin Manager" Feb 9 12:32:27.124702 kubelet[2604]: I0209 12:32:27.124602 2604 topology_manager.go:215] "Topology Admit Handler" podUID="6a767ef805e5d5e36c96c93631fd2a26" podNamespace="kube-system" podName="kube-apiserver-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:27.124957 kubelet[2604]: I0209 12:32:27.124822 2604 topology_manager.go:215] "Topology Admit Handler" podUID="eff92a695d2caca746ff631dfa5da5d7" podNamespace="kube-system" podName="kube-controller-manager-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:27.124957 kubelet[2604]: I0209 12:32:27.124931 2604 topology_manager.go:215] "Topology Admit Handler" podUID="35b68acd48b36a2481c968623e909753" podNamespace="kube-system" podName="kube-scheduler-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:27.126331 kubelet[2604]: I0209 12:32:27.126251 2604 kubelet_node_status.go:70] "Attempting to register node" node="ci-3510.3.2-a-260490bd8e" Feb 9 12:32:27.150123 kubelet[2604]: W0209 12:32:27.150043 2604 warnings.go:70] metadata.name: this is used in the Pod's hostname, which can result in surprising behavior; a DNS label is recommended: [must not contain dots] Feb 9 12:32:27.151494 kubelet[2604]: W0209 12:32:27.151434 2604 warnings.go:70] metadata.name: this is used in the Pod's hostname, which can result in surprising behavior; a DNS label is recommended: [must not contain dots] Feb 9 12:32:27.151745 kubelet[2604]: W0209 12:32:27.151521 2604 warnings.go:70] metadata.name: this is used in the Pod's hostname, which can result in surprising behavior; a DNS label is recommended: [must not contain dots] Feb 9 12:32:27.151745 kubelet[2604]: E0209 12:32:27.151568 2604 kubelet.go:1890] "Failed creating a mirror pod for" err="pods \"kube-apiserver-ci-3510.3.2-a-260490bd8e\" already exists" pod="kube-system/kube-apiserver-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:27.151745 kubelet[2604]: E0209 12:32:27.151694 2604 kubelet.go:1890] "Failed creating a mirror pod for" err="pods \"kube-scheduler-ci-3510.3.2-a-260490bd8e\" already exists" pod="kube-system/kube-scheduler-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:27.155878 kubelet[2604]: I0209 12:32:27.155798 2604 kubelet_node_status.go:108] "Node was previously registered" node="ci-3510.3.2-a-260490bd8e" Feb 9 12:32:27.156052 kubelet[2604]: I0209 12:32:27.155967 2604 kubelet_node_status.go:73] "Successfully registered node" node="ci-3510.3.2-a-260490bd8e" Feb 9 12:32:27.221284 kubelet[2604]: I0209 12:32:27.221245 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"k8s-certs\" (UniqueName: \"kubernetes.io/host-path/6a767ef805e5d5e36c96c93631fd2a26-k8s-certs\") pod \"kube-apiserver-ci-3510.3.2-a-260490bd8e\" (UID: \"6a767ef805e5d5e36c96c93631fd2a26\") " pod="kube-system/kube-apiserver-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:27.221284 kubelet[2604]: I0209 12:32:27.221277 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"usr-share-ca-certificates\" (UniqueName: \"kubernetes.io/host-path/6a767ef805e5d5e36c96c93631fd2a26-usr-share-ca-certificates\") pod \"kube-apiserver-ci-3510.3.2-a-260490bd8e\" (UID: \"6a767ef805e5d5e36c96c93631fd2a26\") " pod="kube-system/kube-apiserver-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:27.221284 kubelet[2604]: I0209 12:32:27.221292 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"ca-certs\" (UniqueName: \"kubernetes.io/host-path/eff92a695d2caca746ff631dfa5da5d7-ca-certs\") pod \"kube-controller-manager-ci-3510.3.2-a-260490bd8e\" (UID: \"eff92a695d2caca746ff631dfa5da5d7\") " pod="kube-system/kube-controller-manager-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:27.221416 kubelet[2604]: I0209 12:32:27.221308 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"k8s-certs\" (UniqueName: \"kubernetes.io/host-path/eff92a695d2caca746ff631dfa5da5d7-k8s-certs\") pod \"kube-controller-manager-ci-3510.3.2-a-260490bd8e\" (UID: \"eff92a695d2caca746ff631dfa5da5d7\") " pod="kube-system/kube-controller-manager-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:27.221416 kubelet[2604]: I0209 12:32:27.221322 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"kubeconfig\" (UniqueName: \"kubernetes.io/host-path/eff92a695d2caca746ff631dfa5da5d7-kubeconfig\") pod \"kube-controller-manager-ci-3510.3.2-a-260490bd8e\" (UID: \"eff92a695d2caca746ff631dfa5da5d7\") " pod="kube-system/kube-controller-manager-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:27.221416 kubelet[2604]: I0209 12:32:27.221335 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"usr-share-ca-certificates\" (UniqueName: \"kubernetes.io/host-path/eff92a695d2caca746ff631dfa5da5d7-usr-share-ca-certificates\") pod \"kube-controller-manager-ci-3510.3.2-a-260490bd8e\" (UID: \"eff92a695d2caca746ff631dfa5da5d7\") " pod="kube-system/kube-controller-manager-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:27.221416 kubelet[2604]: I0209 12:32:27.221347 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"ca-certs\" (UniqueName: \"kubernetes.io/host-path/6a767ef805e5d5e36c96c93631fd2a26-ca-certs\") pod \"kube-apiserver-ci-3510.3.2-a-260490bd8e\" (UID: \"6a767ef805e5d5e36c96c93631fd2a26\") " pod="kube-system/kube-apiserver-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:27.221416 kubelet[2604]: I0209 12:32:27.221375 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"flexvolume-dir\" (UniqueName: \"kubernetes.io/host-path/eff92a695d2caca746ff631dfa5da5d7-flexvolume-dir\") pod \"kube-controller-manager-ci-3510.3.2-a-260490bd8e\" (UID: \"eff92a695d2caca746ff631dfa5da5d7\") " pod="kube-system/kube-controller-manager-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:27.221500 kubelet[2604]: I0209 12:32:27.221398 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"kubeconfig\" (UniqueName: \"kubernetes.io/host-path/35b68acd48b36a2481c968623e909753-kubeconfig\") pod \"kube-scheduler-ci-3510.3.2-a-260490bd8e\" (UID: \"35b68acd48b36a2481c968623e909753\") " pod="kube-system/kube-scheduler-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:28.011368 sshd[2520]: Failed password for invalid user fernanlo from 135.125.161.64 port 59884 ssh2 Feb 9 12:32:28.017870 kubelet[2604]: I0209 12:32:28.017829 2604 apiserver.go:52] "Watching apiserver" Feb 9 12:32:28.019953 kubelet[2604]: I0209 12:32:28.019914 2604 desired_state_of_world_populator.go:159] "Finished populating initial desired state of world" Feb 9 12:32:28.033187 kubelet[2604]: W0209 12:32:28.033175 2604 warnings.go:70] metadata.name: this is used in the Pod's hostname, which can result in surprising behavior; a DNS label is recommended: [must not contain dots] Feb 9 12:32:28.033254 kubelet[2604]: E0209 12:32:28.033218 2604 kubelet.go:1890] "Failed creating a mirror pod for" err="pods \"kube-apiserver-ci-3510.3.2-a-260490bd8e\" already exists" pod="kube-system/kube-apiserver-ci-3510.3.2-a-260490bd8e" Feb 9 12:32:28.053543 kubelet[2604]: I0209 12:32:28.053489 2604 pod_startup_latency_tracker.go:102] "Observed pod startup duration" pod="kube-system/kube-apiserver-ci-3510.3.2-a-260490bd8e" podStartSLOduration=2.053454334 podCreationTimestamp="2024-02-09 12:32:26 +0000 UTC" firstStartedPulling="0001-01-01 00:00:00 +0000 UTC" lastFinishedPulling="0001-01-01 00:00:00 +0000 UTC" observedRunningTime="2024-02-09 12:32:28.046944156 +0000 UTC m=+1.074431358" watchObservedRunningTime="2024-02-09 12:32:28.053454334 +0000 UTC m=+1.080941536" Feb 9 12:32:28.058989 kubelet[2604]: I0209 12:32:28.058942 2604 pod_startup_latency_tracker.go:102] "Observed pod startup duration" pod="kube-system/kube-controller-manager-ci-3510.3.2-a-260490bd8e" podStartSLOduration=1.058916759 podCreationTimestamp="2024-02-09 12:32:27 +0000 UTC" firstStartedPulling="0001-01-01 00:00:00 +0000 UTC" lastFinishedPulling="0001-01-01 00:00:00 +0000 UTC" observedRunningTime="2024-02-09 12:32:28.05361511 +0000 UTC m=+1.081102305" watchObservedRunningTime="2024-02-09 12:32:28.058916759 +0000 UTC m=+1.086403957" Feb 9 12:32:28.065645 kubelet[2604]: I0209 12:32:28.065621 2604 pod_startup_latency_tracker.go:102] "Observed pod startup duration" pod="kube-system/kube-scheduler-ci-3510.3.2-a-260490bd8e" podStartSLOduration=3.065586701 podCreationTimestamp="2024-02-09 12:32:25 +0000 UTC" firstStartedPulling="0001-01-01 00:00:00 +0000 UTC" lastFinishedPulling="0001-01-01 00:00:00 +0000 UTC" observedRunningTime="2024-02-09 12:32:28.05896432 +0000 UTC m=+1.086451526" watchObservedRunningTime="2024-02-09 12:32:28.065586701 +0000 UTC m=+1.093073899" Feb 9 12:32:28.192000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/opt/libexec/kubernetes/kubelet-plugins/volume/exec" dev="sda9" ino=521038 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:usr_t:s0 tclass=dir permissive=0 Feb 9 12:32:28.234794 kernel: kauditd_printk_skb: 625 callbacks suppressed Feb 9 12:32:28.234865 kernel: audit: type=1400 audit(1707481948.192:958): avc: denied { watch } for pid=2396 comm="kube-controller" path="/opt/libexec/kubernetes/kubelet-plugins/volume/exec" dev="sda9" ino=521038 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:usr_t:s0 tclass=dir permissive=0 Feb 9 12:32:28.261980 sshd[2520]: Received disconnect from 135.125.161.64 port 59884:11: Bye Bye [preauth] Feb 9 12:32:28.261980 sshd[2520]: Disconnected from invalid user fernanlo 135.125.161.64 port 59884 [preauth] Feb 9 12:32:28.262630 systemd[1]: sshd@10-86.109.11.101:22-135.125.161.64:59884.service: Deactivated successfully. Feb 9 12:32:28.192000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=8 a1=c000a22cc0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:32:28.447653 kernel: audit: type=1300 audit(1707481948.192:958): arch=c000003e syscall=254 success=no exit=-13 a0=8 a1=c000a22cc0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:32:28.447683 kernel: audit: type=1327 audit(1707481948.192:958): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:32:28.192000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:32:28.539497 kernel: audit: type=1131 audit(1707481948.261:959): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@10-86.109.11.101:22-135.125.161.64:59884 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:28.261000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@10-86.109.11.101:22-135.125.161.64:59884 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:32.613111 sudo[1634]: pam_unix(sudo:session): session closed for user root Feb 9 12:32:32.611000 audit[1634]: USER_END pid=1634 uid=500 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' Feb 9 12:32:32.612000 audit[1634]: CRED_DISP pid=1634 uid=500 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' Feb 9 12:32:32.701406 sshd[1631]: pam_unix(sshd:session): session closed for user core Feb 9 12:32:32.702831 systemd[1]: sshd@6-86.109.11.101:22-147.75.109.163:56212.service: Deactivated successfully. Feb 9 12:32:32.703212 systemd[1]: session-9.scope: Deactivated successfully. Feb 9 12:32:32.703302 systemd[1]: session-9.scope: Consumed 3.457s CPU time. Feb 9 12:32:32.703598 systemd-logind[1465]: Session 9 logged out. Waiting for processes to exit. Feb 9 12:32:32.704082 systemd-logind[1465]: Removed session 9. Feb 9 12:32:32.786640 kernel: audit: type=1106 audit(1707481952.611:960): pid=1634 uid=500 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' Feb 9 12:32:32.786687 kernel: audit: type=1104 audit(1707481952.612:961): pid=1634 uid=500 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' Feb 9 12:32:32.786711 kernel: audit: type=1106 audit(1707481952.700:962): pid=1631 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:32:32.700000 audit[1631]: USER_END pid=1631 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:32:32.880767 kernel: audit: type=1104 audit(1707481952.700:963): pid=1631 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:32:32.700000 audit[1631]: CRED_DISP pid=1631 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:32:32.968708 kernel: audit: type=1131 audit(1707481952.701:964): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@6-86.109.11.101:22-147.75.109.163:56212 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:32.701000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@6-86.109.11.101:22-147.75.109.163:56212 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:35.181440 update_engine[1467]: I0209 12:32:35.181318 1467 update_attempter.cc:509] Updating boot flags... Feb 9 12:32:39.216000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:32:39.246584 systemd[1]: Started sshd@11-86.109.11.101:22-43.153.64.49:50576.service. Feb 9 12:32:39.216000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0000a8340 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:32:39.427443 kernel: audit: type=1400 audit(1707481959.216:965): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:32:39.427484 kernel: audit: type=1300 audit(1707481959.216:965): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0000a8340 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:32:39.427503 kernel: audit: type=1327 audit(1707481959.216:965): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:32:39.216000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:32:39.493560 sshd[2779]: Invalid user muto from 43.153.64.49 port 50576 Feb 9 12:32:39.494698 sshd[2779]: pam_faillock(sshd:auth): User unknown Feb 9 12:32:39.494894 sshd[2779]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:32:39.494910 sshd[2779]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.153.64.49 Feb 9 12:32:39.495092 sshd[2779]: pam_faillock(sshd:auth): User unknown Feb 9 12:32:39.519627 kernel: audit: type=1400 audit(1707481959.217:966): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:32:39.217000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:32:39.608544 kernel: audit: type=1300 audit(1707481959.217:966): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001382080 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:32:39.217000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001382080 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:32:39.217000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:32:39.810550 kubelet[2604]: I0209 12:32:39.810511 2604 kuberuntime_manager.go:1463] "Updating runtime config through cri with podcidr" CIDR="192.168.0.0/24" Feb 9 12:32:39.810783 env[1477]: time="2024-02-09T12:32:39.810740455Z" level=info msg="No cni config template is specified, wait for other system components to drop the config." Feb 9 12:32:39.810912 kubelet[2604]: I0209 12:32:39.810825 2604 kubelet_network.go:61] "Updating Pod CIDR" originalPodCIDR="" newPodCIDR="192.168.0.0/24" Feb 9 12:32:39.821996 kernel: audit: type=1327 audit(1707481959.217:966): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:32:39.822026 kernel: audit: type=1400 audit(1707481959.218:967): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:32:39.218000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:32:39.218000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001382180 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:32:40.035024 kernel: audit: type=1300 audit(1707481959.218:967): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001382180 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:32:39.218000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:32:40.129518 kernel: audit: type=1327 audit(1707481959.218:967): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:32:40.129581 kernel: audit: type=1400 audit(1707481959.220:968): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:32:39.220000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:32:39.220000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0012b48c0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:32:39.220000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:32:39.245000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@11-86.109.11.101:22-43.153.64.49:50576 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:39.493000 audit[2779]: USER_AUTH pid=2779 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="muto" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:32:40.525848 kubelet[2604]: I0209 12:32:40.525680 2604 topology_manager.go:215] "Topology Admit Handler" podUID="810b29d0-c0b6-4fd5-9bd9-2a59908b56bb" podNamespace="kube-system" podName="kube-proxy-4dmmf" Feb 9 12:32:40.539024 systemd[1]: Created slice kubepods-besteffort-pod810b29d0_c0b6_4fd5_9bd9_2a59908b56bb.slice. Feb 9 12:32:40.608187 kubelet[2604]: I0209 12:32:40.608097 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"xtables-lock\" (UniqueName: \"kubernetes.io/host-path/810b29d0-c0b6-4fd5-9bd9-2a59908b56bb-xtables-lock\") pod \"kube-proxy-4dmmf\" (UID: \"810b29d0-c0b6-4fd5-9bd9-2a59908b56bb\") " pod="kube-system/kube-proxy-4dmmf" Feb 9 12:32:40.608187 kubelet[2604]: I0209 12:32:40.608193 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"kube-api-access-m5f27\" (UniqueName: \"kubernetes.io/projected/810b29d0-c0b6-4fd5-9bd9-2a59908b56bb-kube-api-access-m5f27\") pod \"kube-proxy-4dmmf\" (UID: \"810b29d0-c0b6-4fd5-9bd9-2a59908b56bb\") " pod="kube-system/kube-proxy-4dmmf" Feb 9 12:32:40.608556 kubelet[2604]: I0209 12:32:40.608331 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"kube-proxy\" (UniqueName: \"kubernetes.io/configmap/810b29d0-c0b6-4fd5-9bd9-2a59908b56bb-kube-proxy\") pod \"kube-proxy-4dmmf\" (UID: \"810b29d0-c0b6-4fd5-9bd9-2a59908b56bb\") " pod="kube-system/kube-proxy-4dmmf" Feb 9 12:32:40.608556 kubelet[2604]: I0209 12:32:40.608415 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"lib-modules\" (UniqueName: \"kubernetes.io/host-path/810b29d0-c0b6-4fd5-9bd9-2a59908b56bb-lib-modules\") pod \"kube-proxy-4dmmf\" (UID: \"810b29d0-c0b6-4fd5-9bd9-2a59908b56bb\") " pod="kube-system/kube-proxy-4dmmf" Feb 9 12:32:40.851883 kubelet[2604]: I0209 12:32:40.851818 2604 topology_manager.go:215] "Topology Admit Handler" podUID="e86d8953-e7b9-413f-89f3-b64c4210a7e9" podNamespace="tigera-operator" podName="tigera-operator-55585899bf-kdqkx" Feb 9 12:32:40.858402 env[1477]: time="2024-02-09T12:32:40.858311770Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:kube-proxy-4dmmf,Uid:810b29d0-c0b6-4fd5-9bd9-2a59908b56bb,Namespace:kube-system,Attempt:0,}" Feb 9 12:32:40.864349 systemd[1]: Created slice kubepods-besteffort-pode86d8953_e7b9_413f_89f3_b64c4210a7e9.slice. Feb 9 12:32:40.910562 kubelet[2604]: I0209 12:32:40.910472 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"kube-api-access-8cvc4\" (UniqueName: \"kubernetes.io/projected/e86d8953-e7b9-413f-89f3-b64c4210a7e9-kube-api-access-8cvc4\") pod \"tigera-operator-55585899bf-kdqkx\" (UID: \"e86d8953-e7b9-413f-89f3-b64c4210a7e9\") " pod="tigera-operator/tigera-operator-55585899bf-kdqkx" Feb 9 12:32:40.910798 kubelet[2604]: I0209 12:32:40.910574 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"var-lib-calico\" (UniqueName: \"kubernetes.io/host-path/e86d8953-e7b9-413f-89f3-b64c4210a7e9-var-lib-calico\") pod \"tigera-operator-55585899bf-kdqkx\" (UID: \"e86d8953-e7b9-413f-89f3-b64c4210a7e9\") " pod="tigera-operator/tigera-operator-55585899bf-kdqkx" Feb 9 12:32:41.044064 env[1477]: time="2024-02-09T12:32:41.043850259Z" level=info msg="loading plugin \"io.containerd.event.v1.publisher\"..." runtime=io.containerd.runc.v2 type=io.containerd.event.v1 Feb 9 12:32:41.044064 env[1477]: time="2024-02-09T12:32:41.043939993Z" level=info msg="loading plugin \"io.containerd.internal.v1.shutdown\"..." runtime=io.containerd.runc.v2 type=io.containerd.internal.v1 Feb 9 12:32:41.044064 env[1477]: time="2024-02-09T12:32:41.043974614Z" level=info msg="loading plugin \"io.containerd.ttrpc.v1.task\"..." runtime=io.containerd.runc.v2 type=io.containerd.ttrpc.v1 Feb 9 12:32:41.044522 env[1477]: time="2024-02-09T12:32:41.044294750Z" level=info msg="starting signal loop" namespace=k8s.io path=/run/containerd/io.containerd.runtime.v2.task/k8s.io/92a67c92a9d5d49b37bd9cfe3656d746841c7d1fecca53a675d808022ac6c349 pid=2790 runtime=io.containerd.runc.v2 Feb 9 12:32:41.084902 systemd[1]: Started cri-containerd-92a67c92a9d5d49b37bd9cfe3656d746841c7d1fecca53a675d808022ac6c349.scope. Feb 9 12:32:41.097000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.097000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.097000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.097000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.097000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.097000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.097000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.097000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.097000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.098000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.098000 audit: BPF prog-id=112 op=LOAD Feb 9 12:32:41.098000 audit[2801]: AVC avc: denied { bpf } for pid=2801 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.098000 audit[2801]: SYSCALL arch=c000003e syscall=321 success=yes exit=0 a0=f a1=c000145c48 a2=10 a3=1c items=0 ppid=2790 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.098000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3932613637633932613964356434396233376264396366653336353664 Feb 9 12:32:41.098000 audit[2801]: AVC avc: denied { perfmon } for pid=2801 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.098000 audit[2801]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c0001456b0 a2=3c a3=c items=0 ppid=2790 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.098000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3932613637633932613964356434396233376264396366653336353664 Feb 9 12:32:41.098000 audit[2801]: AVC avc: denied { bpf } for pid=2801 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.098000 audit[2801]: AVC avc: denied { bpf } for pid=2801 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.098000 audit[2801]: AVC avc: denied { bpf } for pid=2801 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.098000 audit[2801]: AVC avc: denied { perfmon } for pid=2801 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.098000 audit[2801]: AVC avc: denied { perfmon } for pid=2801 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.098000 audit[2801]: AVC avc: denied { perfmon } for pid=2801 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.098000 audit[2801]: AVC avc: denied { perfmon } for pid=2801 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.098000 audit[2801]: AVC avc: denied { perfmon } for pid=2801 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.098000 audit[2801]: AVC avc: denied { bpf } for pid=2801 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.098000 audit[2801]: AVC avc: denied { bpf } for pid=2801 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.098000 audit: BPF prog-id=113 op=LOAD Feb 9 12:32:41.098000 audit[2801]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c0001459d8 a2=78 a3=c0003b09d0 items=0 ppid=2790 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.098000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3932613637633932613964356434396233376264396366653336353664 Feb 9 12:32:41.099000 audit[2801]: AVC avc: denied { bpf } for pid=2801 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.099000 audit[2801]: AVC avc: denied { bpf } for pid=2801 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.099000 audit[2801]: AVC avc: denied { perfmon } for pid=2801 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.099000 audit[2801]: AVC avc: denied { perfmon } for pid=2801 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.099000 audit[2801]: AVC avc: denied { perfmon } for pid=2801 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.099000 audit[2801]: AVC avc: denied { perfmon } for pid=2801 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.099000 audit[2801]: AVC avc: denied { perfmon } for pid=2801 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.099000 audit[2801]: AVC avc: denied { bpf } for pid=2801 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.099000 audit[2801]: AVC avc: denied { bpf } for pid=2801 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.099000 audit: BPF prog-id=114 op=LOAD Feb 9 12:32:41.099000 audit[2801]: SYSCALL arch=c000003e syscall=321 success=yes exit=17 a0=5 a1=c000145770 a2=78 a3=c0003b0a18 items=0 ppid=2790 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.099000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3932613637633932613964356434396233376264396366653336353664 Feb 9 12:32:41.099000 audit: BPF prog-id=114 op=UNLOAD Feb 9 12:32:41.099000 audit: BPF prog-id=113 op=UNLOAD Feb 9 12:32:41.099000 audit[2801]: AVC avc: denied { bpf } for pid=2801 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.099000 audit[2801]: AVC avc: denied { bpf } for pid=2801 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.099000 audit[2801]: AVC avc: denied { bpf } for pid=2801 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.099000 audit[2801]: AVC avc: denied { perfmon } for pid=2801 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.099000 audit[2801]: AVC avc: denied { perfmon } for pid=2801 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.099000 audit[2801]: AVC avc: denied { perfmon } for pid=2801 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.099000 audit[2801]: AVC avc: denied { perfmon } for pid=2801 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.099000 audit[2801]: AVC avc: denied { perfmon } for pid=2801 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.099000 audit[2801]: AVC avc: denied { bpf } for pid=2801 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.099000 audit[2801]: AVC avc: denied { bpf } for pid=2801 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.099000 audit: BPF prog-id=115 op=LOAD Feb 9 12:32:41.099000 audit[2801]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c000145c30 a2=78 a3=c0003b0e28 items=0 ppid=2790 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.099000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3932613637633932613964356434396233376264396366653336353664 Feb 9 12:32:41.124187 env[1477]: time="2024-02-09T12:32:41.124115426Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:kube-proxy-4dmmf,Uid:810b29d0-c0b6-4fd5-9bd9-2a59908b56bb,Namespace:kube-system,Attempt:0,} returns sandbox id \"92a67c92a9d5d49b37bd9cfe3656d746841c7d1fecca53a675d808022ac6c349\"" Feb 9 12:32:41.126980 env[1477]: time="2024-02-09T12:32:41.126940730Z" level=info msg="CreateContainer within sandbox \"92a67c92a9d5d49b37bd9cfe3656d746841c7d1fecca53a675d808022ac6c349\" for container &ContainerMetadata{Name:kube-proxy,Attempt:0,}" Feb 9 12:32:41.170387 env[1477]: time="2024-02-09T12:32:41.170223287Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:tigera-operator-55585899bf-kdqkx,Uid:e86d8953-e7b9-413f-89f3-b64c4210a7e9,Namespace:tigera-operator,Attempt:0,}" Feb 9 12:32:41.269002 env[1477]: time="2024-02-09T12:32:41.268874950Z" level=info msg="CreateContainer within sandbox \"92a67c92a9d5d49b37bd9cfe3656d746841c7d1fecca53a675d808022ac6c349\" for &ContainerMetadata{Name:kube-proxy,Attempt:0,} returns container id \"a80fe755deceac84f4b00c1bb14dd70b56f11fb6d1db218fa8f2dd6ac8d7972b\"" Feb 9 12:32:41.269913 env[1477]: time="2024-02-09T12:32:41.269816456Z" level=info msg="StartContainer for \"a80fe755deceac84f4b00c1bb14dd70b56f11fb6d1db218fa8f2dd6ac8d7972b\"" Feb 9 12:32:41.282122 env[1477]: time="2024-02-09T12:32:41.281955014Z" level=info msg="loading plugin \"io.containerd.event.v1.publisher\"..." runtime=io.containerd.runc.v2 type=io.containerd.event.v1 Feb 9 12:32:41.282122 env[1477]: time="2024-02-09T12:32:41.282039937Z" level=info msg="loading plugin \"io.containerd.internal.v1.shutdown\"..." runtime=io.containerd.runc.v2 type=io.containerd.internal.v1 Feb 9 12:32:41.282122 env[1477]: time="2024-02-09T12:32:41.282075180Z" level=info msg="loading plugin \"io.containerd.ttrpc.v1.task\"..." runtime=io.containerd.runc.v2 type=io.containerd.ttrpc.v1 Feb 9 12:32:41.282575 env[1477]: time="2024-02-09T12:32:41.282454081Z" level=info msg="starting signal loop" namespace=k8s.io path=/run/containerd/io.containerd.runtime.v2.task/k8s.io/305d28d7edf65c3f961a9fe626b6ebcb43874d99982e2e30e5b3b6b5dfdd31a5 pid=2835 runtime=io.containerd.runc.v2 Feb 9 12:32:41.308512 systemd[1]: Started cri-containerd-305d28d7edf65c3f961a9fe626b6ebcb43874d99982e2e30e5b3b6b5dfdd31a5.scope. Feb 9 12:32:41.318750 systemd[1]: Started cri-containerd-a80fe755deceac84f4b00c1bb14dd70b56f11fb6d1db218fa8f2dd6ac8d7972b.scope. Feb 9 12:32:41.333000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.333000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.333000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.333000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.333000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.333000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.333000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.333000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.333000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.333000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.333000 audit: BPF prog-id=116 op=LOAD Feb 9 12:32:41.335000 audit[2849]: AVC avc: denied { bpf } for pid=2849 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.335000 audit[2849]: SYSCALL arch=c000003e syscall=321 success=yes exit=0 a0=f a1=c000145c48 a2=10 a3=1c items=0 ppid=2835 pid=2849 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.335000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3330356432386437656466363563336639363161396665363236623665 Feb 9 12:32:41.335000 audit[2849]: AVC avc: denied { perfmon } for pid=2849 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.335000 audit[2849]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c0001456b0 a2=3c a3=c items=0 ppid=2835 pid=2849 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.335000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3330356432386437656466363563336639363161396665363236623665 Feb 9 12:32:41.335000 audit[2849]: AVC avc: denied { bpf } for pid=2849 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.335000 audit[2849]: AVC avc: denied { bpf } for pid=2849 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.335000 audit[2849]: AVC avc: denied { bpf } for pid=2849 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.335000 audit[2849]: AVC avc: denied { perfmon } for pid=2849 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.335000 audit[2849]: AVC avc: denied { perfmon } for pid=2849 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.335000 audit[2849]: AVC avc: denied { perfmon } for pid=2849 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.335000 audit[2849]: AVC avc: denied { perfmon } for pid=2849 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.335000 audit[2849]: AVC avc: denied { perfmon } for pid=2849 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.335000 audit[2849]: AVC avc: denied { bpf } for pid=2849 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.335000 audit[2849]: AVC avc: denied { bpf } for pid=2849 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.335000 audit: BPF prog-id=117 op=LOAD Feb 9 12:32:41.335000 audit[2849]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c0001459d8 a2=78 a3=c000399590 items=0 ppid=2835 pid=2849 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.335000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3330356432386437656466363563336639363161396665363236623665 Feb 9 12:32:41.335000 audit[2849]: AVC avc: denied { bpf } for pid=2849 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.335000 audit[2849]: AVC avc: denied { bpf } for pid=2849 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.335000 audit[2849]: AVC avc: denied { perfmon } for pid=2849 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.335000 audit[2849]: AVC avc: denied { perfmon } for pid=2849 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.335000 audit[2849]: AVC avc: denied { perfmon } for pid=2849 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.335000 audit[2849]: AVC avc: denied { perfmon } for pid=2849 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.335000 audit[2849]: AVC avc: denied { perfmon } for pid=2849 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.335000 audit[2849]: AVC avc: denied { bpf } for pid=2849 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.335000 audit[2849]: AVC avc: denied { bpf } for pid=2849 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.335000 audit: BPF prog-id=118 op=LOAD Feb 9 12:32:41.335000 audit[2849]: SYSCALL arch=c000003e syscall=321 success=yes exit=17 a0=5 a1=c000145770 a2=78 a3=c0003995d8 items=0 ppid=2835 pid=2849 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.335000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3330356432386437656466363563336639363161396665363236623665 Feb 9 12:32:41.335000 audit: BPF prog-id=118 op=UNLOAD Feb 9 12:32:41.336000 audit: BPF prog-id=117 op=UNLOAD Feb 9 12:32:41.336000 audit[2849]: AVC avc: denied { bpf } for pid=2849 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.336000 audit[2849]: AVC avc: denied { bpf } for pid=2849 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.336000 audit[2849]: AVC avc: denied { bpf } for pid=2849 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.336000 audit[2849]: AVC avc: denied { perfmon } for pid=2849 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.336000 audit[2849]: AVC avc: denied { perfmon } for pid=2849 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.336000 audit[2849]: AVC avc: denied { perfmon } for pid=2849 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.336000 audit[2849]: AVC avc: denied { perfmon } for pid=2849 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.336000 audit[2849]: AVC avc: denied { perfmon } for pid=2849 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.336000 audit[2849]: AVC avc: denied { bpf } for pid=2849 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.336000 audit[2849]: AVC avc: denied { bpf } for pid=2849 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.336000 audit: BPF prog-id=119 op=LOAD Feb 9 12:32:41.336000 audit[2849]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c000145c30 a2=78 a3=c0003999e8 items=0 ppid=2835 pid=2849 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.336000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3330356432386437656466363563336639363161396665363236623665 Feb 9 12:32:41.353000 audit[2847]: AVC avc: denied { perfmon } for pid=2847 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.353000 audit[2847]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c0001976b0 a2=3c a3=8 items=0 ppid=2790 pid=2847 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.353000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6138306665373535646563656163383466346230306331626231346464 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { bpf } for pid=2847 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { bpf } for pid=2847 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { bpf } for pid=2847 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { perfmon } for pid=2847 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { perfmon } for pid=2847 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { perfmon } for pid=2847 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { perfmon } for pid=2847 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { perfmon } for pid=2847 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { bpf } for pid=2847 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { bpf } for pid=2847 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit: BPF prog-id=120 op=LOAD Feb 9 12:32:41.354000 audit[2847]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c0001979d8 a2=78 a3=c0000938e0 items=0 ppid=2790 pid=2847 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.354000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6138306665373535646563656163383466346230306331626231346464 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { bpf } for pid=2847 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { bpf } for pid=2847 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { perfmon } for pid=2847 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { perfmon } for pid=2847 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { perfmon } for pid=2847 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { perfmon } for pid=2847 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { perfmon } for pid=2847 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { bpf } for pid=2847 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { bpf } for pid=2847 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit: BPF prog-id=121 op=LOAD Feb 9 12:32:41.354000 audit[2847]: SYSCALL arch=c000003e syscall=321 success=yes exit=17 a0=5 a1=c000197770 a2=78 a3=c000093928 items=0 ppid=2790 pid=2847 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.354000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6138306665373535646563656163383466346230306331626231346464 Feb 9 12:32:41.354000 audit: BPF prog-id=121 op=UNLOAD Feb 9 12:32:41.354000 audit: BPF prog-id=120 op=UNLOAD Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { bpf } for pid=2847 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { bpf } for pid=2847 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { bpf } for pid=2847 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { perfmon } for pid=2847 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { perfmon } for pid=2847 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { perfmon } for pid=2847 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { perfmon } for pid=2847 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { perfmon } for pid=2847 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { bpf } for pid=2847 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit[2847]: AVC avc: denied { bpf } for pid=2847 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:41.354000 audit: BPF prog-id=122 op=LOAD Feb 9 12:32:41.354000 audit[2847]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c000197c30 a2=78 a3=c0000939b8 items=0 ppid=2790 pid=2847 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.354000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6138306665373535646563656163383466346230306331626231346464 Feb 9 12:32:41.378378 env[1477]: time="2024-02-09T12:32:41.378347519Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:tigera-operator-55585899bf-kdqkx,Uid:e86d8953-e7b9-413f-89f3-b64c4210a7e9,Namespace:tigera-operator,Attempt:0,} returns sandbox id \"305d28d7edf65c3f961a9fe626b6ebcb43874d99982e2e30e5b3b6b5dfdd31a5\"" Feb 9 12:32:41.379321 env[1477]: time="2024-02-09T12:32:41.379297202Z" level=info msg="PullImage \"quay.io/tigera/operator:v1.32.3\"" Feb 9 12:32:41.379754 env[1477]: time="2024-02-09T12:32:41.379735053Z" level=info msg="StartContainer for \"a80fe755deceac84f4b00c1bb14dd70b56f11fb6d1db218fa8f2dd6ac8d7972b\" returns successfully" Feb 9 12:32:41.412000 audit[2933]: NETFILTER_CFG table=mangle:38 family=10 entries=1 op=nft_register_chain pid=2933 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.412000 audit[2933]: SYSCALL arch=c000003e syscall=46 success=yes exit=104 a0=3 a1=7ffec018b780 a2=0 a3=7ffec018b76c items=0 ppid=2874 pid=2933 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.412000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D74006D616E676C65 Feb 9 12:32:41.413000 audit[2934]: NETFILTER_CFG table=mangle:39 family=2 entries=1 op=nft_register_chain pid=2934 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.413000 audit[2934]: SYSCALL arch=c000003e syscall=46 success=yes exit=104 a0=3 a1=7fffce952bc0 a2=0 a3=7fffce952bac items=0 ppid=2874 pid=2934 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.413000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D74006D616E676C65 Feb 9 12:32:41.413000 audit[2935]: NETFILTER_CFG table=nat:40 family=10 entries=1 op=nft_register_chain pid=2935 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.413000 audit[2935]: SYSCALL arch=c000003e syscall=46 success=yes exit=100 a0=3 a1=7ffd322ada80 a2=0 a3=7ffd322ada6c items=0 ppid=2874 pid=2935 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.413000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D74006E6174 Feb 9 12:32:41.413000 audit[2936]: NETFILTER_CFG table=nat:41 family=2 entries=1 op=nft_register_chain pid=2936 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.413000 audit[2936]: SYSCALL arch=c000003e syscall=46 success=yes exit=100 a0=3 a1=7ffd5ac90b80 a2=0 a3=7ffd5ac90b6c items=0 ppid=2874 pid=2936 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.413000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D74006E6174 Feb 9 12:32:41.414000 audit[2937]: NETFILTER_CFG table=filter:42 family=10 entries=1 op=nft_register_chain pid=2937 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.414000 audit[2937]: SYSCALL arch=c000003e syscall=46 success=yes exit=104 a0=3 a1=7ffc28806f70 a2=0 a3=7ffc28806f5c items=0 ppid=2874 pid=2937 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.414000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D740066696C746572 Feb 9 12:32:41.414000 audit[2938]: NETFILTER_CFG table=filter:43 family=2 entries=1 op=nft_register_chain pid=2938 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.414000 audit[2938]: SYSCALL arch=c000003e syscall=46 success=yes exit=104 a0=3 a1=7fffac871af0 a2=0 a3=7fffac871adc items=0 ppid=2874 pid=2938 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.414000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D740066696C746572 Feb 9 12:32:41.481431 sshd[2779]: Failed password for invalid user muto from 43.153.64.49 port 50576 ssh2 Feb 9 12:32:41.516000 audit[2939]: NETFILTER_CFG table=filter:44 family=2 entries=1 op=nft_register_chain pid=2939 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.516000 audit[2939]: SYSCALL arch=c000003e syscall=46 success=yes exit=108 a0=3 a1=7ffe0a215fd0 a2=0 a3=7ffe0a215fbc items=0 ppid=2874 pid=2939 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.516000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D45585445524E414C2D5345525649434553002D740066696C746572 Feb 9 12:32:41.521653 sshd[2779]: Received disconnect from 43.153.64.49 port 50576:11: Bye Bye [preauth] Feb 9 12:32:41.521653 sshd[2779]: Disconnected from invalid user muto 43.153.64.49 port 50576 [preauth] Feb 9 12:32:41.523937 systemd[1]: sshd@11-86.109.11.101:22-43.153.64.49:50576.service: Deactivated successfully. Feb 9 12:32:41.522000 audit[2941]: NETFILTER_CFG table=filter:45 family=2 entries=1 op=nft_register_rule pid=2941 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.522000 audit[2941]: SYSCALL arch=c000003e syscall=46 success=yes exit=752 a0=3 a1=7ffc9b087ab0 a2=0 a3=7ffc9b087a9c items=0 ppid=2874 pid=2941 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.522000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4900494E505554002D740066696C746572002D6D00636F6E6E747261636B002D2D63747374617465004E4557002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E657465732065787465726E616C6C792D76697369626C652073657276696365 Feb 9 12:32:41.523000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@11-86.109.11.101:22-43.153.64.49:50576 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:41.532000 audit[2945]: NETFILTER_CFG table=filter:46 family=2 entries=1 op=nft_register_rule pid=2945 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.532000 audit[2945]: SYSCALL arch=c000003e syscall=46 success=yes exit=752 a0=3 a1=7fffb0b68540 a2=0 a3=7fffb0b6852c items=0 ppid=2874 pid=2945 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.532000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4900464F5257415244002D740066696C746572002D6D00636F6E6E747261636B002D2D63747374617465004E4557002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E657465732065787465726E616C6C792D76697369626C65207365727669 Feb 9 12:32:41.534000 audit[2946]: NETFILTER_CFG table=filter:47 family=2 entries=1 op=nft_register_chain pid=2946 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.534000 audit[2946]: SYSCALL arch=c000003e syscall=46 success=yes exit=100 a0=3 a1=7ffdcf152520 a2=0 a3=7ffdcf15250c items=0 ppid=2874 pid=2946 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.534000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D4E4F4445504F525453002D740066696C746572 Feb 9 12:32:41.541000 audit[2948]: NETFILTER_CFG table=filter:48 family=2 entries=1 op=nft_register_rule pid=2948 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.541000 audit[2948]: SYSCALL arch=c000003e syscall=46 success=yes exit=528 a0=3 a1=7ffe436d7760 a2=0 a3=7ffe436d774c items=0 ppid=2874 pid=2948 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.541000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4900494E505554002D740066696C746572002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E65746573206865616C746820636865636B207365727669636520706F727473002D6A004B5542452D4E4F4445504F525453 Feb 9 12:32:41.543000 audit[2949]: NETFILTER_CFG table=filter:49 family=2 entries=1 op=nft_register_chain pid=2949 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.543000 audit[2949]: SYSCALL arch=c000003e syscall=46 success=yes exit=100 a0=3 a1=7ffd9d7c7390 a2=0 a3=7ffd9d7c737c items=0 ppid=2874 pid=2949 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.543000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D5345525649434553002D740066696C746572 Feb 9 12:32:41.550000 audit[2951]: NETFILTER_CFG table=filter:50 family=2 entries=1 op=nft_register_rule pid=2951 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.550000 audit[2951]: SYSCALL arch=c000003e syscall=46 success=yes exit=744 a0=3 a1=7ffcf448fee0 a2=0 a3=7ffcf448fecc items=0 ppid=2874 pid=2951 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.550000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4900464F5257415244002D740066696C746572002D6D00636F6E6E747261636B002D2D63747374617465004E4557002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E65746573207365727669636520706F7274616C73002D6A004B5542452D Feb 9 12:32:41.559000 audit[2954]: NETFILTER_CFG table=filter:51 family=2 entries=1 op=nft_register_rule pid=2954 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.559000 audit[2954]: SYSCALL arch=c000003e syscall=46 success=yes exit=744 a0=3 a1=7ffd08732250 a2=0 a3=7ffd0873223c items=0 ppid=2874 pid=2954 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.559000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D49004F5554505554002D740066696C746572002D6D00636F6E6E747261636B002D2D63747374617465004E4557002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E65746573207365727669636520706F7274616C73002D6A004B5542452D53 Feb 9 12:32:41.562000 audit[2955]: NETFILTER_CFG table=filter:52 family=2 entries=1 op=nft_register_chain pid=2955 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.562000 audit[2955]: SYSCALL arch=c000003e syscall=46 success=yes exit=100 a0=3 a1=7ffc72c3ee90 a2=0 a3=7ffc72c3ee7c items=0 ppid=2874 pid=2955 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.562000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D464F5257415244002D740066696C746572 Feb 9 12:32:41.569000 audit[2957]: NETFILTER_CFG table=filter:53 family=2 entries=1 op=nft_register_rule pid=2957 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.569000 audit[2957]: SYSCALL arch=c000003e syscall=46 success=yes exit=528 a0=3 a1=7ffca327a0b0 a2=0 a3=7ffca327a09c items=0 ppid=2874 pid=2957 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.569000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4900464F5257415244002D740066696C746572002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E6574657320666F7277617264696E672072756C6573002D6A004B5542452D464F5257415244 Feb 9 12:32:41.572000 audit[2958]: NETFILTER_CFG table=filter:54 family=2 entries=1 op=nft_register_chain pid=2958 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.572000 audit[2958]: SYSCALL arch=c000003e syscall=46 success=yes exit=104 a0=3 a1=7ffc8aac6b60 a2=0 a3=7ffc8aac6b4c items=0 ppid=2874 pid=2958 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.572000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D4649524557414C4C002D740066696C746572 Feb 9 12:32:41.578000 audit[2960]: NETFILTER_CFG table=filter:55 family=2 entries=1 op=nft_register_rule pid=2960 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.578000 audit[2960]: SYSCALL arch=c000003e syscall=46 success=yes exit=748 a0=3 a1=7ffe13e1c170 a2=0 a3=7ffe13e1c15c items=0 ppid=2874 pid=2960 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.578000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4900494E505554002D740066696C746572002D6D00636F6E6E747261636B002D2D63747374617465004E4557002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E65746573206C6F61642062616C616E636572206669726577616C6C002D6A Feb 9 12:32:41.587000 audit[2963]: NETFILTER_CFG table=filter:56 family=2 entries=1 op=nft_register_rule pid=2963 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.587000 audit[2963]: SYSCALL arch=c000003e syscall=46 success=yes exit=748 a0=3 a1=7ffc66b0bb00 a2=0 a3=7ffc66b0baec items=0 ppid=2874 pid=2963 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.587000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D49004F5554505554002D740066696C746572002D6D00636F6E6E747261636B002D2D63747374617465004E4557002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E65746573206C6F61642062616C616E636572206669726577616C6C002D6A Feb 9 12:32:41.597000 audit[2966]: NETFILTER_CFG table=filter:57 family=2 entries=1 op=nft_register_rule pid=2966 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.597000 audit[2966]: SYSCALL arch=c000003e syscall=46 success=yes exit=748 a0=3 a1=7ffefcd36a10 a2=0 a3=7ffefcd369fc items=0 ppid=2874 pid=2966 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.597000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4900464F5257415244002D740066696C746572002D6D00636F6E6E747261636B002D2D63747374617465004E4557002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E65746573206C6F61642062616C616E636572206669726577616C6C002D Feb 9 12:32:41.600000 audit[2967]: NETFILTER_CFG table=nat:58 family=2 entries=1 op=nft_register_chain pid=2967 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.600000 audit[2967]: SYSCALL arch=c000003e syscall=46 success=yes exit=96 a0=3 a1=7fff46020fb0 a2=0 a3=7fff46020f9c items=0 ppid=2874 pid=2967 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.600000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D5345525649434553002D74006E6174 Feb 9 12:32:41.606000 audit[2970]: NETFILTER_CFG table=nat:59 family=2 entries=1 op=nft_register_rule pid=2970 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.606000 audit[2970]: SYSCALL arch=c000003e syscall=46 success=yes exit=524 a0=3 a1=7ffcd80273e0 a2=0 a3=7ffcd80273cc items=0 ppid=2874 pid=2970 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.606000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D49004F5554505554002D74006E6174002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E65746573207365727669636520706F7274616C73002D6A004B5542452D5345525649434553 Feb 9 12:32:41.608443 systemd[1]: Started sshd@12-86.109.11.101:22-106.54.212.205:45484.service. Feb 9 12:32:41.607000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@12-86.109.11.101:22-106.54.212.205:45484 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:41.615000 audit[2974]: NETFILTER_CFG table=nat:60 family=2 entries=1 op=nft_register_rule pid=2974 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.615000 audit[2974]: SYSCALL arch=c000003e syscall=46 success=yes exit=528 a0=3 a1=7fff5189bbf0 a2=0 a3=7fff5189bbdc items=0 ppid=2874 pid=2974 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.615000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4900505245524F5554494E47002D74006E6174002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E65746573207365727669636520706F7274616C73002D6A004B5542452D5345525649434553 Feb 9 12:32:41.617000 audit[2975]: NETFILTER_CFG table=nat:61 family=2 entries=1 op=nft_register_chain pid=2975 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.617000 audit[2975]: SYSCALL arch=c000003e syscall=46 success=yes exit=100 a0=3 a1=7fff224677b0 a2=0 a3=7fff2246779c items=0 ppid=2874 pid=2975 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.617000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D504F5354524F5554494E47002D74006E6174 Feb 9 12:32:41.624000 audit[2977]: NETFILTER_CFG table=nat:62 family=2 entries=1 op=nft_register_rule pid=2977 subj=system_u:system_r:kernel_t:s0 comm="iptables" Feb 9 12:32:41.624000 audit[2977]: SYSCALL arch=c000003e syscall=46 success=yes exit=532 a0=3 a1=7ffdf6c802b0 a2=0 a3=7ffdf6c8029c items=0 ppid=2874 pid=2977 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.624000 audit: PROCTITLE proctitle=69707461626C6573002D770035002D5700313030303030002D4900504F5354524F5554494E47002D74006E6174002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E6574657320706F7374726F7574696E672072756C6573002D6A004B5542452D504F5354524F5554494E47 Feb 9 12:32:41.652000 audit[2983]: NETFILTER_CFG table=filter:63 family=2 entries=8 op=nft_register_rule pid=2983 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:32:41.652000 audit[2983]: SYSCALL arch=c000003e syscall=46 success=yes exit=4956 a0=3 a1=7ffc4d0d2be0 a2=0 a3=7ffc4d0d2bcc items=0 ppid=2874 pid=2983 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.652000 audit: PROCTITLE proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:32:41.663000 audit[2983]: NETFILTER_CFG table=nat:64 family=2 entries=14 op=nft_register_chain pid=2983 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:32:41.663000 audit[2983]: SYSCALL arch=c000003e syscall=46 success=yes exit=5340 a0=3 a1=7ffc4d0d2be0 a2=0 a3=7ffc4d0d2bcc items=0 ppid=2874 pid=2983 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.663000 audit: PROCTITLE proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:32:41.675000 audit[2989]: NETFILTER_CFG table=filter:65 family=10 entries=1 op=nft_register_chain pid=2989 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.675000 audit[2989]: SYSCALL arch=c000003e syscall=46 success=yes exit=108 a0=3 a1=7ffd120a8090 a2=0 a3=7ffd120a807c items=0 ppid=2874 pid=2989 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.675000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4E004B5542452D45585445524E414C2D5345525649434553002D740066696C746572 Feb 9 12:32:41.679000 audit[2991]: NETFILTER_CFG table=filter:66 family=10 entries=2 op=nft_register_chain pid=2991 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.679000 audit[2991]: SYSCALL arch=c000003e syscall=46 success=yes exit=836 a0=3 a1=7ffe315d40e0 a2=0 a3=7ffe315d40cc items=0 ppid=2874 pid=2991 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.679000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4900494E505554002D740066696C746572002D6D00636F6E6E747261636B002D2D63747374617465004E4557002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E657465732065787465726E616C6C792D76697369626C6520736572766963 Feb 9 12:32:41.686000 audit[2994]: NETFILTER_CFG table=filter:67 family=10 entries=2 op=nft_register_chain pid=2994 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.686000 audit[2994]: SYSCALL arch=c000003e syscall=46 success=yes exit=836 a0=3 a1=7ffe82ebdb10 a2=0 a3=7ffe82ebdafc items=0 ppid=2874 pid=2994 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.686000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4900464F5257415244002D740066696C746572002D6D00636F6E6E747261636B002D2D63747374617465004E4557002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E657465732065787465726E616C6C792D76697369626C652073657276 Feb 9 12:32:41.688000 audit[2995]: NETFILTER_CFG table=filter:68 family=10 entries=1 op=nft_register_chain pid=2995 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.688000 audit[2995]: SYSCALL arch=c000003e syscall=46 success=yes exit=100 a0=3 a1=7ffcda189b40 a2=0 a3=7ffcda189b2c items=0 ppid=2874 pid=2995 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.688000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4E004B5542452D4E4F4445504F525453002D740066696C746572 Feb 9 12:32:41.692000 audit[2997]: NETFILTER_CFG table=filter:69 family=10 entries=1 op=nft_register_rule pid=2997 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.692000 audit[2997]: SYSCALL arch=c000003e syscall=46 success=yes exit=528 a0=3 a1=7fff4e3da6a0 a2=0 a3=7fff4e3da68c items=0 ppid=2874 pid=2997 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.692000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4900494E505554002D740066696C746572002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E65746573206865616C746820636865636B207365727669636520706F727473002D6A004B5542452D4E4F4445504F525453 Feb 9 12:32:41.694000 audit[2998]: NETFILTER_CFG table=filter:70 family=10 entries=1 op=nft_register_chain pid=2998 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.694000 audit[2998]: SYSCALL arch=c000003e syscall=46 success=yes exit=100 a0=3 a1=7ffdd5a5a750 a2=0 a3=7ffdd5a5a73c items=0 ppid=2874 pid=2998 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.694000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4E004B5542452D5345525649434553002D740066696C746572 Feb 9 12:32:41.699000 audit[3000]: NETFILTER_CFG table=filter:71 family=10 entries=1 op=nft_register_rule pid=3000 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.699000 audit[3000]: SYSCALL arch=c000003e syscall=46 success=yes exit=744 a0=3 a1=7ffc045d9d00 a2=0 a3=7ffc045d9cec items=0 ppid=2874 pid=3000 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.699000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4900464F5257415244002D740066696C746572002D6D00636F6E6E747261636B002D2D63747374617465004E4557002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E65746573207365727669636520706F7274616C73002D6A004B554245 Feb 9 12:32:41.705000 audit[3003]: NETFILTER_CFG table=filter:72 family=10 entries=2 op=nft_register_chain pid=3003 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.705000 audit[3003]: SYSCALL arch=c000003e syscall=46 success=yes exit=828 a0=3 a1=7ffe8fda79c0 a2=0 a3=7ffe8fda79ac items=0 ppid=2874 pid=3003 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.705000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D49004F5554505554002D740066696C746572002D6D00636F6E6E747261636B002D2D63747374617465004E4557002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E65746573207365727669636520706F7274616C73002D6A004B5542452D Feb 9 12:32:41.707000 audit[3004]: NETFILTER_CFG table=filter:73 family=10 entries=1 op=nft_register_chain pid=3004 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.707000 audit[3004]: SYSCALL arch=c000003e syscall=46 success=yes exit=100 a0=3 a1=7ffdc1f20aa0 a2=0 a3=7ffdc1f20a8c items=0 ppid=2874 pid=3004 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.707000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4E004B5542452D464F5257415244002D740066696C746572 Feb 9 12:32:41.711000 audit[3006]: NETFILTER_CFG table=filter:74 family=10 entries=1 op=nft_register_rule pid=3006 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.711000 audit[3006]: SYSCALL arch=c000003e syscall=46 success=yes exit=528 a0=3 a1=7ffe7d4c35e0 a2=0 a3=7ffe7d4c35cc items=0 ppid=2874 pid=3006 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.711000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4900464F5257415244002D740066696C746572002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E6574657320666F7277617264696E672072756C6573002D6A004B5542452D464F5257415244 Feb 9 12:32:41.714000 audit[3007]: NETFILTER_CFG table=filter:75 family=10 entries=1 op=nft_register_chain pid=3007 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.714000 audit[3007]: SYSCALL arch=c000003e syscall=46 success=yes exit=104 a0=3 a1=7ffda5970890 a2=0 a3=7ffda597087c items=0 ppid=2874 pid=3007 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.714000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D4649524557414C4C002D740066696C746572 Feb 9 12:32:41.718000 audit[3009]: NETFILTER_CFG table=filter:76 family=10 entries=1 op=nft_register_rule pid=3009 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.718000 audit[3009]: SYSCALL arch=c000003e syscall=46 success=yes exit=748 a0=3 a1=7fffdefec880 a2=0 a3=7fffdefec86c items=0 ppid=2874 pid=3009 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.718000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4900494E505554002D740066696C746572002D6D00636F6E6E747261636B002D2D63747374617465004E4557002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E65746573206C6F61642062616C616E636572206669726577616C6C002D6A Feb 9 12:32:41.725000 audit[3012]: NETFILTER_CFG table=filter:77 family=10 entries=1 op=nft_register_rule pid=3012 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.725000 audit[3012]: SYSCALL arch=c000003e syscall=46 success=yes exit=748 a0=3 a1=7fff54a8e1a0 a2=0 a3=7fff54a8e18c items=0 ppid=2874 pid=3012 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.725000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D49004F5554505554002D740066696C746572002D6D00636F6E6E747261636B002D2D63747374617465004E4557002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E65746573206C6F61642062616C616E636572206669726577616C6C002D Feb 9 12:32:41.732000 audit[3015]: NETFILTER_CFG table=filter:78 family=10 entries=1 op=nft_register_rule pid=3015 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.732000 audit[3015]: SYSCALL arch=c000003e syscall=46 success=yes exit=748 a0=3 a1=7ffcbaa6e330 a2=0 a3=7ffcbaa6e31c items=0 ppid=2874 pid=3015 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.732000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4900464F5257415244002D740066696C746572002D6D00636F6E6E747261636B002D2D63747374617465004E4557002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E65746573206C6F61642062616C616E636572206669726577616C6C Feb 9 12:32:41.733000 audit[3016]: NETFILTER_CFG table=nat:79 family=10 entries=1 op=nft_register_chain pid=3016 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.733000 audit[3016]: SYSCALL arch=c000003e syscall=46 success=yes exit=96 a0=3 a1=7ffe089a08c0 a2=0 a3=7ffe089a08ac items=0 ppid=2874 pid=3016 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.733000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4E004B5542452D5345525649434553002D74006E6174 Feb 9 12:32:41.738000 audit[3018]: NETFILTER_CFG table=nat:80 family=10 entries=2 op=nft_register_chain pid=3018 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.738000 audit[3018]: SYSCALL arch=c000003e syscall=46 success=yes exit=600 a0=3 a1=7ffe112ac790 a2=0 a3=7ffe112ac77c items=0 ppid=2874 pid=3018 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.738000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D49004F5554505554002D74006E6174002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E65746573207365727669636520706F7274616C73002D6A004B5542452D5345525649434553 Feb 9 12:32:41.744000 audit[3021]: NETFILTER_CFG table=nat:81 family=10 entries=2 op=nft_register_chain pid=3021 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.744000 audit[3021]: SYSCALL arch=c000003e syscall=46 success=yes exit=608 a0=3 a1=7ffd454863c0 a2=0 a3=7ffd454863ac items=0 ppid=2874 pid=3021 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.744000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4900505245524F5554494E47002D74006E6174002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E65746573207365727669636520706F7274616C73002D6A004B5542452D5345525649434553 Feb 9 12:32:41.746000 audit[3022]: NETFILTER_CFG table=nat:82 family=10 entries=1 op=nft_register_chain pid=3022 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.746000 audit[3022]: SYSCALL arch=c000003e syscall=46 success=yes exit=100 a0=3 a1=7ffefa389aa0 a2=0 a3=7ffefa389a8c items=0 ppid=2874 pid=3022 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.746000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4E004B5542452D504F5354524F5554494E47002D74006E6174 Feb 9 12:32:41.750000 audit[3024]: NETFILTER_CFG table=nat:83 family=10 entries=2 op=nft_register_chain pid=3024 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.750000 audit[3024]: SYSCALL arch=c000003e syscall=46 success=yes exit=612 a0=3 a1=7ffec94fa040 a2=0 a3=7ffec94fa02c items=0 ppid=2874 pid=3024 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.750000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4900504F5354524F5554494E47002D74006E6174002D6D00636F6D6D656E74002D2D636F6D6D656E74006B756265726E6574657320706F7374726F7574696E672072756C6573002D6A004B5542452D504F5354524F5554494E47 Feb 9 12:32:41.752000 audit[3025]: NETFILTER_CFG table=filter:84 family=10 entries=1 op=nft_register_chain pid=3025 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.752000 audit[3025]: SYSCALL arch=c000003e syscall=46 success=yes exit=100 a0=3 a1=7ffcaec93830 a2=0 a3=7ffcaec9381c items=0 ppid=2874 pid=3025 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.752000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4E004B5542452D4649524557414C4C002D740066696C746572 Feb 9 12:32:41.756000 audit[3027]: NETFILTER_CFG table=filter:85 family=10 entries=1 op=nft_register_rule pid=3027 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.756000 audit[3027]: SYSCALL arch=c000003e syscall=46 success=yes exit=228 a0=3 a1=7ffe4902f1e0 a2=0 a3=7ffe4902f1cc items=0 ppid=2874 pid=3027 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.756000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D4900494E505554002D740066696C746572002D6A004B5542452D4649524557414C4C Feb 9 12:32:41.762000 audit[3030]: NETFILTER_CFG table=filter:86 family=10 entries=1 op=nft_register_rule pid=3030 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" Feb 9 12:32:41.762000 audit[3030]: SYSCALL arch=c000003e syscall=46 success=yes exit=228 a0=3 a1=7ffc33013450 a2=0 a3=7ffc3301343c items=0 ppid=2874 pid=3030 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.762000 audit: PROCTITLE proctitle=6970367461626C6573002D770035002D5700313030303030002D49004F5554505554002D740066696C746572002D6A004B5542452D4649524557414C4C Feb 9 12:32:41.767000 audit[3032]: NETFILTER_CFG table=filter:87 family=10 entries=3 op=nft_register_rule pid=3032 subj=system_u:system_r:kernel_t:s0 comm="ip6tables-resto" Feb 9 12:32:41.767000 audit[3032]: SYSCALL arch=c000003e syscall=46 success=yes exit=1916 a0=3 a1=7ffca059e970 a2=0 a3=7ffca059e95c items=0 ppid=2874 pid=3032 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables-resto" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.767000 audit: PROCTITLE proctitle=6970367461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:32:41.768000 audit[3032]: NETFILTER_CFG table=nat:88 family=10 entries=7 op=nft_register_chain pid=3032 subj=system_u:system_r:kernel_t:s0 comm="ip6tables-resto" Feb 9 12:32:41.768000 audit[3032]: SYSCALL arch=c000003e syscall=46 success=yes exit=1968 a0=3 a1=7ffca059e970 a2=0 a3=7ffca059e95c items=0 ppid=2874 pid=3032 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables-resto" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:41.768000 audit: PROCTITLE proctitle=6970367461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:32:42.082406 kubelet[2604]: I0209 12:32:42.082333 2604 pod_startup_latency_tracker.go:102] "Observed pod startup duration" pod="kube-system/kube-proxy-4dmmf" podStartSLOduration=2.082296749 podCreationTimestamp="2024-02-09 12:32:40 +0000 UTC" firstStartedPulling="0001-01-01 00:00:00 +0000 UTC" lastFinishedPulling="0001-01-01 00:00:00 +0000 UTC" observedRunningTime="2024-02-09 12:32:42.082270184 +0000 UTC m=+15.109757378" watchObservedRunningTime="2024-02-09 12:32:42.082296749 +0000 UTC m=+15.109783943" Feb 9 12:32:42.859093 systemd[1]: var-lib-containerd-tmpmounts-containerd\x2dmount509528295.mount: Deactivated successfully. Feb 9 12:32:43.556138 systemd[1]: Started sshd@13-86.109.11.101:22-163.228.248.90:28892.service. Feb 9 12:32:43.555000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@13-86.109.11.101:22-163.228.248.90:28892 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:43.671178 env[1477]: time="2024-02-09T12:32:43.671129055Z" level=info msg="ImageCreate event &ImageCreate{Name:quay.io/tigera/operator:v1.32.3,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:43.671769 env[1477]: time="2024-02-09T12:32:43.671729285Z" level=info msg="ImageCreate event &ImageCreate{Name:sha256:7bc79e0d3be4fa8c35133127424f9b1ec775af43145b7dd58637905c76084827,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:43.672528 env[1477]: time="2024-02-09T12:32:43.672484821Z" level=info msg="ImageUpdate event &ImageUpdate{Name:quay.io/tigera/operator:v1.32.3,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:43.673346 env[1477]: time="2024-02-09T12:32:43.673306504Z" level=info msg="ImageCreate event &ImageCreate{Name:quay.io/tigera/operator@sha256:715ac9a30f8a9579e44258af20de354715429e11836b493918e9e1a696e9b028,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:43.674062 env[1477]: time="2024-02-09T12:32:43.674019492Z" level=info msg="PullImage \"quay.io/tigera/operator:v1.32.3\" returns image reference \"sha256:7bc79e0d3be4fa8c35133127424f9b1ec775af43145b7dd58637905c76084827\"" Feb 9 12:32:43.675012 env[1477]: time="2024-02-09T12:32:43.675000374Z" level=info msg="CreateContainer within sandbox \"305d28d7edf65c3f961a9fe626b6ebcb43874d99982e2e30e5b3b6b5dfdd31a5\" for container &ContainerMetadata{Name:tigera-operator,Attempt:0,}" Feb 9 12:32:43.679847 env[1477]: time="2024-02-09T12:32:43.679808004Z" level=info msg="CreateContainer within sandbox \"305d28d7edf65c3f961a9fe626b6ebcb43874d99982e2e30e5b3b6b5dfdd31a5\" for &ContainerMetadata{Name:tigera-operator,Attempt:0,} returns container id \"7a124db25d1fea8b6c5b61618178c7655d05994ee8f732de5cc12096bdebe6bb\"" Feb 9 12:32:43.680155 env[1477]: time="2024-02-09T12:32:43.680139812Z" level=info msg="StartContainer for \"7a124db25d1fea8b6c5b61618178c7655d05994ee8f732de5cc12096bdebe6bb\"" Feb 9 12:32:43.700516 systemd[1]: Started cri-containerd-7a124db25d1fea8b6c5b61618178c7655d05994ee8f732de5cc12096bdebe6bb.scope. Feb 9 12:32:43.705000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.705000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.705000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.705000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.705000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.705000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.705000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.705000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.705000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.705000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.705000 audit: BPF prog-id=123 op=LOAD Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { bpf } for pid=3043 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: SYSCALL arch=c000003e syscall=321 success=yes exit=0 a0=f a1=c000197c48 a2=10 a3=1c items=0 ppid=2835 pid=3043 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:43.706000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3761313234646232356431666561386236633562363136313831373863 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { perfmon } for pid=3043 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=0 a1=c0001976b0 a2=3c a3=8 items=0 ppid=2835 pid=3043 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:43.706000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3761313234646232356431666561386236633562363136313831373863 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { bpf } for pid=3043 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { bpf } for pid=3043 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { bpf } for pid=3043 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { perfmon } for pid=3043 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { perfmon } for pid=3043 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { perfmon } for pid=3043 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { perfmon } for pid=3043 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { perfmon } for pid=3043 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { bpf } for pid=3043 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { bpf } for pid=3043 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit: BPF prog-id=124 op=LOAD Feb 9 12:32:43.706000 audit[3043]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c0001979d8 a2=78 a3=c000285a00 items=0 ppid=2835 pid=3043 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:43.706000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3761313234646232356431666561386236633562363136313831373863 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { bpf } for pid=3043 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { bpf } for pid=3043 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { perfmon } for pid=3043 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { perfmon } for pid=3043 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { perfmon } for pid=3043 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { perfmon } for pid=3043 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { perfmon } for pid=3043 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { bpf } for pid=3043 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { bpf } for pid=3043 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit: BPF prog-id=125 op=LOAD Feb 9 12:32:43.706000 audit[3043]: SYSCALL arch=c000003e syscall=321 success=yes exit=18 a0=5 a1=c000197770 a2=78 a3=c000285a48 items=0 ppid=2835 pid=3043 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:43.706000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3761313234646232356431666561386236633562363136313831373863 Feb 9 12:32:43.706000 audit: BPF prog-id=125 op=UNLOAD Feb 9 12:32:43.706000 audit: BPF prog-id=124 op=UNLOAD Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { bpf } for pid=3043 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { bpf } for pid=3043 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { bpf } for pid=3043 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { perfmon } for pid=3043 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { perfmon } for pid=3043 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { perfmon } for pid=3043 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { perfmon } for pid=3043 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { perfmon } for pid=3043 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { bpf } for pid=3043 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit[3043]: AVC avc: denied { bpf } for pid=3043 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:43.706000 audit: BPF prog-id=126 op=LOAD Feb 9 12:32:43.706000 audit[3043]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c000197c30 a2=78 a3=c000285e58 items=0 ppid=2835 pid=3043 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:43.706000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3761313234646232356431666561386236633562363136313831373863 Feb 9 12:32:43.726319 env[1477]: time="2024-02-09T12:32:43.726292442Z" level=info msg="StartContainer for \"7a124db25d1fea8b6c5b61618178c7655d05994ee8f732de5cc12096bdebe6bb\" returns successfully" Feb 9 12:32:44.085583 kubelet[2604]: I0209 12:32:44.085518 2604 pod_startup_latency_tracker.go:102] "Observed pod startup duration" pod="tigera-operator/tigera-operator-55585899bf-kdqkx" podStartSLOduration=1.790243212 podCreationTimestamp="2024-02-09 12:32:40 +0000 UTC" firstStartedPulling="2024-02-09 12:32:41.378974504 +0000 UTC m=+14.406461699" lastFinishedPulling="2024-02-09 12:32:43.674164697 +0000 UTC m=+16.701651891" observedRunningTime="2024-02-09 12:32:44.085141266 +0000 UTC m=+17.112628519" watchObservedRunningTime="2024-02-09 12:32:44.085433404 +0000 UTC m=+17.112920638" Feb 9 12:32:44.486726 sshd[3034]: Invalid user csdojang from 163.228.248.90 port 28892 Feb 9 12:32:44.492987 sshd[3034]: pam_faillock(sshd:auth): User unknown Feb 9 12:32:44.494010 sshd[3034]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:32:44.494098 sshd[3034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.228.248.90 Feb 9 12:32:44.495021 sshd[3034]: pam_faillock(sshd:auth): User unknown Feb 9 12:32:44.493000 audit[3034]: USER_AUTH pid=3034 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="csdojang" exe="/usr/sbin/sshd" hostname=163.228.248.90 addr=163.228.248.90 terminal=ssh res=failed' Feb 9 12:32:44.523229 kernel: kauditd_printk_skb: 374 callbacks suppressed Feb 9 12:32:44.523287 kernel: audit: type=1100 audit(1707481964.493:1085): pid=3034 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="csdojang" exe="/usr/sbin/sshd" hostname=163.228.248.90 addr=163.228.248.90 terminal=ssh res=failed' Feb 9 12:32:45.443000 audit[3088]: NETFILTER_CFG table=filter:89 family=2 entries=15 op=nft_register_rule pid=3088 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:32:45.443000 audit[3088]: SYSCALL arch=c000003e syscall=46 success=yes exit=5660 a0=3 a1=7ffc7f261fc0 a2=0 a3=7ffc7f261fac items=0 ppid=2874 pid=3088 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:45.556897 kubelet[2604]: I0209 12:32:45.556875 2604 topology_manager.go:215] "Topology Admit Handler" podUID="d2e408e3-1632-44f4-8038-c81029432851" podNamespace="calico-system" podName="calico-typha-d4d87985d-dk6cj" Feb 9 12:32:45.560110 systemd[1]: Created slice kubepods-besteffort-podd2e408e3_1632_44f4_8038_c81029432851.slice. Feb 9 12:32:45.576884 kubelet[2604]: I0209 12:32:45.576861 2604 topology_manager.go:215] "Topology Admit Handler" podUID="0bfd0cd7-d237-4278-b83b-430f9281f455" podNamespace="calico-system" podName="calico-node-dbz6z" Feb 9 12:32:45.588220 systemd[1]: Created slice kubepods-besteffort-pod0bfd0cd7_d237_4278_b83b_430f9281f455.slice. Feb 9 12:32:45.603737 kernel: audit: type=1325 audit(1707481965.443:1086): table=filter:89 family=2 entries=15 op=nft_register_rule pid=3088 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:32:45.603828 kernel: audit: type=1300 audit(1707481965.443:1086): arch=c000003e syscall=46 success=yes exit=5660 a0=3 a1=7ffc7f261fc0 a2=0 a3=7ffc7f261fac items=0 ppid=2874 pid=3088 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:45.603860 kernel: audit: type=1327 audit(1707481965.443:1086): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:32:45.443000 audit: PROCTITLE proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:32:45.640530 kubelet[2604]: I0209 12:32:45.640489 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"tigera-ca-bundle\" (UniqueName: \"kubernetes.io/configmap/d2e408e3-1632-44f4-8038-c81029432851-tigera-ca-bundle\") pod \"calico-typha-d4d87985d-dk6cj\" (UID: \"d2e408e3-1632-44f4-8038-c81029432851\") " pod="calico-system/calico-typha-d4d87985d-dk6cj" Feb 9 12:32:45.640530 kubelet[2604]: I0209 12:32:45.640511 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"flexvol-driver-host\" (UniqueName: \"kubernetes.io/host-path/0bfd0cd7-d237-4278-b83b-430f9281f455-flexvol-driver-host\") pod \"calico-node-dbz6z\" (UID: \"0bfd0cd7-d237-4278-b83b-430f9281f455\") " pod="calico-system/calico-node-dbz6z" Feb 9 12:32:45.640530 kubelet[2604]: I0209 12:32:45.640523 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"kube-api-access-lshfb\" (UniqueName: \"kubernetes.io/projected/0bfd0cd7-d237-4278-b83b-430f9281f455-kube-api-access-lshfb\") pod \"calico-node-dbz6z\" (UID: \"0bfd0cd7-d237-4278-b83b-430f9281f455\") " pod="calico-system/calico-node-dbz6z" Feb 9 12:32:45.640622 kubelet[2604]: I0209 12:32:45.640552 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"policysync\" (UniqueName: \"kubernetes.io/host-path/0bfd0cd7-d237-4278-b83b-430f9281f455-policysync\") pod \"calico-node-dbz6z\" (UID: \"0bfd0cd7-d237-4278-b83b-430f9281f455\") " pod="calico-system/calico-node-dbz6z" Feb 9 12:32:45.640622 kubelet[2604]: I0209 12:32:45.640577 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"tigera-ca-bundle\" (UniqueName: \"kubernetes.io/configmap/0bfd0cd7-d237-4278-b83b-430f9281f455-tigera-ca-bundle\") pod \"calico-node-dbz6z\" (UID: \"0bfd0cd7-d237-4278-b83b-430f9281f455\") " pod="calico-system/calico-node-dbz6z" Feb 9 12:32:45.640661 kubelet[2604]: I0209 12:32:45.640621 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"xtables-lock\" (UniqueName: \"kubernetes.io/host-path/0bfd0cd7-d237-4278-b83b-430f9281f455-xtables-lock\") pod \"calico-node-dbz6z\" (UID: \"0bfd0cd7-d237-4278-b83b-430f9281f455\") " pod="calico-system/calico-node-dbz6z" Feb 9 12:32:45.640661 kubelet[2604]: I0209 12:32:45.640637 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"lib-modules\" (UniqueName: \"kubernetes.io/host-path/0bfd0cd7-d237-4278-b83b-430f9281f455-lib-modules\") pod \"calico-node-dbz6z\" (UID: \"0bfd0cd7-d237-4278-b83b-430f9281f455\") " pod="calico-system/calico-node-dbz6z" Feb 9 12:32:45.640661 kubelet[2604]: I0209 12:32:45.640649 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"var-run-calico\" (UniqueName: \"kubernetes.io/host-path/0bfd0cd7-d237-4278-b83b-430f9281f455-var-run-calico\") pod \"calico-node-dbz6z\" (UID: \"0bfd0cd7-d237-4278-b83b-430f9281f455\") " pod="calico-system/calico-node-dbz6z" Feb 9 12:32:45.640717 kubelet[2604]: I0209 12:32:45.640663 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"cni-log-dir\" (UniqueName: \"kubernetes.io/host-path/0bfd0cd7-d237-4278-b83b-430f9281f455-cni-log-dir\") pod \"calico-node-dbz6z\" (UID: \"0bfd0cd7-d237-4278-b83b-430f9281f455\") " pod="calico-system/calico-node-dbz6z" Feb 9 12:32:45.640717 kubelet[2604]: I0209 12:32:45.640689 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"cni-bin-dir\" (UniqueName: \"kubernetes.io/host-path/0bfd0cd7-d237-4278-b83b-430f9281f455-cni-bin-dir\") pod \"calico-node-dbz6z\" (UID: \"0bfd0cd7-d237-4278-b83b-430f9281f455\") " pod="calico-system/calico-node-dbz6z" Feb 9 12:32:45.640717 kubelet[2604]: I0209 12:32:45.640704 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"cni-net-dir\" (UniqueName: \"kubernetes.io/host-path/0bfd0cd7-d237-4278-b83b-430f9281f455-cni-net-dir\") pod \"calico-node-dbz6z\" (UID: \"0bfd0cd7-d237-4278-b83b-430f9281f455\") " pod="calico-system/calico-node-dbz6z" Feb 9 12:32:45.640717 kubelet[2604]: I0209 12:32:45.640716 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"typha-certs\" (UniqueName: \"kubernetes.io/secret/d2e408e3-1632-44f4-8038-c81029432851-typha-certs\") pod \"calico-typha-d4d87985d-dk6cj\" (UID: \"d2e408e3-1632-44f4-8038-c81029432851\") " pod="calico-system/calico-typha-d4d87985d-dk6cj" Feb 9 12:32:45.640786 kubelet[2604]: I0209 12:32:45.640728 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"node-certs\" (UniqueName: \"kubernetes.io/secret/0bfd0cd7-d237-4278-b83b-430f9281f455-node-certs\") pod \"calico-node-dbz6z\" (UID: \"0bfd0cd7-d237-4278-b83b-430f9281f455\") " pod="calico-system/calico-node-dbz6z" Feb 9 12:32:45.640786 kubelet[2604]: I0209 12:32:45.640762 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"kube-api-access-q7rqg\" (UniqueName: \"kubernetes.io/projected/d2e408e3-1632-44f4-8038-c81029432851-kube-api-access-q7rqg\") pod \"calico-typha-d4d87985d-dk6cj\" (UID: \"d2e408e3-1632-44f4-8038-c81029432851\") " pod="calico-system/calico-typha-d4d87985d-dk6cj" Feb 9 12:32:45.640823 kubelet[2604]: I0209 12:32:45.640784 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"var-lib-calico\" (UniqueName: \"kubernetes.io/host-path/0bfd0cd7-d237-4278-b83b-430f9281f455-var-lib-calico\") pod \"calico-node-dbz6z\" (UID: \"0bfd0cd7-d237-4278-b83b-430f9281f455\") " pod="calico-system/calico-node-dbz6z" Feb 9 12:32:45.444000 audit[3088]: NETFILTER_CFG table=nat:90 family=2 entries=12 op=nft_register_rule pid=3088 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:32:45.695660 kubelet[2604]: I0209 12:32:45.695584 2604 topology_manager.go:215] "Topology Admit Handler" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" podNamespace="calico-system" podName="csi-node-driver-8dfwv" Feb 9 12:32:45.695796 kubelet[2604]: E0209 12:32:45.695765 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:32:45.444000 audit[3088]: SYSCALL arch=c000003e syscall=46 success=yes exit=2572 a0=3 a1=7ffc7f261fc0 a2=0 a3=31030 items=0 ppid=2874 pid=3088 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:45.741429 kubelet[2604]: I0209 12:32:45.741388 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"registration-dir\" (UniqueName: \"kubernetes.io/host-path/9d7d849f-47a3-4ce5-b643-2347a74f746a-registration-dir\") pod \"csi-node-driver-8dfwv\" (UID: \"9d7d849f-47a3-4ce5-b643-2347a74f746a\") " pod="calico-system/csi-node-driver-8dfwv" Feb 9 12:32:45.741495 kubelet[2604]: I0209 12:32:45.741434 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"varrun\" (UniqueName: \"kubernetes.io/host-path/9d7d849f-47a3-4ce5-b643-2347a74f746a-varrun\") pod \"csi-node-driver-8dfwv\" (UID: \"9d7d849f-47a3-4ce5-b643-2347a74f746a\") " pod="calico-system/csi-node-driver-8dfwv" Feb 9 12:32:45.741495 kubelet[2604]: I0209 12:32:45.741465 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"socket-dir\" (UniqueName: \"kubernetes.io/host-path/9d7d849f-47a3-4ce5-b643-2347a74f746a-socket-dir\") pod \"csi-node-driver-8dfwv\" (UID: \"9d7d849f-47a3-4ce5-b643-2347a74f746a\") " pod="calico-system/csi-node-driver-8dfwv" Feb 9 12:32:45.741626 kubelet[2604]: I0209 12:32:45.741617 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"kubelet-dir\" (UniqueName: \"kubernetes.io/host-path/9d7d849f-47a3-4ce5-b643-2347a74f746a-kubelet-dir\") pod \"csi-node-driver-8dfwv\" (UID: \"9d7d849f-47a3-4ce5-b643-2347a74f746a\") " pod="calico-system/csi-node-driver-8dfwv" Feb 9 12:32:45.741683 kubelet[2604]: I0209 12:32:45.741673 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"kube-api-access-sz28k\" (UniqueName: \"kubernetes.io/projected/9d7d849f-47a3-4ce5-b643-2347a74f746a-kube-api-access-sz28k\") pod \"csi-node-driver-8dfwv\" (UID: \"9d7d849f-47a3-4ce5-b643-2347a74f746a\") " pod="calico-system/csi-node-driver-8dfwv" Feb 9 12:32:45.742081 kubelet[2604]: E0209 12:32:45.742071 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.742111 kubelet[2604]: W0209 12:32:45.742081 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.742111 kubelet[2604]: E0209 12:32:45.742098 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.742194 kubelet[2604]: E0209 12:32:45.742190 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.742245 kubelet[2604]: W0209 12:32:45.742194 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.742245 kubelet[2604]: E0209 12:32:45.742202 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.743237 kubelet[2604]: E0209 12:32:45.743224 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.743237 kubelet[2604]: W0209 12:32:45.743236 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.743297 kubelet[2604]: E0209 12:32:45.743250 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.743372 kubelet[2604]: E0209 12:32:45.743366 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.743398 kubelet[2604]: W0209 12:32:45.743373 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.743398 kubelet[2604]: E0209 12:32:45.743386 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.747982 kubelet[2604]: E0209 12:32:45.747967 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.747982 kubelet[2604]: W0209 12:32:45.747977 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.748080 kubelet[2604]: E0209 12:32:45.747992 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.748101 kubelet[2604]: E0209 12:32:45.748085 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.748101 kubelet[2604]: W0209 12:32:45.748089 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.748101 kubelet[2604]: E0209 12:32:45.748095 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.827899 kernel: audit: type=1325 audit(1707481965.444:1087): table=nat:90 family=2 entries=12 op=nft_register_rule pid=3088 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:32:45.827966 kernel: audit: type=1300 audit(1707481965.444:1087): arch=c000003e syscall=46 success=yes exit=2572 a0=3 a1=7ffc7f261fc0 a2=0 a3=31030 items=0 ppid=2874 pid=3088 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:45.827979 kernel: audit: type=1327 audit(1707481965.444:1087): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:32:45.444000 audit: PROCTITLE proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:32:45.842610 kubelet[2604]: E0209 12:32:45.842597 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.842610 kubelet[2604]: W0209 12:32:45.842606 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.842711 kubelet[2604]: E0209 12:32:45.842619 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.842762 kubelet[2604]: E0209 12:32:45.842755 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.842762 kubelet[2604]: W0209 12:32:45.842761 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.842802 kubelet[2604]: E0209 12:32:45.842770 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.842898 kubelet[2604]: E0209 12:32:45.842892 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.842898 kubelet[2604]: W0209 12:32:45.842897 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.842937 kubelet[2604]: E0209 12:32:45.842904 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.843015 kubelet[2604]: E0209 12:32:45.843010 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.843015 kubelet[2604]: W0209 12:32:45.843014 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.843053 kubelet[2604]: E0209 12:32:45.843022 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.843111 kubelet[2604]: E0209 12:32:45.843106 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.843111 kubelet[2604]: W0209 12:32:45.843111 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.843147 kubelet[2604]: E0209 12:32:45.843116 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.843190 kubelet[2604]: E0209 12:32:45.843184 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.843211 kubelet[2604]: W0209 12:32:45.843191 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.843211 kubelet[2604]: E0209 12:32:45.843201 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.843279 kubelet[2604]: E0209 12:32:45.843273 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.843279 kubelet[2604]: W0209 12:32:45.843278 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.843316 kubelet[2604]: E0209 12:32:45.843286 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.843349 kubelet[2604]: E0209 12:32:45.843344 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.843349 kubelet[2604]: W0209 12:32:45.843349 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.843349 kubelet[2604]: E0209 12:32:45.843354 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.843467 kubelet[2604]: E0209 12:32:45.843461 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.843467 kubelet[2604]: W0209 12:32:45.843466 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.843518 kubelet[2604]: E0209 12:32:45.843473 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.843548 kubelet[2604]: E0209 12:32:45.843543 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.843548 kubelet[2604]: W0209 12:32:45.843547 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.843588 kubelet[2604]: E0209 12:32:45.843553 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.843645 kubelet[2604]: E0209 12:32:45.843639 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.843670 kubelet[2604]: W0209 12:32:45.843646 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.843670 kubelet[2604]: E0209 12:32:45.843657 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.843770 kubelet[2604]: E0209 12:32:45.843764 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.843791 kubelet[2604]: W0209 12:32:45.843771 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.843791 kubelet[2604]: E0209 12:32:45.843783 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.843862 kubelet[2604]: E0209 12:32:45.843857 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.843883 kubelet[2604]: W0209 12:32:45.843862 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.843883 kubelet[2604]: E0209 12:32:45.843870 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.843934 kubelet[2604]: E0209 12:32:45.843930 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.843955 kubelet[2604]: W0209 12:32:45.843934 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.843955 kubelet[2604]: E0209 12:32:45.843942 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.844003 kubelet[2604]: E0209 12:32:45.843998 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.844023 kubelet[2604]: W0209 12:32:45.844003 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.844041 kubelet[2604]: E0209 12:32:45.844021 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.844066 kubelet[2604]: E0209 12:32:45.844062 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.844066 kubelet[2604]: W0209 12:32:45.844066 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.844102 kubelet[2604]: E0209 12:32:45.844079 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.844129 kubelet[2604]: E0209 12:32:45.844125 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.844148 kubelet[2604]: W0209 12:32:45.844129 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.844148 kubelet[2604]: E0209 12:32:45.844136 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.844197 kubelet[2604]: E0209 12:32:45.844193 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.844217 kubelet[2604]: W0209 12:32:45.844197 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.844217 kubelet[2604]: E0209 12:32:45.844203 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.844271 kubelet[2604]: E0209 12:32:45.844266 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.844271 kubelet[2604]: W0209 12:32:45.844270 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.844271 kubelet[2604]: E0209 12:32:45.844277 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.844399 kubelet[2604]: E0209 12:32:45.844393 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.844419 kubelet[2604]: W0209 12:32:45.844399 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.844419 kubelet[2604]: E0209 12:32:45.844408 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.844516 kubelet[2604]: E0209 12:32:45.844511 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.844542 kubelet[2604]: W0209 12:32:45.844516 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.844542 kubelet[2604]: E0209 12:32:45.844525 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.844668 kubelet[2604]: E0209 12:32:45.844663 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.844690 kubelet[2604]: W0209 12:32:45.844670 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.844690 kubelet[2604]: E0209 12:32:45.844680 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.844765 kubelet[2604]: E0209 12:32:45.844747 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.844765 kubelet[2604]: W0209 12:32:45.844753 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.844765 kubelet[2604]: E0209 12:32:45.844760 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.844827 kubelet[2604]: E0209 12:32:45.844823 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.844827 kubelet[2604]: W0209 12:32:45.844827 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.844875 kubelet[2604]: E0209 12:32:45.844832 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.844926 kubelet[2604]: E0209 12:32:45.844920 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.844926 kubelet[2604]: W0209 12:32:45.844924 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.844992 kubelet[2604]: E0209 12:32:45.844930 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.849726 kubelet[2604]: E0209 12:32:45.849687 2604 driver-call.go:262] Failed to unmarshal output for command: init, output: "", error: unexpected end of JSON input Feb 9 12:32:45.849726 kubelet[2604]: W0209 12:32:45.849694 2604 driver-call.go:149] FlexVolume: driver call failed: executable: /opt/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds/uds, args: [init], error: executable file not found in $PATH, output: "" Feb 9 12:32:45.849726 kubelet[2604]: E0209 12:32:45.849703 2604 plugins.go:723] "Error dynamically probing plugins" err="error creating Flexvolume plugin from directory nodeagent~uds, skipping. Error: unexpected end of JSON input" Feb 9 12:32:45.862094 env[1477]: time="2024-02-09T12:32:45.862045981Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:calico-typha-d4d87985d-dk6cj,Uid:d2e408e3-1632-44f4-8038-c81029432851,Namespace:calico-system,Attempt:0,}" Feb 9 12:32:45.869898 env[1477]: time="2024-02-09T12:32:45.869861634Z" level=info msg="loading plugin \"io.containerd.event.v1.publisher\"..." runtime=io.containerd.runc.v2 type=io.containerd.event.v1 Feb 9 12:32:45.869898 env[1477]: time="2024-02-09T12:32:45.869884772Z" level=info msg="loading plugin \"io.containerd.internal.v1.shutdown\"..." runtime=io.containerd.runc.v2 type=io.containerd.internal.v1 Feb 9 12:32:45.870003 env[1477]: time="2024-02-09T12:32:45.869895560Z" level=info msg="loading plugin \"io.containerd.ttrpc.v1.task\"..." runtime=io.containerd.runc.v2 type=io.containerd.ttrpc.v1 Feb 9 12:32:45.870003 env[1477]: time="2024-02-09T12:32:45.869971614Z" level=info msg="starting signal loop" namespace=k8s.io path=/run/containerd/io.containerd.runtime.v2.task/k8s.io/24576de65ffab1410568b10319603c99f6d78431f5e4190311f8dc6d798e0385 pid=3135 runtime=io.containerd.runc.v2 Feb 9 12:32:45.890601 env[1477]: time="2024-02-09T12:32:45.890582363Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:calico-node-dbz6z,Uid:0bfd0cd7-d237-4278-b83b-430f9281f455,Namespace:calico-system,Attempt:0,}" Feb 9 12:32:45.672000 audit[3090]: NETFILTER_CFG table=filter:91 family=2 entries=16 op=nft_register_rule pid=3090 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:32:45.896140 env[1477]: time="2024-02-09T12:32:45.896105261Z" level=info msg="loading plugin \"io.containerd.event.v1.publisher\"..." runtime=io.containerd.runc.v2 type=io.containerd.event.v1 Feb 9 12:32:45.896140 env[1477]: time="2024-02-09T12:32:45.896129421Z" level=info msg="loading plugin \"io.containerd.internal.v1.shutdown\"..." runtime=io.containerd.runc.v2 type=io.containerd.internal.v1 Feb 9 12:32:45.896140 env[1477]: time="2024-02-09T12:32:45.896136359Z" level=info msg="loading plugin \"io.containerd.ttrpc.v1.task\"..." runtime=io.containerd.runc.v2 type=io.containerd.ttrpc.v1 Feb 9 12:32:45.896260 env[1477]: time="2024-02-09T12:32:45.896239210Z" level=info msg="starting signal loop" namespace=k8s.io path=/run/containerd/io.containerd.runtime.v2.task/k8s.io/850feefdab8161420d2481eac46f616c79a24b992d9e81ae92892fc32fa0101b pid=3158 runtime=io.containerd.runc.v2 Feb 9 12:32:45.901279 systemd[1]: Started cri-containerd-24576de65ffab1410568b10319603c99f6d78431f5e4190311f8dc6d798e0385.scope. Feb 9 12:32:45.672000 audit[3090]: SYSCALL arch=c000003e syscall=46 success=yes exit=5660 a0=3 a1=7ffe2ddf1ff0 a2=0 a3=7ffe2ddf1fdc items=0 ppid=2874 pid=3090 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:46.052797 kernel: audit: type=1325 audit(1707481965.672:1088): table=filter:91 family=2 entries=16 op=nft_register_rule pid=3090 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:32:46.052860 kernel: audit: type=1300 audit(1707481965.672:1088): arch=c000003e syscall=46 success=yes exit=5660 a0=3 a1=7ffe2ddf1ff0 a2=0 a3=7ffe2ddf1fdc items=0 ppid=2874 pid=3090 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:46.052885 kernel: audit: type=1327 audit(1707481965.672:1088): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:32:45.672000 audit: PROCTITLE proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:32:45.961000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:45.961000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:45.961000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:45.961000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:45.961000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:45.961000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:45.961000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:45.961000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:45.961000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit: BPF prog-id=127 op=LOAD Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { bpf } for pid=3145 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: SYSCALL arch=c000003e syscall=321 success=yes exit=0 a0=f a1=c000197c48 a2=10 a3=1c items=0 ppid=3135 pid=3145 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:46.110000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3234353736646536356666616231343130353638623130333139363033 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { perfmon } for pid=3145 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c0001976b0 a2=3c a3=c items=0 ppid=3135 pid=3145 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:46.110000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3234353736646536356666616231343130353638623130333139363033 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { bpf } for pid=3145 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { bpf } for pid=3145 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { bpf } for pid=3145 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { perfmon } for pid=3145 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { perfmon } for pid=3145 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { perfmon } for pid=3145 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { perfmon } for pid=3145 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { perfmon } for pid=3145 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { bpf } for pid=3145 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { bpf } for pid=3145 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit: BPF prog-id=128 op=LOAD Feb 9 12:32:46.110000 audit[3145]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c0001979d8 a2=78 a3=c000098e80 items=0 ppid=3135 pid=3145 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:46.110000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3234353736646536356666616231343130353638623130333139363033 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { bpf } for pid=3145 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { bpf } for pid=3145 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { perfmon } for pid=3145 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { perfmon } for pid=3145 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { perfmon } for pid=3145 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { perfmon } for pid=3145 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { perfmon } for pid=3145 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { bpf } for pid=3145 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { bpf } for pid=3145 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit: BPF prog-id=129 op=LOAD Feb 9 12:32:46.110000 audit[3145]: SYSCALL arch=c000003e syscall=321 success=yes exit=17 a0=5 a1=c000197770 a2=78 a3=c000098ec8 items=0 ppid=3135 pid=3145 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:46.110000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3234353736646536356666616231343130353638623130333139363033 Feb 9 12:32:46.110000 audit: BPF prog-id=129 op=UNLOAD Feb 9 12:32:46.110000 audit: BPF prog-id=128 op=UNLOAD Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { bpf } for pid=3145 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { bpf } for pid=3145 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { bpf } for pid=3145 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { perfmon } for pid=3145 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { perfmon } for pid=3145 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { perfmon } for pid=3145 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { perfmon } for pid=3145 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { perfmon } for pid=3145 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { bpf } for pid=3145 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit[3145]: AVC avc: denied { bpf } for pid=3145 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.110000 audit: BPF prog-id=130 op=LOAD Feb 9 12:32:46.110000 audit[3145]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c000197c30 a2=78 a3=c0000992d8 items=0 ppid=3135 pid=3145 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:46.110000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3234353736646536356666616231343130353638623130333139363033 Feb 9 12:32:46.112963 systemd[1]: Started cri-containerd-850feefdab8161420d2481eac46f616c79a24b992d9e81ae92892fc32fa0101b.scope. Feb 9 12:32:46.115000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.115000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.115000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.115000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.115000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.115000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.115000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.115000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.115000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.115000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.115000 audit: BPF prog-id=131 op=LOAD Feb 9 12:32:46.115000 audit[3167]: AVC avc: denied { bpf } for pid=3167 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.115000 audit[3167]: SYSCALL arch=c000003e syscall=321 success=yes exit=0 a0=f a1=c000145c48 a2=10 a3=1c items=0 ppid=3158 pid=3167 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:46.115000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3835306665656664616238313631343230643234383165616334366636 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { perfmon } for pid=3167 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=0 a1=c0001456b0 a2=3c a3=c items=0 ppid=3158 pid=3167 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:46.116000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3835306665656664616238313631343230643234383165616334366636 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { bpf } for pid=3167 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { bpf } for pid=3167 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { bpf } for pid=3167 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { perfmon } for pid=3167 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { perfmon } for pid=3167 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { perfmon } for pid=3167 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { perfmon } for pid=3167 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { perfmon } for pid=3167 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { bpf } for pid=3167 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { bpf } for pid=3167 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit: BPF prog-id=132 op=LOAD Feb 9 12:32:46.116000 audit[3167]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c0001459d8 a2=78 a3=c0003087c0 items=0 ppid=3158 pid=3167 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:46.116000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3835306665656664616238313631343230643234383165616334366636 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { bpf } for pid=3167 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { bpf } for pid=3167 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { perfmon } for pid=3167 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { perfmon } for pid=3167 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { perfmon } for pid=3167 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { perfmon } for pid=3167 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { perfmon } for pid=3167 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { bpf } for pid=3167 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { bpf } for pid=3167 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit: BPF prog-id=133 op=LOAD Feb 9 12:32:46.116000 audit[3167]: SYSCALL arch=c000003e syscall=321 success=yes exit=18 a0=5 a1=c000145770 a2=78 a3=c000308808 items=0 ppid=3158 pid=3167 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:46.116000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3835306665656664616238313631343230643234383165616334366636 Feb 9 12:32:46.116000 audit: BPF prog-id=133 op=UNLOAD Feb 9 12:32:46.116000 audit: BPF prog-id=132 op=UNLOAD Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { bpf } for pid=3167 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { bpf } for pid=3167 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { bpf } for pid=3167 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { perfmon } for pid=3167 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { perfmon } for pid=3167 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { perfmon } for pid=3167 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { perfmon } for pid=3167 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { perfmon } for pid=3167 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { bpf } for pid=3167 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit[3167]: AVC avc: denied { bpf } for pid=3167 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:46.116000 audit: BPF prog-id=134 op=LOAD Feb 9 12:32:46.116000 audit[3167]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c000145c30 a2=78 a3=c000308c18 items=0 ppid=3158 pid=3167 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:46.116000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3835306665656664616238313631343230643234383165616334366636 Feb 9 12:32:46.118000 audit[3090]: NETFILTER_CFG table=nat:92 family=2 entries=12 op=nft_register_rule pid=3090 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:32:46.118000 audit[3090]: SYSCALL arch=c000003e syscall=46 success=yes exit=2572 a0=3 a1=7ffe2ddf1ff0 a2=0 a3=31030 items=0 ppid=2874 pid=3090 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:46.118000 audit: PROCTITLE proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:32:46.133997 env[1477]: time="2024-02-09T12:32:46.133970456Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:calico-node-dbz6z,Uid:0bfd0cd7-d237-4278-b83b-430f9281f455,Namespace:calico-system,Attempt:0,} returns sandbox id \"850feefdab8161420d2481eac46f616c79a24b992d9e81ae92892fc32fa0101b\"" Feb 9 12:32:46.134641 env[1477]: time="2024-02-09T12:32:46.134630291Z" level=info msg="PullImage \"ghcr.io/flatcar/calico/pod2daemon-flexvol:v3.27.0\"" Feb 9 12:32:46.141726 env[1477]: time="2024-02-09T12:32:46.141675823Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:calico-typha-d4d87985d-dk6cj,Uid:d2e408e3-1632-44f4-8038-c81029432851,Namespace:calico-system,Attempt:0,} returns sandbox id \"24576de65ffab1410568b10319603c99f6d78431f5e4190311f8dc6d798e0385\"" Feb 9 12:32:46.501565 sshd[3034]: Failed password for invalid user csdojang from 163.228.248.90 port 28892 ssh2 Feb 9 12:32:47.323477 sshd[3034]: Received disconnect from 163.228.248.90 port 28892:11: Bye Bye [preauth] Feb 9 12:32:47.323477 sshd[3034]: Disconnected from invalid user csdojang 163.228.248.90 port 28892 [preauth] Feb 9 12:32:47.325766 systemd[1]: sshd@13-86.109.11.101:22-163.228.248.90:28892.service: Deactivated successfully. Feb 9 12:32:47.325000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@13-86.109.11.101:22-163.228.248.90:28892 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:47.702211 systemd[1]: Started sshd@14-86.109.11.101:22-38.7.207.12:49986.service. Feb 9 12:32:47.701000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-86.109.11.101:22-38.7.207.12:49986 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:48.025255 kubelet[2604]: E0209 12:32:48.025114 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:32:48.442899 systemd[1]: Started sshd@15-86.109.11.101:22-43.156.225.133:52802.service. Feb 9 12:32:48.442000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-86.109.11.101:22-43.156.225.133:52802 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:48.642171 sshd[3212]: Invalid user entangle from 38.7.207.12 port 49986 Feb 9 12:32:48.647668 sshd[3212]: pam_faillock(sshd:auth): User unknown Feb 9 12:32:48.648554 sshd[3212]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:32:48.648637 sshd[3212]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.7.207.12 Feb 9 12:32:48.649598 sshd[3212]: pam_faillock(sshd:auth): User unknown Feb 9 12:32:48.648000 audit[3212]: USER_AUTH pid=3212 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="entangle" exe="/usr/sbin/sshd" hostname=38.7.207.12 addr=38.7.207.12 terminal=ssh res=failed' Feb 9 12:32:49.534824 sshd[3215]: Invalid user elika from 43.156.225.133 port 52802 Feb 9 12:32:49.541083 sshd[3215]: pam_faillock(sshd:auth): User unknown Feb 9 12:32:49.542168 sshd[3215]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:32:49.542279 sshd[3215]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.156.225.133 Feb 9 12:32:49.543215 sshd[3215]: pam_faillock(sshd:auth): User unknown Feb 9 12:32:49.542000 audit[3215]: USER_AUTH pid=3215 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="elika" exe="/usr/sbin/sshd" hostname=43.156.225.133 addr=43.156.225.133 terminal=ssh res=failed' Feb 9 12:32:49.585722 kernel: kauditd_printk_skb: 121 callbacks suppressed Feb 9 12:32:49.585794 kernel: audit: type=1100 audit(1707481969.542:1130): pid=3215 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="elika" exe="/usr/sbin/sshd" hostname=43.156.225.133 addr=43.156.225.133 terminal=ssh res=failed' Feb 9 12:32:50.025747 kubelet[2604]: E0209 12:32:50.025659 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:32:50.162733 systemd[1]: var-lib-containerd-tmpmounts-containerd\x2dmount3621500110.mount: Deactivated successfully. Feb 9 12:32:50.204467 sshd[3212]: Failed password for invalid user entangle from 38.7.207.12 port 49986 ssh2 Feb 9 12:32:51.233473 sshd[3215]: Failed password for invalid user elika from 43.156.225.133 port 52802 ssh2 Feb 9 12:32:51.472964 sshd[3212]: Received disconnect from 38.7.207.12 port 49986:11: Bye Bye [preauth] Feb 9 12:32:51.472964 sshd[3212]: Disconnected from invalid user entangle 38.7.207.12 port 49986 [preauth] Feb 9 12:32:51.473547 systemd[1]: sshd@14-86.109.11.101:22-38.7.207.12:49986.service: Deactivated successfully. Feb 9 12:32:51.472000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-86.109.11.101:22-38.7.207.12:49986 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:51.565350 kernel: audit: type=1131 audit(1707481971.472:1131): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-86.109.11.101:22-38.7.207.12:49986 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:51.593461 sshd[3215]: Received disconnect from 43.156.225.133 port 52802:11: Bye Bye [preauth] Feb 9 12:32:51.593461 sshd[3215]: Disconnected from invalid user elika 43.156.225.133 port 52802 [preauth] Feb 9 12:32:51.595134 systemd[1]: sshd@15-86.109.11.101:22-43.156.225.133:52802.service: Deactivated successfully. Feb 9 12:32:51.594000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-86.109.11.101:22-43.156.225.133:52802 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:51.685312 kernel: audit: type=1131 audit(1707481971.594:1132): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-86.109.11.101:22-43.156.225.133:52802 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:52.025733 kubelet[2604]: E0209 12:32:52.025554 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:32:54.025699 kubelet[2604]: E0209 12:32:54.025586 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:32:54.715329 systemd[1]: Started sshd@16-86.109.11.101:22-101.35.54.203:48886.service. Feb 9 12:32:54.714000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@16-86.109.11.101:22-101.35.54.203:48886 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:54.807236 kernel: audit: type=1130 audit(1707481974.714:1133): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@16-86.109.11.101:22-101.35.54.203:48886 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:32:54.839794 env[1477]: time="2024-02-09T12:32:54.839771163Z" level=info msg="ImageCreate event &ImageCreate{Name:ghcr.io/flatcar/calico/pod2daemon-flexvol:v3.27.0,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:54.840428 env[1477]: time="2024-02-09T12:32:54.840415373Z" level=info msg="ImageCreate event &ImageCreate{Name:sha256:6506d2e0be2d5ec9cb8dbe00c4b4f037c67b6ab4ec14a1f0c83333ac51f4da9a,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:54.841817 env[1477]: time="2024-02-09T12:32:54.841802223Z" level=info msg="ImageUpdate event &ImageUpdate{Name:ghcr.io/flatcar/calico/pod2daemon-flexvol:v3.27.0,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:54.842791 env[1477]: time="2024-02-09T12:32:54.842769807Z" level=info msg="ImageCreate event &ImageCreate{Name:ghcr.io/flatcar/calico/pod2daemon-flexvol@sha256:b05edbd1f80db4ada229e6001a666a7dd36bb6ab617143684fb3d28abfc4b71e,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:32:54.843768 env[1477]: time="2024-02-09T12:32:54.843727989Z" level=info msg="PullImage \"ghcr.io/flatcar/calico/pod2daemon-flexvol:v3.27.0\" returns image reference \"sha256:6506d2e0be2d5ec9cb8dbe00c4b4f037c67b6ab4ec14a1f0c83333ac51f4da9a\"" Feb 9 12:32:54.844012 env[1477]: time="2024-02-09T12:32:54.843987271Z" level=info msg="PullImage \"ghcr.io/flatcar/calico/typha:v3.27.0\"" Feb 9 12:32:54.844547 env[1477]: time="2024-02-09T12:32:54.844528466Z" level=info msg="CreateContainer within sandbox \"850feefdab8161420d2481eac46f616c79a24b992d9e81ae92892fc32fa0101b\" for container &ContainerMetadata{Name:flexvol-driver,Attempt:0,}" Feb 9 12:32:54.849077 env[1477]: time="2024-02-09T12:32:54.849057358Z" level=info msg="CreateContainer within sandbox \"850feefdab8161420d2481eac46f616c79a24b992d9e81ae92892fc32fa0101b\" for &ContainerMetadata{Name:flexvol-driver,Attempt:0,} returns container id \"653ec90759286dba34e6b04895563a4f3ef32d4ebf454baf5d9dbfe6c618c7ac\"" Feb 9 12:32:54.849211 env[1477]: time="2024-02-09T12:32:54.849200394Z" level=info msg="StartContainer for \"653ec90759286dba34e6b04895563a4f3ef32d4ebf454baf5d9dbfe6c618c7ac\"" Feb 9 12:32:54.870096 systemd[1]: Started cri-containerd-653ec90759286dba34e6b04895563a4f3ef32d4ebf454baf5d9dbfe6c618c7ac.scope. Feb 9 12:32:54.875000 audit[3230]: AVC avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:54.875000 audit[3230]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c0001976b0 a2=3c a3=8 items=0 ppid=3158 pid=3230 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:55.036795 kernel: audit: type=1400 audit(1707481974.875:1134): avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.036846 kernel: audit: type=1300 audit(1707481974.875:1134): arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c0001976b0 a2=3c a3=8 items=0 ppid=3158 pid=3230 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:55.036862 kernel: audit: type=1327 audit(1707481974.875:1134): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3635336563393037353932383664626133346536623034383935353633 Feb 9 12:32:54.875000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3635336563393037353932383664626133346536623034383935353633 Feb 9 12:32:55.129881 kernel: audit: type=1400 audit(1707481974.875:1135): avc: denied { bpf } for pid=3230 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:54.875000 audit[3230]: AVC avc: denied { bpf } for pid=3230 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:54.875000 audit[3230]: AVC avc: denied { bpf } for pid=3230 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.257505 kernel: audit: type=1400 audit(1707481974.875:1135): avc: denied { bpf } for pid=3230 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.257552 kernel: audit: type=1400 audit(1707481974.875:1135): avc: denied { bpf } for pid=3230 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:54.875000 audit[3230]: AVC avc: denied { bpf } for pid=3230 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.321511 kernel: audit: type=1400 audit(1707481974.875:1135): avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:54.875000 audit[3230]: AVC avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.385985 kernel: audit: type=1400 audit(1707481974.875:1135): avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:54.875000 audit[3230]: AVC avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:54.875000 audit[3230]: AVC avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.464905 env[1477]: time="2024-02-09T12:32:55.464886504Z" level=info msg="StartContainer for \"653ec90759286dba34e6b04895563a4f3ef32d4ebf454baf5d9dbfe6c618c7ac\" returns successfully" Feb 9 12:32:55.515029 kernel: audit: type=1400 audit(1707481974.875:1135): avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:54.875000 audit[3230]: AVC avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:54.875000 audit[3230]: AVC avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:54.875000 audit[3230]: AVC avc: denied { bpf } for pid=3230 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:54.875000 audit[3230]: AVC avc: denied { bpf } for pid=3230 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:54.875000 audit: BPF prog-id=135 op=LOAD Feb 9 12:32:54.875000 audit[3230]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c0001979d8 a2=78 a3=c0002efc70 items=0 ppid=3158 pid=3230 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:54.875000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3635336563393037353932383664626133346536623034383935353633 Feb 9 12:32:55.035000 audit[3230]: AVC avc: denied { bpf } for pid=3230 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.035000 audit[3230]: AVC avc: denied { bpf } for pid=3230 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.035000 audit[3230]: AVC avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.035000 audit[3230]: AVC avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.035000 audit[3230]: AVC avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.035000 audit[3230]: AVC avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.035000 audit[3230]: AVC avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.035000 audit[3230]: AVC avc: denied { bpf } for pid=3230 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.035000 audit[3230]: AVC avc: denied { bpf } for pid=3230 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.035000 audit: BPF prog-id=136 op=LOAD Feb 9 12:32:55.035000 audit[3230]: SYSCALL arch=c000003e syscall=321 success=yes exit=17 a0=5 a1=c000197770 a2=78 a3=c0002efcb8 items=0 ppid=3158 pid=3230 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:55.035000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3635336563393037353932383664626133346536623034383935353633 Feb 9 12:32:55.192000 audit: BPF prog-id=136 op=UNLOAD Feb 9 12:32:55.192000 audit: BPF prog-id=135 op=UNLOAD Feb 9 12:32:55.192000 audit[3230]: AVC avc: denied { bpf } for pid=3230 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.192000 audit[3230]: AVC avc: denied { bpf } for pid=3230 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.192000 audit[3230]: AVC avc: denied { bpf } for pid=3230 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.192000 audit[3230]: AVC avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.192000 audit[3230]: AVC avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.192000 audit[3230]: AVC avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.192000 audit[3230]: AVC avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.192000 audit[3230]: AVC avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.192000 audit[3230]: AVC avc: denied { bpf } for pid=3230 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.192000 audit[3230]: SYSCALL arch=c000003e syscall=321 success=no exit=-11 a0=5 a1=c000197c30 a2=78 a3=c0002efd48 items=0 ppid=3158 pid=3230 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:55.192000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3635336563393037353932383664626133346536623034383935353633 Feb 9 12:32:55.192000 audit[3230]: AVC avc: denied { bpf } for pid=3230 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.192000 audit[3230]: AVC avc: denied { bpf } for pid=3230 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.192000 audit[3230]: AVC avc: denied { bpf } for pid=3230 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.192000 audit[3230]: AVC avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.192000 audit[3230]: AVC avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.192000 audit[3230]: AVC avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.192000 audit[3230]: AVC avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.192000 audit[3230]: AVC avc: denied { perfmon } for pid=3230 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.192000 audit[3230]: AVC avc: denied { bpf } for pid=3230 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.192000 audit[3230]: AVC avc: denied { bpf } for pid=3230 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:32:55.192000 audit: BPF prog-id=137 op=LOAD Feb 9 12:32:55.192000 audit[3230]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c000197c30 a2=78 a3=c0002efd48 items=0 ppid=3158 pid=3230 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:32:55.192000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3635336563393037353932383664626133346536623034383935353633 Feb 9 12:32:55.515282 systemd[1]: cri-containerd-653ec90759286dba34e6b04895563a4f3ef32d4ebf454baf5d9dbfe6c618c7ac.scope: Deactivated successfully. Feb 9 12:32:55.531258 sshd[3221]: Invalid user lantuh from 101.35.54.203 port 48886 Feb 9 12:32:55.532429 sshd[3221]: pam_faillock(sshd:auth): User unknown Feb 9 12:32:55.532610 sshd[3221]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:32:55.532628 sshd[3221]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.35.54.203 Feb 9 12:32:55.532805 sshd[3221]: pam_faillock(sshd:auth): User unknown Feb 9 12:32:55.531000 audit[3221]: USER_AUTH pid=3221 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="lantuh" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:32:55.532000 audit: BPF prog-id=137 op=UNLOAD Feb 9 12:32:55.548719 systemd[1]: run-containerd-io.containerd.runtime.v2.task-k8s.io-653ec90759286dba34e6b04895563a4f3ef32d4ebf454baf5d9dbfe6c618c7ac-rootfs.mount: Deactivated successfully. Feb 9 12:32:55.767417 env[1477]: time="2024-02-09T12:32:55.767158996Z" level=info msg="shim disconnected" id=653ec90759286dba34e6b04895563a4f3ef32d4ebf454baf5d9dbfe6c618c7ac Feb 9 12:32:55.767417 env[1477]: time="2024-02-09T12:32:55.767308503Z" level=warning msg="cleaning up after shim disconnected" id=653ec90759286dba34e6b04895563a4f3ef32d4ebf454baf5d9dbfe6c618c7ac namespace=k8s.io Feb 9 12:32:55.767417 env[1477]: time="2024-02-09T12:32:55.767345447Z" level=info msg="cleaning up dead shim" Feb 9 12:32:55.796343 env[1477]: time="2024-02-09T12:32:55.796253021Z" level=warning msg="cleanup warnings time=\"2024-02-09T12:32:55Z\" level=info msg=\"starting signal loop\" namespace=k8s.io pid=3269 runtime=io.containerd.runc.v2\n" Feb 9 12:32:56.025097 kubelet[2604]: E0209 12:32:56.024867 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:32:57.714458 sshd[3221]: Failed password for invalid user lantuh from 101.35.54.203 port 48886 ssh2 Feb 9 12:32:58.025811 kubelet[2604]: E0209 12:32:58.025584 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:32:59.072058 systemd[1]: var-lib-containerd-tmpmounts-containerd\x2dmount2769229434.mount: Deactivated successfully. Feb 9 12:32:59.591567 sshd[3221]: Received disconnect from 101.35.54.203 port 48886:11: Bye Bye [preauth] Feb 9 12:32:59.591567 sshd[3221]: Disconnected from invalid user lantuh 101.35.54.203 port 48886 [preauth] Feb 9 12:32:59.594017 systemd[1]: sshd@16-86.109.11.101:22-101.35.54.203:48886.service: Deactivated successfully. Feb 9 12:32:59.593000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@16-86.109.11.101:22-101.35.54.203:48886 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:00.025185 kubelet[2604]: E0209 12:33:00.024973 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:33:02.024991 kubelet[2604]: E0209 12:33:02.024894 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:33:04.025178 kubelet[2604]: E0209 12:33:04.025065 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:33:06.025362 kubelet[2604]: E0209 12:33:06.025277 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:33:08.024798 kubelet[2604]: E0209 12:33:08.024730 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:33:10.025330 kubelet[2604]: E0209 12:33:10.025276 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:33:12.025208 kubelet[2604]: E0209 12:33:12.025146 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:33:13.140576 systemd[1]: Started sshd@17-86.109.11.101:22-163.228.248.90:13467.service. Feb 9 12:33:13.139000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@17-86.109.11.101:22-163.228.248.90:13467 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:13.168175 kernel: kauditd_printk_skb: 48 callbacks suppressed Feb 9 12:33:13.168310 kernel: audit: type=1130 audit(1707481993.139:1144): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@17-86.109.11.101:22-163.228.248.90:13467 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:13.344171 env[1477]: time="2024-02-09T12:33:13.344147580Z" level=info msg="ImageCreate event &ImageCreate{Name:ghcr.io/flatcar/calico/typha:v3.27.0,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:33:13.344860 env[1477]: time="2024-02-09T12:33:13.344844498Z" level=info msg="ImageCreate event &ImageCreate{Name:sha256:b33768e0da1f8a5788a6a5d8ac2dcf15292ea9f3717de450f946c0a055b3532c,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:33:13.345754 env[1477]: time="2024-02-09T12:33:13.345714198Z" level=info msg="ImageUpdate event &ImageUpdate{Name:ghcr.io/flatcar/calico/typha:v3.27.0,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:33:13.346927 env[1477]: time="2024-02-09T12:33:13.346912739Z" level=info msg="ImageCreate event &ImageCreate{Name:ghcr.io/flatcar/calico/typha@sha256:5f2d3b8c354a4eb6de46e786889913916e620c6c256982fb8d0f1a1d36a282bc,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:33:13.347240 env[1477]: time="2024-02-09T12:33:13.347221233Z" level=info msg="PullImage \"ghcr.io/flatcar/calico/typha:v3.27.0\" returns image reference \"sha256:b33768e0da1f8a5788a6a5d8ac2dcf15292ea9f3717de450f946c0a055b3532c\"" Feb 9 12:33:13.347569 env[1477]: time="2024-02-09T12:33:13.347555839Z" level=info msg="PullImage \"ghcr.io/flatcar/calico/cni:v3.27.0\"" Feb 9 12:33:13.351192 env[1477]: time="2024-02-09T12:33:13.351169002Z" level=info msg="CreateContainer within sandbox \"24576de65ffab1410568b10319603c99f6d78431f5e4190311f8dc6d798e0385\" for container &ContainerMetadata{Name:calico-typha,Attempt:0,}" Feb 9 12:33:13.355449 env[1477]: time="2024-02-09T12:33:13.355396941Z" level=info msg="CreateContainer within sandbox \"24576de65ffab1410568b10319603c99f6d78431f5e4190311f8dc6d798e0385\" for &ContainerMetadata{Name:calico-typha,Attempt:0,} returns container id \"76a379dc406a33d18622e1f1f8867275bbd3c7158eee308e66d0310876ce3066\"" Feb 9 12:33:13.355693 env[1477]: time="2024-02-09T12:33:13.355677018Z" level=info msg="StartContainer for \"76a379dc406a33d18622e1f1f8867275bbd3c7158eee308e66d0310876ce3066\"" Feb 9 12:33:13.376544 systemd[1]: Started cri-containerd-76a379dc406a33d18622e1f1f8867275bbd3c7158eee308e66d0310876ce3066.scope. Feb 9 12:33:13.383000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.383000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.512020 kernel: audit: type=1400 audit(1707481993.383:1145): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.512055 kernel: audit: type=1400 audit(1707481993.383:1146): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.512072 kernel: audit: type=1400 audit(1707481993.383:1147): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.383000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.575737 kernel: audit: type=1400 audit(1707481993.383:1148): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.383000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.639859 kernel: audit: type=1400 audit(1707481993.383:1149): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.383000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.703968 kernel: audit: type=1400 audit(1707481993.383:1150): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.383000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.768630 kernel: audit: type=1400 audit(1707481993.383:1151): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.383000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.833260 kernel: audit: type=1400 audit(1707481993.383:1152): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.383000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.383000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.962607 kernel: audit: type=1400 audit(1707481993.383:1153): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.574000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.574000 audit: BPF prog-id=138 op=LOAD Feb 9 12:33:13.574000 audit[3303]: AVC avc: denied { bpf } for pid=3303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.574000 audit[3303]: SYSCALL arch=c000003e syscall=321 success=yes exit=0 a0=f a1=c000197c48 a2=10 a3=1c items=0 ppid=3135 pid=3303 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:13.574000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3736613337396463343036613333643138363232653166316638383637 Feb 9 12:33:13.574000 audit[3303]: AVC avc: denied { perfmon } for pid=3303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.574000 audit[3303]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=0 a1=c0001976b0 a2=3c a3=8 items=0 ppid=3135 pid=3303 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:13.574000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3736613337396463343036613333643138363232653166316638383637 Feb 9 12:33:13.574000 audit[3303]: AVC avc: denied { bpf } for pid=3303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.574000 audit[3303]: AVC avc: denied { bpf } for pid=3303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.574000 audit[3303]: AVC avc: denied { bpf } for pid=3303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.574000 audit[3303]: AVC avc: denied { perfmon } for pid=3303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.574000 audit[3303]: AVC avc: denied { perfmon } for pid=3303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.574000 audit[3303]: AVC avc: denied { perfmon } for pid=3303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.574000 audit[3303]: AVC avc: denied { perfmon } for pid=3303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.574000 audit[3303]: AVC avc: denied { perfmon } for pid=3303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.574000 audit[3303]: AVC avc: denied { bpf } for pid=3303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.574000 audit[3303]: AVC avc: denied { bpf } for pid=3303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.574000 audit: BPF prog-id=139 op=LOAD Feb 9 12:33:13.574000 audit[3303]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c0001979d8 a2=78 a3=c000297020 items=0 ppid=3135 pid=3303 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:13.574000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3736613337396463343036613333643138363232653166316638383637 Feb 9 12:33:13.702000 audit[3303]: AVC avc: denied { bpf } for pid=3303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.702000 audit[3303]: AVC avc: denied { bpf } for pid=3303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.702000 audit[3303]: AVC avc: denied { perfmon } for pid=3303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.702000 audit[3303]: AVC avc: denied { perfmon } for pid=3303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.702000 audit[3303]: AVC avc: denied { perfmon } for pid=3303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.702000 audit[3303]: AVC avc: denied { perfmon } for pid=3303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.702000 audit[3303]: AVC avc: denied { perfmon } for pid=3303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.702000 audit[3303]: AVC avc: denied { bpf } for pid=3303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.702000 audit[3303]: AVC avc: denied { bpf } for pid=3303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.702000 audit: BPF prog-id=140 op=LOAD Feb 9 12:33:13.702000 audit[3303]: SYSCALL arch=c000003e syscall=321 success=yes exit=18 a0=5 a1=c000197770 a2=78 a3=c000297068 items=0 ppid=3135 pid=3303 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:13.702000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3736613337396463343036613333643138363232653166316638383637 Feb 9 12:33:13.832000 audit: BPF prog-id=140 op=UNLOAD Feb 9 12:33:13.832000 audit: BPF prog-id=139 op=UNLOAD Feb 9 12:33:13.832000 audit[3303]: AVC avc: denied { bpf } for pid=3303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.832000 audit[3303]: AVC avc: denied { bpf } for pid=3303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.832000 audit[3303]: AVC avc: denied { bpf } for pid=3303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.832000 audit[3303]: AVC avc: denied { perfmon } for pid=3303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.832000 audit[3303]: AVC avc: denied { perfmon } for pid=3303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.832000 audit[3303]: AVC avc: denied { perfmon } for pid=3303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.832000 audit[3303]: AVC avc: denied { perfmon } for pid=3303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.832000 audit[3303]: AVC avc: denied { perfmon } for pid=3303 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.832000 audit[3303]: AVC avc: denied { bpf } for pid=3303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.832000 audit[3303]: AVC avc: denied { bpf } for pid=3303 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:13.832000 audit: BPF prog-id=141 op=LOAD Feb 9 12:33:13.832000 audit[3303]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c000197c30 a2=78 a3=c000297478 items=0 ppid=3135 pid=3303 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:13.832000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3736613337396463343036613333643138363232653166316638383637 Feb 9 12:33:13.991111 env[1477]: time="2024-02-09T12:33:13.991081969Z" level=info msg="StartContainer for \"76a379dc406a33d18622e1f1f8867275bbd3c7158eee308e66d0310876ce3066\" returns successfully" Feb 9 12:33:14.025501 kubelet[2604]: E0209 12:33:14.025426 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:33:14.166712 kubelet[2604]: I0209 12:33:14.166649 2604 pod_startup_latency_tracker.go:102] "Observed pod startup duration" pod="calico-system/calico-typha-d4d87985d-dk6cj" podStartSLOduration=1.961267142 podCreationTimestamp="2024-02-09 12:32:45 +0000 UTC" firstStartedPulling="2024-02-09 12:32:46.142167502 +0000 UTC m=+19.169654693" lastFinishedPulling="2024-02-09 12:33:13.347454683 +0000 UTC m=+46.374941878" observedRunningTime="2024-02-09 12:33:14.166059862 +0000 UTC m=+47.193547124" watchObservedRunningTime="2024-02-09 12:33:14.166554327 +0000 UTC m=+47.194041563" Feb 9 12:33:14.204000 audit[3348]: NETFILTER_CFG table=filter:93 family=2 entries=15 op=nft_register_rule pid=3348 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:33:14.204000 audit[3348]: SYSCALL arch=c000003e syscall=46 success=yes exit=4956 a0=3 a1=7ffec16e0bf0 a2=0 a3=7ffec16e0bdc items=0 ppid=2874 pid=3348 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:14.204000 audit: PROCTITLE proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:33:14.215086 sshd[3292]: Invalid user wj from 163.228.248.90 port 13467 Feb 9 12:33:14.220857 sshd[3292]: pam_faillock(sshd:auth): User unknown Feb 9 12:33:14.221874 sshd[3292]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:33:14.221970 sshd[3292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.228.248.90 Feb 9 12:33:14.206000 audit[3348]: NETFILTER_CFG table=nat:94 family=2 entries=19 op=nft_register_chain pid=3348 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:33:14.206000 audit[3348]: SYSCALL arch=c000003e syscall=46 success=yes exit=6068 a0=3 a1=7ffec16e0bf0 a2=0 a3=7ffec16e0bdc items=0 ppid=2874 pid=3348 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:14.206000 audit: PROCTITLE proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:33:14.221000 audit[3292]: USER_AUTH pid=3292 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="wj" exe="/usr/sbin/sshd" hostname=163.228.248.90 addr=163.228.248.90 terminal=ssh res=failed' Feb 9 12:33:14.222947 sshd[3292]: pam_faillock(sshd:auth): User unknown Feb 9 12:33:14.787170 systemd[1]: Started sshd@18-86.109.11.101:22-104.248.145.46:59334.service. Feb 9 12:33:14.786000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@18-86.109.11.101:22-104.248.145.46:59334 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:16.013404 sshd[3292]: Failed password for invalid user wj from 163.228.248.90 port 13467 ssh2 Feb 9 12:33:16.025435 kubelet[2604]: E0209 12:33:16.025370 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:33:16.161215 sshd[3350]: Invalid user lyl from 104.248.145.46 port 59334 Feb 9 12:33:16.167321 sshd[3350]: pam_faillock(sshd:auth): User unknown Feb 9 12:33:16.168501 sshd[3350]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:33:16.168586 sshd[3350]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.145.46 Feb 9 12:33:16.169516 sshd[3350]: pam_faillock(sshd:auth): User unknown Feb 9 12:33:16.168000 audit[3350]: USER_AUTH pid=3350 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="lyl" exe="/usr/sbin/sshd" hostname=104.248.145.46 addr=104.248.145.46 terminal=ssh res=failed' Feb 9 12:33:17.030893 systemd[1]: var-lib-containerd-tmpmounts-containerd\x2dmount2948202701.mount: Deactivated successfully. Feb 9 12:33:17.720545 sshd[3292]: Received disconnect from 163.228.248.90 port 13467:11: Bye Bye [preauth] Feb 9 12:33:17.720545 sshd[3292]: Disconnected from invalid user wj 163.228.248.90 port 13467 [preauth] Feb 9 12:33:17.721000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@17-86.109.11.101:22-163.228.248.90:13467 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:17.722794 systemd[1]: sshd@17-86.109.11.101:22-163.228.248.90:13467.service: Deactivated successfully. Feb 9 12:33:18.025517 kubelet[2604]: E0209 12:33:18.025289 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:33:18.057348 systemd[1]: Started sshd@19-86.109.11.101:22-135.125.161.64:50270.service. Feb 9 12:33:18.056000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@19-86.109.11.101:22-135.125.161.64:50270 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:18.235419 sshd[3350]: Failed password for invalid user lyl from 104.248.145.46 port 59334 ssh2 Feb 9 12:33:18.994693 sshd[3356]: Invalid user sibi from 135.125.161.64 port 50270 Feb 9 12:33:19.001043 sshd[3356]: pam_faillock(sshd:auth): User unknown Feb 9 12:33:19.002309 sshd[3356]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:33:19.002429 sshd[3356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=135.125.161.64 Feb 9 12:33:19.003584 sshd[3356]: pam_faillock(sshd:auth): User unknown Feb 9 12:33:19.002000 audit[3356]: USER_AUTH pid=3356 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="sibi" exe="/usr/sbin/sshd" hostname=135.125.161.64 addr=135.125.161.64 terminal=ssh res=failed' Feb 9 12:33:19.045146 kernel: kauditd_printk_skb: 59 callbacks suppressed Feb 9 12:33:19.045258 kernel: audit: type=1100 audit(1707481999.002:1170): pid=3356 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="sibi" exe="/usr/sbin/sshd" hostname=135.125.161.64 addr=135.125.161.64 terminal=ssh res=failed' Feb 9 12:33:19.213489 sshd[3350]: Received disconnect from 104.248.145.46 port 59334:11: Bye Bye [preauth] Feb 9 12:33:19.213489 sshd[3350]: Disconnected from invalid user lyl 104.248.145.46 port 59334 [preauth] Feb 9 12:33:19.215212 systemd[1]: sshd@18-86.109.11.101:22-104.248.145.46:59334.service: Deactivated successfully. Feb 9 12:33:19.214000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@18-86.109.11.101:22-104.248.145.46:59334 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:19.307291 kernel: audit: type=1131 audit(1707481999.214:1171): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@18-86.109.11.101:22-104.248.145.46:59334 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:20.025410 kubelet[2604]: E0209 12:33:20.025286 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:33:21.009443 sshd[3356]: Failed password for invalid user sibi from 135.125.161.64 port 50270 ssh2 Feb 9 12:33:22.025681 kubelet[2604]: E0209 12:33:22.025600 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:33:22.522556 sshd[3356]: Received disconnect from 135.125.161.64 port 50270:11: Bye Bye [preauth] Feb 9 12:33:22.522556 sshd[3356]: Disconnected from invalid user sibi 135.125.161.64 port 50270 [preauth] Feb 9 12:33:22.523251 systemd[1]: sshd@19-86.109.11.101:22-135.125.161.64:50270.service: Deactivated successfully. Feb 9 12:33:22.522000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@19-86.109.11.101:22-135.125.161.64:50270 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:22.616425 kernel: audit: type=1131 audit(1707482002.522:1172): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@19-86.109.11.101:22-135.125.161.64:50270 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:23.321000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:33:23.321000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0010e4ba0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:33:23.542754 kernel: audit: type=1400 audit(1707482003.321:1173): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:33:23.542816 kernel: audit: type=1300 audit(1707482003.321:1173): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0010e4ba0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:33:23.542837 kernel: audit: type=1327 audit(1707482003.321:1173): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:33:23.321000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:33:23.636819 kernel: audit: type=1400 audit(1707482003.321:1174): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:33:23.321000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:33:23.727880 kernel: audit: type=1300 audit(1707482003.321:1174): arch=c000003e syscall=254 success=no exit=-13 a0=b a1=c00130e960 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:33:23.321000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=b a1=c00130e960 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:33:23.851376 kernel: audit: type=1327 audit(1707482003.321:1174): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:33:23.321000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:33:23.946689 kernel: audit: type=1400 audit(1707482003.456:1175): avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:33:23.456000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:33:24.025237 kubelet[2604]: E0209 12:33:24.025196 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:33:24.037703 kernel: audit: type=1400 audit(1707482003.456:1176): avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="sda9" ino=521007 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:33:23.456000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="sda9" ino=521007 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:33:24.129293 kernel: audit: type=1300 audit(1707482003.456:1175): arch=c000003e syscall=254 success=no exit=-13 a0=5f a1=c008c65de0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:33:23.456000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5f a1=c008c65de0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:33:24.228689 kernel: audit: type=1300 audit(1707482003.456:1176): arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c00a0101b0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:33:23.456000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c00a0101b0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:33:24.327862 kernel: audit: type=1327 audit(1707482003.456:1175): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:33:23.456000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:33:24.421880 kernel: audit: type=1327 audit(1707482003.456:1176): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:33:23.456000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:33:24.515866 kernel: audit: type=1400 audit(1707482003.456:1177): avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:33:23.456000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:33:24.608052 kernel: audit: type=1300 audit(1707482003.456:1177): arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c0092befc0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:33:23.456000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c0092befc0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:33:24.707401 kernel: audit: type=1327 audit(1707482003.456:1177): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:33:23.456000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:33:24.801505 kernel: audit: type=1400 audit(1707482003.456:1178): avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="sda9" ino=521013 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:33:23.456000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="sda9" ino=521013 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:33:24.893992 kernel: audit: type=1300 audit(1707482003.456:1178): arch=c000003e syscall=254 success=no exit=-13 a0=5f a1=c0121627e0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:33:23.456000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5f a1=c0121627e0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:33:23.456000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:33:23.457000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:33:23.457000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c0092bf0e0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:33:23.457000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:33:23.457000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:33:23.457000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c01241eb80 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:33:23.457000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:33:26.025004 kubelet[2604]: E0209 12:33:26.024948 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:33:28.025614 kubelet[2604]: E0209 12:33:28.025506 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:33:30.025421 kubelet[2604]: E0209 12:33:30.025376 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="network is not ready: container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:33:30.040143 env[1477]: time="2024-02-09T12:33:30.040122979Z" level=info msg="ImageCreate event &ImageCreate{Name:ghcr.io/flatcar/calico/cni:v3.27.0,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:33:30.040683 env[1477]: time="2024-02-09T12:33:30.040672832Z" level=info msg="ImageCreate event &ImageCreate{Name:sha256:8e8d96a874c0e2f137bc6e0ff4b9da4ac2341852e41d99ab81983d329bb87d93,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:33:30.041680 env[1477]: time="2024-02-09T12:33:30.041669516Z" level=info msg="ImageUpdate event &ImageUpdate{Name:ghcr.io/flatcar/calico/cni:v3.27.0,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:33:30.042973 env[1477]: time="2024-02-09T12:33:30.042958255Z" level=info msg="ImageCreate event &ImageCreate{Name:ghcr.io/flatcar/calico/cni@sha256:d943b4c23e82a39b0186a1a3b2fe8f728e543d503df72d7be521501a82b7e7b4,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:33:30.043781 env[1477]: time="2024-02-09T12:33:30.043754534Z" level=info msg="PullImage \"ghcr.io/flatcar/calico/cni:v3.27.0\" returns image reference \"sha256:8e8d96a874c0e2f137bc6e0ff4b9da4ac2341852e41d99ab81983d329bb87d93\"" Feb 9 12:33:30.054825 env[1477]: time="2024-02-09T12:33:30.054810831Z" level=info msg="CreateContainer within sandbox \"850feefdab8161420d2481eac46f616c79a24b992d9e81ae92892fc32fa0101b\" for container &ContainerMetadata{Name:install-cni,Attempt:0,}" Feb 9 12:33:30.059500 env[1477]: time="2024-02-09T12:33:30.059484347Z" level=info msg="CreateContainer within sandbox \"850feefdab8161420d2481eac46f616c79a24b992d9e81ae92892fc32fa0101b\" for &ContainerMetadata{Name:install-cni,Attempt:0,} returns container id \"82a740126342f9cfd980a5392c27de7ff347ffd1a84fa8db492fd1a54843f843\"" Feb 9 12:33:30.059673 env[1477]: time="2024-02-09T12:33:30.059659337Z" level=info msg="StartContainer for \"82a740126342f9cfd980a5392c27de7ff347ffd1a84fa8db492fd1a54843f843\"" Feb 9 12:33:30.081233 systemd[1]: Started cri-containerd-82a740126342f9cfd980a5392c27de7ff347ffd1a84fa8db492fd1a54843f843.scope. Feb 9 12:33:30.086000 audit[3370]: AVC avc: denied { perfmon } for pid=3370 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.115589 kernel: kauditd_printk_skb: 7 callbacks suppressed Feb 9 12:33:30.115628 kernel: audit: type=1400 audit(1707482010.086:1181): avc: denied { perfmon } for pid=3370 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.086000 audit[3370]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c0001976b0 a2=3c a3=8 items=0 ppid=3158 pid=3370 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:30.277027 kernel: audit: type=1300 audit(1707482010.086:1181): arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c0001976b0 a2=3c a3=8 items=0 ppid=3158 pid=3370 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:30.277075 kernel: audit: type=1327 audit(1707482010.086:1181): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3832613734303132363334326639636664393830613533393263323764 Feb 9 12:33:30.086000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3832613734303132363334326639636664393830613533393263323764 Feb 9 12:33:30.371081 kernel: audit: type=1400 audit(1707482010.086:1182): avc: denied { bpf } for pid=3370 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.086000 audit[3370]: AVC avc: denied { bpf } for pid=3370 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.435071 kernel: audit: type=1400 audit(1707482010.086:1182): avc: denied { bpf } for pid=3370 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.086000 audit[3370]: AVC avc: denied { bpf } for pid=3370 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.499117 kernel: audit: type=1400 audit(1707482010.086:1182): avc: denied { bpf } for pid=3370 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.086000 audit[3370]: AVC avc: denied { bpf } for pid=3370 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.563295 kernel: audit: type=1400 audit(1707482010.086:1182): avc: denied { perfmon } for pid=3370 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.086000 audit[3370]: AVC avc: denied { perfmon } for pid=3370 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.086000 audit[3370]: AVC avc: denied { perfmon } for pid=3370 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.692546 kernel: audit: type=1400 audit(1707482010.086:1182): avc: denied { perfmon } for pid=3370 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.692588 kernel: audit: type=1400 audit(1707482010.086:1182): avc: denied { perfmon } for pid=3370 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.086000 audit[3370]: AVC avc: denied { perfmon } for pid=3370 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.693828 env[1477]: time="2024-02-09T12:33:30.693806763Z" level=info msg="StartContainer for \"82a740126342f9cfd980a5392c27de7ff347ffd1a84fa8db492fd1a54843f843\" returns successfully" Feb 9 12:33:30.757167 kernel: audit: type=1400 audit(1707482010.086:1182): avc: denied { perfmon } for pid=3370 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.086000 audit[3370]: AVC avc: denied { perfmon } for pid=3370 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.086000 audit[3370]: AVC avc: denied { perfmon } for pid=3370 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.086000 audit[3370]: AVC avc: denied { bpf } for pid=3370 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.086000 audit[3370]: AVC avc: denied { bpf } for pid=3370 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.086000 audit: BPF prog-id=142 op=LOAD Feb 9 12:33:30.086000 audit[3370]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c0001979d8 a2=78 a3=c0002efc70 items=0 ppid=3158 pid=3370 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:30.086000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3832613734303132363334326639636664393830613533393263323764 Feb 9 12:33:30.178000 audit[3370]: AVC avc: denied { bpf } for pid=3370 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.178000 audit[3370]: AVC avc: denied { bpf } for pid=3370 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.178000 audit[3370]: AVC avc: denied { perfmon } for pid=3370 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.178000 audit[3370]: AVC avc: denied { perfmon } for pid=3370 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.178000 audit[3370]: AVC avc: denied { perfmon } for pid=3370 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.178000 audit[3370]: AVC avc: denied { perfmon } for pid=3370 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.178000 audit[3370]: AVC avc: denied { perfmon } for pid=3370 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.178000 audit[3370]: AVC avc: denied { bpf } for pid=3370 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.178000 audit[3370]: AVC avc: denied { bpf } for pid=3370 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.178000 audit: BPF prog-id=143 op=LOAD Feb 9 12:33:30.178000 audit[3370]: SYSCALL arch=c000003e syscall=321 success=yes exit=17 a0=5 a1=c000197770 a2=78 a3=c0002efcb8 items=0 ppid=3158 pid=3370 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:30.178000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3832613734303132363334326639636664393830613533393263323764 Feb 9 12:33:30.369000 audit: BPF prog-id=143 op=UNLOAD Feb 9 12:33:30.369000 audit: BPF prog-id=142 op=UNLOAD Feb 9 12:33:30.369000 audit[3370]: AVC avc: denied { bpf } for pid=3370 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.369000 audit[3370]: AVC avc: denied { bpf } for pid=3370 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.369000 audit[3370]: AVC avc: denied { bpf } for pid=3370 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.369000 audit[3370]: AVC avc: denied { perfmon } for pid=3370 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.369000 audit[3370]: AVC avc: denied { perfmon } for pid=3370 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.369000 audit[3370]: AVC avc: denied { perfmon } for pid=3370 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.369000 audit[3370]: AVC avc: denied { perfmon } for pid=3370 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.369000 audit[3370]: AVC avc: denied { perfmon } for pid=3370 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.369000 audit[3370]: AVC avc: denied { bpf } for pid=3370 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.369000 audit[3370]: AVC avc: denied { bpf } for pid=3370 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:30.369000 audit: BPF prog-id=144 op=LOAD Feb 9 12:33:30.369000 audit[3370]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c000197c30 a2=78 a3=c0002efd48 items=0 ppid=3158 pid=3370 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:30.369000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3832613734303132363334326639636664393830613533393263323764 Feb 9 12:33:31.369409 env[1477]: time="2024-02-09T12:33:31.369313658Z" level=error msg="failed to reload cni configuration after receiving fs change event(\"/etc/cni/net.d/calico-kubeconfig\": WRITE)" error="cni config load failed: no network config found in /etc/cni/net.d: cni plugin not initialized: failed to load cni config" Feb 9 12:33:31.372440 systemd[1]: cri-containerd-82a740126342f9cfd980a5392c27de7ff347ffd1a84fa8db492fd1a54843f843.scope: Deactivated successfully. Feb 9 12:33:31.384000 audit: BPF prog-id=144 op=UNLOAD Feb 9 12:33:31.430484 systemd[1]: run-containerd-io.containerd.runtime.v2.task-k8s.io-82a740126342f9cfd980a5392c27de7ff347ffd1a84fa8db492fd1a54843f843-rootfs.mount: Deactivated successfully. Feb 9 12:33:31.472971 kubelet[2604]: I0209 12:33:31.472914 2604 kubelet_node_status.go:493] "Fast updating node status as it just became ready" Feb 9 12:33:31.508157 kubelet[2604]: I0209 12:33:31.508062 2604 topology_manager.go:215] "Topology Admit Handler" podUID="68728d04-1b22-4a01-b400-f233f97ddf7a" podNamespace="kube-system" podName="coredns-5dd5756b68-hcnbs" Feb 9 12:33:31.509865 kubelet[2604]: I0209 12:33:31.509806 2604 topology_manager.go:215] "Topology Admit Handler" podUID="6767a203-ea0f-489a-b56d-95cceaa81e84" podNamespace="kube-system" podName="coredns-5dd5756b68-w85nl" Feb 9 12:33:31.510679 kubelet[2604]: I0209 12:33:31.510643 2604 topology_manager.go:215] "Topology Admit Handler" podUID="9dece026-c927-4497-a4b2-37fd11886d77" podNamespace="calico-system" podName="calico-kube-controllers-8598b7b64f-447jc" Feb 9 12:33:31.522080 systemd[1]: Created slice kubepods-burstable-pod68728d04_1b22_4a01_b400_f233f97ddf7a.slice. Feb 9 12:33:31.534419 systemd[1]: Created slice kubepods-burstable-pod6767a203_ea0f_489a_b56d_95cceaa81e84.slice. Feb 9 12:33:31.546031 systemd[1]: Created slice kubepods-besteffort-pod9dece026_c927_4497_a4b2_37fd11886d77.slice. Feb 9 12:33:31.596126 kubelet[2604]: I0209 12:33:31.596055 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"config-volume\" (UniqueName: \"kubernetes.io/configmap/6767a203-ea0f-489a-b56d-95cceaa81e84-config-volume\") pod \"coredns-5dd5756b68-w85nl\" (UID: \"6767a203-ea0f-489a-b56d-95cceaa81e84\") " pod="kube-system/coredns-5dd5756b68-w85nl" Feb 9 12:33:31.596634 kubelet[2604]: I0209 12:33:31.596212 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"tigera-ca-bundle\" (UniqueName: \"kubernetes.io/configmap/9dece026-c927-4497-a4b2-37fd11886d77-tigera-ca-bundle\") pod \"calico-kube-controllers-8598b7b64f-447jc\" (UID: \"9dece026-c927-4497-a4b2-37fd11886d77\") " pod="calico-system/calico-kube-controllers-8598b7b64f-447jc" Feb 9 12:33:31.596634 kubelet[2604]: I0209 12:33:31.596376 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"kube-api-access-4zm7q\" (UniqueName: \"kubernetes.io/projected/6767a203-ea0f-489a-b56d-95cceaa81e84-kube-api-access-4zm7q\") pod \"coredns-5dd5756b68-w85nl\" (UID: \"6767a203-ea0f-489a-b56d-95cceaa81e84\") " pod="kube-system/coredns-5dd5756b68-w85nl" Feb 9 12:33:31.596634 kubelet[2604]: I0209 12:33:31.596573 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"kube-api-access-zdpz2\" (UniqueName: \"kubernetes.io/projected/9dece026-c927-4497-a4b2-37fd11886d77-kube-api-access-zdpz2\") pod \"calico-kube-controllers-8598b7b64f-447jc\" (UID: \"9dece026-c927-4497-a4b2-37fd11886d77\") " pod="calico-system/calico-kube-controllers-8598b7b64f-447jc" Feb 9 12:33:31.597113 kubelet[2604]: I0209 12:33:31.596672 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"config-volume\" (UniqueName: \"kubernetes.io/configmap/68728d04-1b22-4a01-b400-f233f97ddf7a-config-volume\") pod \"coredns-5dd5756b68-hcnbs\" (UID: \"68728d04-1b22-4a01-b400-f233f97ddf7a\") " pod="kube-system/coredns-5dd5756b68-hcnbs" Feb 9 12:33:31.597113 kubelet[2604]: I0209 12:33:31.596788 2604 reconciler_common.go:258] "operationExecutor.VerifyControllerAttachedVolume started for volume \"kube-api-access-484d7\" (UniqueName: \"kubernetes.io/projected/68728d04-1b22-4a01-b400-f233f97ddf7a-kube-api-access-484d7\") pod \"coredns-5dd5756b68-hcnbs\" (UID: \"68728d04-1b22-4a01-b400-f233f97ddf7a\") " pod="kube-system/coredns-5dd5756b68-hcnbs" Feb 9 12:33:31.758178 systemd[1]: Started sshd@20-86.109.11.101:22-101.35.54.203:57974.service. Feb 9 12:33:31.757000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@20-86.109.11.101:22-101.35.54.203:57974 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:31.829197 env[1477]: time="2024-02-09T12:33:31.829079055Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:coredns-5dd5756b68-hcnbs,Uid:68728d04-1b22-4a01-b400-f233f97ddf7a,Namespace:kube-system,Attempt:0,}" Feb 9 12:33:31.841322 env[1477]: time="2024-02-09T12:33:31.841212543Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:coredns-5dd5756b68-w85nl,Uid:6767a203-ea0f-489a-b56d-95cceaa81e84,Namespace:kube-system,Attempt:0,}" Feb 9 12:33:31.851887 env[1477]: time="2024-02-09T12:33:31.851799441Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:calico-kube-controllers-8598b7b64f-447jc,Uid:9dece026-c927-4497-a4b2-37fd11886d77,Namespace:calico-system,Attempt:0,}" Feb 9 12:33:32.038654 systemd[1]: Created slice kubepods-besteffort-pod9d7d849f_47a3_4ce5_b643_2347a74f746a.slice. Feb 9 12:33:32.040559 env[1477]: time="2024-02-09T12:33:32.040541389Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:csi-node-driver-8dfwv,Uid:9d7d849f-47a3-4ce5-b643-2347a74f746a,Namespace:calico-system,Attempt:0,}" Feb 9 12:33:32.059168 env[1477]: time="2024-02-09T12:33:32.059120108Z" level=info msg="shim disconnected" id=82a740126342f9cfd980a5392c27de7ff347ffd1a84fa8db492fd1a54843f843 Feb 9 12:33:32.059168 env[1477]: time="2024-02-09T12:33:32.059142301Z" level=warning msg="cleaning up after shim disconnected" id=82a740126342f9cfd980a5392c27de7ff347ffd1a84fa8db492fd1a54843f843 namespace=k8s.io Feb 9 12:33:32.059168 env[1477]: time="2024-02-09T12:33:32.059148748Z" level=info msg="cleaning up dead shim" Feb 9 12:33:32.076087 env[1477]: time="2024-02-09T12:33:32.076040836Z" level=warning msg="cleanup warnings time=\"2024-02-09T12:33:32Z\" level=info msg=\"starting signal loop\" namespace=k8s.io pid=3439 runtime=io.containerd.runc.v2\n" Feb 9 12:33:32.096950 env[1477]: time="2024-02-09T12:33:32.096884115Z" level=error msg="Failed to destroy network for sandbox \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\"" error="plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:32.097101 env[1477]: time="2024-02-09T12:33:32.097079840Z" level=error msg="Failed to destroy network for sandbox \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\"" error="plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:32.097149 env[1477]: time="2024-02-09T12:33:32.097124833Z" level=error msg="Failed to destroy network for sandbox \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\"" error="plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:32.097207 env[1477]: time="2024-02-09T12:33:32.097191992Z" level=error msg="encountered an error cleaning up failed sandbox \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\", marking sandbox state as SANDBOX_UNKNOWN" error="plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:32.097246 env[1477]: time="2024-02-09T12:33:32.097221820Z" level=error msg="RunPodSandbox for &PodSandboxMetadata{Name:coredns-5dd5756b68-hcnbs,Uid:68728d04-1b22-4a01-b400-f233f97ddf7a,Namespace:kube-system,Attempt:0,} failed, error" error="failed to setup network for sandbox \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\": plugin type=\"calico\" failed (add): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:32.097272 env[1477]: time="2024-02-09T12:33:32.097247361Z" level=error msg="encountered an error cleaning up failed sandbox \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\", marking sandbox state as SANDBOX_UNKNOWN" error="plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:32.097290 env[1477]: time="2024-02-09T12:33:32.097273787Z" level=error msg="RunPodSandbox for &PodSandboxMetadata{Name:calico-kube-controllers-8598b7b64f-447jc,Uid:9dece026-c927-4497-a4b2-37fd11886d77,Namespace:calico-system,Attempt:0,} failed, error" error="failed to setup network for sandbox \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\": plugin type=\"calico\" failed (add): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:32.097334 env[1477]: time="2024-02-09T12:33:32.097314310Z" level=error msg="encountered an error cleaning up failed sandbox \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\", marking sandbox state as SANDBOX_UNKNOWN" error="plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:32.097366 env[1477]: time="2024-02-09T12:33:32.097337476Z" level=error msg="RunPodSandbox for &PodSandboxMetadata{Name:coredns-5dd5756b68-w85nl,Uid:6767a203-ea0f-489a-b56d-95cceaa81e84,Namespace:kube-system,Attempt:0,} failed, error" error="failed to setup network for sandbox \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\": plugin type=\"calico\" failed (add): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:32.097395 kubelet[2604]: E0209 12:33:32.097384 2604 remote_runtime.go:193] "RunPodSandbox from runtime service failed" err="rpc error: code = Unknown desc = failed to setup network for sandbox \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\": plugin type=\"calico\" failed (add): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:32.097426 kubelet[2604]: E0209 12:33:32.097420 2604 remote_runtime.go:193] "RunPodSandbox from runtime service failed" err="rpc error: code = Unknown desc = failed to setup network for sandbox \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\": plugin type=\"calico\" failed (add): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:32.097450 kubelet[2604]: E0209 12:33:32.097431 2604 kuberuntime_sandbox.go:72] "Failed to create sandbox for pod" err="rpc error: code = Unknown desc = failed to setup network for sandbox \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\": plugin type=\"calico\" failed (add): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" pod="calico-system/calico-kube-controllers-8598b7b64f-447jc" Feb 9 12:33:32.097450 kubelet[2604]: E0209 12:33:32.097440 2604 kuberuntime_sandbox.go:72] "Failed to create sandbox for pod" err="rpc error: code = Unknown desc = failed to setup network for sandbox \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\": plugin type=\"calico\" failed (add): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" pod="kube-system/coredns-5dd5756b68-w85nl" Feb 9 12:33:32.097450 kubelet[2604]: E0209 12:33:32.097445 2604 kuberuntime_manager.go:1119] "CreatePodSandbox for pod failed" err="rpc error: code = Unknown desc = failed to setup network for sandbox \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\": plugin type=\"calico\" failed (add): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" pod="calico-system/calico-kube-controllers-8598b7b64f-447jc" Feb 9 12:33:32.097508 kubelet[2604]: E0209 12:33:32.097384 2604 remote_runtime.go:193] "RunPodSandbox from runtime service failed" err="rpc error: code = Unknown desc = failed to setup network for sandbox \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\": plugin type=\"calico\" failed (add): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:32.097508 kubelet[2604]: E0209 12:33:32.097454 2604 kuberuntime_manager.go:1119] "CreatePodSandbox for pod failed" err="rpc error: code = Unknown desc = failed to setup network for sandbox \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\": plugin type=\"calico\" failed (add): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" pod="kube-system/coredns-5dd5756b68-w85nl" Feb 9 12:33:32.097508 kubelet[2604]: E0209 12:33:32.097473 2604 kuberuntime_sandbox.go:72] "Failed to create sandbox for pod" err="rpc error: code = Unknown desc = failed to setup network for sandbox \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\": plugin type=\"calico\" failed (add): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" pod="kube-system/coredns-5dd5756b68-hcnbs" Feb 9 12:33:32.097565 kubelet[2604]: E0209 12:33:32.097484 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="failed to \"CreatePodSandbox\" for \"calico-kube-controllers-8598b7b64f-447jc_calico-system(9dece026-c927-4497-a4b2-37fd11886d77)\" with CreatePodSandboxError: \"Failed to create sandbox for pod \\\"calico-kube-controllers-8598b7b64f-447jc_calico-system(9dece026-c927-4497-a4b2-37fd11886d77)\\\": rpc error: code = Unknown desc = failed to setup network for sandbox \\\"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\\\": plugin type=\\\"calico\\\" failed (add): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/\"" pod="calico-system/calico-kube-controllers-8598b7b64f-447jc" podUID="9dece026-c927-4497-a4b2-37fd11886d77" Feb 9 12:33:32.097565 kubelet[2604]: E0209 12:33:32.097483 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="failed to \"CreatePodSandbox\" for \"coredns-5dd5756b68-w85nl_kube-system(6767a203-ea0f-489a-b56d-95cceaa81e84)\" with CreatePodSandboxError: \"Failed to create sandbox for pod \\\"coredns-5dd5756b68-w85nl_kube-system(6767a203-ea0f-489a-b56d-95cceaa81e84)\\\": rpc error: code = Unknown desc = failed to setup network for sandbox \\\"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\\\": plugin type=\\\"calico\\\" failed (add): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/\"" pod="kube-system/coredns-5dd5756b68-w85nl" podUID="6767a203-ea0f-489a-b56d-95cceaa81e84" Feb 9 12:33:32.097565 kubelet[2604]: E0209 12:33:32.097487 2604 kuberuntime_manager.go:1119] "CreatePodSandbox for pod failed" err="rpc error: code = Unknown desc = failed to setup network for sandbox \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\": plugin type=\"calico\" failed (add): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" pod="kube-system/coredns-5dd5756b68-hcnbs" Feb 9 12:33:32.097676 kubelet[2604]: E0209 12:33:32.097513 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="failed to \"CreatePodSandbox\" for \"coredns-5dd5756b68-hcnbs_kube-system(68728d04-1b22-4a01-b400-f233f97ddf7a)\" with CreatePodSandboxError: \"Failed to create sandbox for pod \\\"coredns-5dd5756b68-hcnbs_kube-system(68728d04-1b22-4a01-b400-f233f97ddf7a)\\\": rpc error: code = Unknown desc = failed to setup network for sandbox \\\"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\\\": plugin type=\\\"calico\\\" failed (add): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/\"" pod="kube-system/coredns-5dd5756b68-hcnbs" podUID="68728d04-1b22-4a01-b400-f233f97ddf7a" Feb 9 12:33:32.106146 env[1477]: time="2024-02-09T12:33:32.106108853Z" level=error msg="Failed to destroy network for sandbox \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\"" error="plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:32.106355 env[1477]: time="2024-02-09T12:33:32.106338456Z" level=error msg="encountered an error cleaning up failed sandbox \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\", marking sandbox state as SANDBOX_UNKNOWN" error="plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:32.106401 env[1477]: time="2024-02-09T12:33:32.106369538Z" level=error msg="RunPodSandbox for &PodSandboxMetadata{Name:csi-node-driver-8dfwv,Uid:9d7d849f-47a3-4ce5-b643-2347a74f746a,Namespace:calico-system,Attempt:0,} failed, error" error="failed to setup network for sandbox \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\": plugin type=\"calico\" failed (add): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:32.106561 kubelet[2604]: E0209 12:33:32.106530 2604 remote_runtime.go:193] "RunPodSandbox from runtime service failed" err="rpc error: code = Unknown desc = failed to setup network for sandbox \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\": plugin type=\"calico\" failed (add): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:32.106561 kubelet[2604]: E0209 12:33:32.106561 2604 kuberuntime_sandbox.go:72] "Failed to create sandbox for pod" err="rpc error: code = Unknown desc = failed to setup network for sandbox \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\": plugin type=\"calico\" failed (add): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" pod="calico-system/csi-node-driver-8dfwv" Feb 9 12:33:32.106625 kubelet[2604]: E0209 12:33:32.106575 2604 kuberuntime_manager.go:1119] "CreatePodSandbox for pod failed" err="rpc error: code = Unknown desc = failed to setup network for sandbox \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\": plugin type=\"calico\" failed (add): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" pod="calico-system/csi-node-driver-8dfwv" Feb 9 12:33:32.106625 kubelet[2604]: E0209 12:33:32.106606 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="failed to \"CreatePodSandbox\" for \"csi-node-driver-8dfwv_calico-system(9d7d849f-47a3-4ce5-b643-2347a74f746a)\" with CreatePodSandboxError: \"Failed to create sandbox for pod \\\"csi-node-driver-8dfwv_calico-system(9d7d849f-47a3-4ce5-b643-2347a74f746a)\\\": rpc error: code = Unknown desc = failed to setup network for sandbox \\\"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\\\": plugin type=\\\"calico\\\" failed (add): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/\"" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:33:32.216386 kubelet[2604]: I0209 12:33:32.216328 2604 pod_container_deletor.go:80] "Container not found in pod's containers" containerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Feb 9 12:33:32.220319 env[1477]: time="2024-02-09T12:33:32.220224427Z" level=info msg="StopPodSandbox for \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\"" Feb 9 12:33:32.222536 kubelet[2604]: I0209 12:33:32.222490 2604 pod_container_deletor.go:80] "Container not found in pod's containers" containerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Feb 9 12:33:32.223723 env[1477]: time="2024-02-09T12:33:32.223642422Z" level=info msg="StopPodSandbox for \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\"" Feb 9 12:33:32.224933 kubelet[2604]: I0209 12:33:32.224879 2604 pod_container_deletor.go:80] "Container not found in pod's containers" containerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Feb 9 12:33:32.226107 env[1477]: time="2024-02-09T12:33:32.226025793Z" level=info msg="StopPodSandbox for \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\"" Feb 9 12:33:32.226994 kubelet[2604]: I0209 12:33:32.226946 2604 pod_container_deletor.go:80] "Container not found in pod's containers" containerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Feb 9 12:33:32.228280 env[1477]: time="2024-02-09T12:33:32.228170688Z" level=info msg="StopPodSandbox for \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\"" Feb 9 12:33:32.233966 env[1477]: time="2024-02-09T12:33:32.233868718Z" level=info msg="PullImage \"ghcr.io/flatcar/calico/node:v3.27.0\"" Feb 9 12:33:32.268679 env[1477]: time="2024-02-09T12:33:32.268627351Z" level=error msg="StopPodSandbox for \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\" failed" error="failed to destroy network for sandbox \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\": plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:32.268805 env[1477]: time="2024-02-09T12:33:32.268710162Z" level=error msg="StopPodSandbox for \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\" failed" error="failed to destroy network for sandbox \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\": plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:32.268913 kubelet[2604]: E0209 12:33:32.268896 2604 remote_runtime.go:222] "StopPodSandbox from runtime service failed" err="rpc error: code = Unknown desc = failed to destroy network for sandbox \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\": plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" podSandboxID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Feb 9 12:33:32.269011 kubelet[2604]: E0209 12:33:32.268951 2604 remote_runtime.go:222] "StopPodSandbox from runtime service failed" err="rpc error: code = Unknown desc = failed to destroy network for sandbox \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\": plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" podSandboxID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Feb 9 12:33:32.269011 kubelet[2604]: E0209 12:33:32.268966 2604 kuberuntime_manager.go:1315] "Failed to stop sandbox" podSandboxID={"Type":"containerd","ID":"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3"} Feb 9 12:33:32.269011 kubelet[2604]: E0209 12:33:32.268983 2604 kuberuntime_manager.go:1315] "Failed to stop sandbox" podSandboxID={"Type":"containerd","ID":"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43"} Feb 9 12:33:32.269011 kubelet[2604]: E0209 12:33:32.269010 2604 kuberuntime_manager.go:1028] "killPodWithSyncResult failed" err="failed to \"KillPodSandbox\" for \"9dece026-c927-4497-a4b2-37fd11886d77\" with KillPodSandboxError: \"rpc error: code = Unknown desc = failed to destroy network for sandbox \\\"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\\\": plugin type=\\\"calico\\\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/\"" Feb 9 12:33:32.269224 kubelet[2604]: E0209 12:33:32.269020 2604 kuberuntime_manager.go:1028] "killPodWithSyncResult failed" err="failed to \"KillPodSandbox\" for \"9d7d849f-47a3-4ce5-b643-2347a74f746a\" with KillPodSandboxError: \"rpc error: code = Unknown desc = failed to destroy network for sandbox \\\"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\\\": plugin type=\\\"calico\\\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/\"" Feb 9 12:33:32.269224 kubelet[2604]: E0209 12:33:32.269047 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="failed to \"KillPodSandbox\" for \"9dece026-c927-4497-a4b2-37fd11886d77\" with KillPodSandboxError: \"rpc error: code = Unknown desc = failed to destroy network for sandbox \\\"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\\\": plugin type=\\\"calico\\\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/\"" pod="calico-system/calico-kube-controllers-8598b7b64f-447jc" podUID="9dece026-c927-4497-a4b2-37fd11886d77" Feb 9 12:33:32.269224 kubelet[2604]: E0209 12:33:32.269055 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="failed to \"KillPodSandbox\" for \"9d7d849f-47a3-4ce5-b643-2347a74f746a\" with KillPodSandboxError: \"rpc error: code = Unknown desc = failed to destroy network for sandbox \\\"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\\\": plugin type=\\\"calico\\\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/\"" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:33:32.269853 env[1477]: time="2024-02-09T12:33:32.269786491Z" level=error msg="StopPodSandbox for \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\" failed" error="failed to destroy network for sandbox \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\": plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:32.269917 env[1477]: time="2024-02-09T12:33:32.269835489Z" level=error msg="StopPodSandbox for \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\" failed" error="failed to destroy network for sandbox \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\": plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:32.269966 kubelet[2604]: E0209 12:33:32.269946 2604 remote_runtime.go:222] "StopPodSandbox from runtime service failed" err="rpc error: code = Unknown desc = failed to destroy network for sandbox \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\": plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" podSandboxID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Feb 9 12:33:32.269966 kubelet[2604]: E0209 12:33:32.269954 2604 remote_runtime.go:222] "StopPodSandbox from runtime service failed" err="rpc error: code = Unknown desc = failed to destroy network for sandbox \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\": plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" podSandboxID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Feb 9 12:33:32.270043 kubelet[2604]: E0209 12:33:32.269967 2604 kuberuntime_manager.go:1315] "Failed to stop sandbox" podSandboxID={"Type":"containerd","ID":"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995"} Feb 9 12:33:32.270043 kubelet[2604]: E0209 12:33:32.269981 2604 kuberuntime_manager.go:1315] "Failed to stop sandbox" podSandboxID={"Type":"containerd","ID":"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe"} Feb 9 12:33:32.270043 kubelet[2604]: E0209 12:33:32.269999 2604 kuberuntime_manager.go:1028] "killPodWithSyncResult failed" err="failed to \"KillPodSandbox\" for \"68728d04-1b22-4a01-b400-f233f97ddf7a\" with KillPodSandboxError: \"rpc error: code = Unknown desc = failed to destroy network for sandbox \\\"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\\\": plugin type=\\\"calico\\\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/\"" Feb 9 12:33:32.270043 kubelet[2604]: E0209 12:33:32.270013 2604 kuberuntime_manager.go:1028] "killPodWithSyncResult failed" err="failed to \"KillPodSandbox\" for \"6767a203-ea0f-489a-b56d-95cceaa81e84\" with KillPodSandboxError: \"rpc error: code = Unknown desc = failed to destroy network for sandbox \\\"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\\\": plugin type=\\\"calico\\\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/\"" Feb 9 12:33:32.270043 kubelet[2604]: E0209 12:33:32.270024 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="failed to \"KillPodSandbox\" for \"68728d04-1b22-4a01-b400-f233f97ddf7a\" with KillPodSandboxError: \"rpc error: code = Unknown desc = failed to destroy network for sandbox \\\"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\\\": plugin type=\\\"calico\\\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/\"" pod="kube-system/coredns-5dd5756b68-hcnbs" podUID="68728d04-1b22-4a01-b400-f233f97ddf7a" Feb 9 12:33:32.270298 kubelet[2604]: E0209 12:33:32.270042 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="failed to \"KillPodSandbox\" for \"6767a203-ea0f-489a-b56d-95cceaa81e84\" with KillPodSandboxError: \"rpc error: code = Unknown desc = failed to destroy network for sandbox \\\"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\\\": plugin type=\\\"calico\\\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/\"" pod="kube-system/coredns-5dd5756b68-w85nl" podUID="6767a203-ea0f-489a-b56d-95cceaa81e84" Feb 9 12:33:32.430277 systemd[1]: run-containerd-io.containerd.grpc.v1.cri-sandboxes-bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43-shm.mount: Deactivated successfully. Feb 9 12:33:32.430532 systemd[1]: run-containerd-io.containerd.grpc.v1.cri-sandboxes-1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe-shm.mount: Deactivated successfully. Feb 9 12:33:32.430716 systemd[1]: run-containerd-io.containerd.grpc.v1.cri-sandboxes-cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3-shm.mount: Deactivated successfully. Feb 9 12:33:32.430868 systemd[1]: run-containerd-io.containerd.grpc.v1.cri-sandboxes-cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995-shm.mount: Deactivated successfully. Feb 9 12:33:32.477746 sshd[3437]: Invalid user mpovic from 101.35.54.203 port 57974 Feb 9 12:33:32.483797 sshd[3437]: pam_faillock(sshd:auth): User unknown Feb 9 12:33:32.484886 sshd[3437]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:33:32.484973 sshd[3437]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.35.54.203 Feb 9 12:33:32.485935 sshd[3437]: pam_faillock(sshd:auth): User unknown Feb 9 12:33:32.484000 audit[3437]: USER_AUTH pid=3437 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="mpovic" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:33:34.748457 sshd[3437]: Failed password for invalid user mpovic from 101.35.54.203 port 57974 ssh2 Feb 9 12:33:35.668774 systemd[1]: Started sshd@21-86.109.11.101:22-43.153.64.49:41010.service. Feb 9 12:33:35.667000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@21-86.109.11.101:22-43.153.64.49:41010 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:35.696689 kernel: kauditd_printk_skb: 36 callbacks suppressed Feb 9 12:33:35.696761 kernel: audit: type=1130 audit(1707482015.667:1190): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@21-86.109.11.101:22-43.153.64.49:41010 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:35.858581 sshd[3771]: Invalid user aliadib from 43.153.64.49 port 41010 Feb 9 12:33:35.864617 sshd[3771]: pam_faillock(sshd:auth): User unknown Feb 9 12:33:35.865344 sshd[3771]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:33:35.865363 sshd[3771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.153.64.49 Feb 9 12:33:35.865526 sshd[3771]: pam_faillock(sshd:auth): User unknown Feb 9 12:33:35.864000 audit[3771]: USER_AUTH pid=3771 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="aliadib" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:33:35.935669 sshd[3437]: Received disconnect from 101.35.54.203 port 57974:11: Bye Bye [preauth] Feb 9 12:33:35.935669 sshd[3437]: Disconnected from invalid user mpovic 101.35.54.203 port 57974 [preauth] Feb 9 12:33:35.936162 systemd[1]: sshd@20-86.109.11.101:22-101.35.54.203:57974.service: Deactivated successfully. Feb 9 12:33:35.935000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@20-86.109.11.101:22-101.35.54.203:57974 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:36.048198 kernel: audit: type=1100 audit(1707482015.864:1191): pid=3771 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="aliadib" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:33:36.048224 kernel: audit: type=1131 audit(1707482015.935:1192): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@20-86.109.11.101:22-101.35.54.203:57974 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:37.204492 sshd[3771]: Failed password for invalid user aliadib from 43.153.64.49 port 41010 ssh2 Feb 9 12:33:37.605414 sshd[3771]: Received disconnect from 43.153.64.49 port 41010:11: Bye Bye [preauth] Feb 9 12:33:37.605414 sshd[3771]: Disconnected from invalid user aliadib 43.153.64.49 port 41010 [preauth] Feb 9 12:33:37.606099 systemd[1]: sshd@21-86.109.11.101:22-43.153.64.49:41010.service: Deactivated successfully. Feb 9 12:33:37.605000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@21-86.109.11.101:22-43.153.64.49:41010 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:37.699289 kernel: audit: type=1131 audit(1707482017.605:1193): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@21-86.109.11.101:22-43.153.64.49:41010 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:39.217000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:33:39.217000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0001b5620 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:33:39.435809 kernel: audit: type=1400 audit(1707482019.217:1194): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:33:39.435869 kernel: audit: type=1300 audit(1707482019.217:1194): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0001b5620 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:33:39.435885 kernel: audit: type=1327 audit(1707482019.217:1194): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:33:39.217000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:33:39.530050 kernel: audit: type=1400 audit(1707482019.219:1195): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:33:39.219000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:33:39.621221 kernel: audit: type=1300 audit(1707482019.219:1195): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001382e20 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:33:39.219000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001382e20 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:33:39.743058 kernel: audit: type=1327 audit(1707482019.219:1195): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:33:39.219000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:33:39.220000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:33:39.220000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001382e40 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:33:39.220000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:33:39.221000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:33:39.221000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001382e60 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:33:39.221000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:33:42.645339 systemd[1]: Started sshd@22-86.109.11.101:22-163.228.248.90:37702.service. Feb 9 12:33:42.645000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@22-86.109.11.101:22-163.228.248.90:37702 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:42.673401 kernel: kauditd_printk_skb: 6 callbacks suppressed Feb 9 12:33:42.673488 kernel: audit: type=1130 audit(1707482022.645:1198): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@22-86.109.11.101:22-163.228.248.90:37702 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:43.026855 env[1477]: time="2024-02-09T12:33:43.026613955Z" level=info msg="StopPodSandbox for \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\"" Feb 9 12:33:43.026855 env[1477]: time="2024-02-09T12:33:43.026675851Z" level=info msg="StopPodSandbox for \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\"" Feb 9 12:33:43.086110 env[1477]: time="2024-02-09T12:33:43.085948882Z" level=error msg="StopPodSandbox for \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\" failed" error="failed to destroy network for sandbox \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\": plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:43.086532 kubelet[2604]: E0209 12:33:43.086488 2604 remote_runtime.go:222] "StopPodSandbox from runtime service failed" err="rpc error: code = Unknown desc = failed to destroy network for sandbox \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\": plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" podSandboxID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Feb 9 12:33:43.087430 kubelet[2604]: E0209 12:33:43.086572 2604 kuberuntime_manager.go:1315] "Failed to stop sandbox" podSandboxID={"Type":"containerd","ID":"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3"} Feb 9 12:33:43.087430 kubelet[2604]: E0209 12:33:43.086667 2604 kuberuntime_manager.go:1028] "killPodWithSyncResult failed" err="failed to \"KillPodSandbox\" for \"9dece026-c927-4497-a4b2-37fd11886d77\" with KillPodSandboxError: \"rpc error: code = Unknown desc = failed to destroy network for sandbox \\\"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\\\": plugin type=\\\"calico\\\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/\"" Feb 9 12:33:43.087430 kubelet[2604]: E0209 12:33:43.086739 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="failed to \"KillPodSandbox\" for \"9dece026-c927-4497-a4b2-37fd11886d77\" with KillPodSandboxError: \"rpc error: code = Unknown desc = failed to destroy network for sandbox \\\"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\\\": plugin type=\\\"calico\\\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/\"" pod="calico-system/calico-kube-controllers-8598b7b64f-447jc" podUID="9dece026-c927-4497-a4b2-37fd11886d77" Feb 9 12:33:43.089407 env[1477]: time="2024-02-09T12:33:43.089303320Z" level=error msg="StopPodSandbox for \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\" failed" error="failed to destroy network for sandbox \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\": plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:43.089602 kubelet[2604]: E0209 12:33:43.089571 2604 remote_runtime.go:222] "StopPodSandbox from runtime service failed" err="rpc error: code = Unknown desc = failed to destroy network for sandbox \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\": plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" podSandboxID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Feb 9 12:33:43.089721 kubelet[2604]: E0209 12:33:43.089620 2604 kuberuntime_manager.go:1315] "Failed to stop sandbox" podSandboxID={"Type":"containerd","ID":"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe"} Feb 9 12:33:43.089721 kubelet[2604]: E0209 12:33:43.089681 2604 kuberuntime_manager.go:1028] "killPodWithSyncResult failed" err="failed to \"KillPodSandbox\" for \"6767a203-ea0f-489a-b56d-95cceaa81e84\" with KillPodSandboxError: \"rpc error: code = Unknown desc = failed to destroy network for sandbox \\\"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\\\": plugin type=\\\"calico\\\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/\"" Feb 9 12:33:43.089921 kubelet[2604]: E0209 12:33:43.089730 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="failed to \"KillPodSandbox\" for \"6767a203-ea0f-489a-b56d-95cceaa81e84\" with KillPodSandboxError: \"rpc error: code = Unknown desc = failed to destroy network for sandbox \\\"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\\\": plugin type=\\\"calico\\\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/\"" pod="kube-system/coredns-5dd5756b68-w85nl" podUID="6767a203-ea0f-489a-b56d-95cceaa81e84" Feb 9 12:33:43.734783 sshd[3778]: Invalid user jerome from 163.228.248.90 port 37702 Feb 9 12:33:43.738586 sshd[3778]: pam_faillock(sshd:auth): User unknown Feb 9 12:33:43.739246 sshd[3778]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:33:43.739310 sshd[3778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.228.248.90 Feb 9 12:33:43.739927 sshd[3778]: pam_faillock(sshd:auth): User unknown Feb 9 12:33:43.738000 audit[3778]: USER_AUTH pid=3778 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="jerome" exe="/usr/sbin/sshd" hostname=163.228.248.90 addr=163.228.248.90 terminal=ssh res=failed' Feb 9 12:33:43.832297 kernel: audit: type=1100 audit(1707482023.738:1199): pid=3778 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="jerome" exe="/usr/sbin/sshd" hostname=163.228.248.90 addr=163.228.248.90 terminal=ssh res=failed' Feb 9 12:33:45.026650 env[1477]: time="2024-02-09T12:33:45.026561505Z" level=info msg="StopPodSandbox for \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\"" Feb 9 12:33:45.026650 env[1477]: time="2024-02-09T12:33:45.026561720Z" level=info msg="StopPodSandbox for \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\"" Feb 9 12:33:45.076332 env[1477]: time="2024-02-09T12:33:45.076275314Z" level=error msg="StopPodSandbox for \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\" failed" error="failed to destroy network for sandbox \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\": plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:45.076514 kubelet[2604]: E0209 12:33:45.076493 2604 remote_runtime.go:222] "StopPodSandbox from runtime service failed" err="rpc error: code = Unknown desc = failed to destroy network for sandbox \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\": plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" podSandboxID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Feb 9 12:33:45.076820 kubelet[2604]: E0209 12:33:45.076534 2604 kuberuntime_manager.go:1315] "Failed to stop sandbox" podSandboxID={"Type":"containerd","ID":"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43"} Feb 9 12:33:45.076820 kubelet[2604]: E0209 12:33:45.076578 2604 kuberuntime_manager.go:1028] "killPodWithSyncResult failed" err="failed to \"KillPodSandbox\" for \"9d7d849f-47a3-4ce5-b643-2347a74f746a\" with KillPodSandboxError: \"rpc error: code = Unknown desc = failed to destroy network for sandbox \\\"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\\\": plugin type=\\\"calico\\\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/\"" Feb 9 12:33:45.076820 kubelet[2604]: E0209 12:33:45.076612 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="failed to \"KillPodSandbox\" for \"9d7d849f-47a3-4ce5-b643-2347a74f746a\" with KillPodSandboxError: \"rpc error: code = Unknown desc = failed to destroy network for sandbox \\\"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\\\": plugin type=\\\"calico\\\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/\"" pod="calico-system/csi-node-driver-8dfwv" podUID="9d7d849f-47a3-4ce5-b643-2347a74f746a" Feb 9 12:33:45.078525 env[1477]: time="2024-02-09T12:33:45.078457515Z" level=error msg="StopPodSandbox for \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\" failed" error="failed to destroy network for sandbox \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\": plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" Feb 9 12:33:45.078664 kubelet[2604]: E0209 12:33:45.078648 2604 remote_runtime.go:222] "StopPodSandbox from runtime service failed" err="rpc error: code = Unknown desc = failed to destroy network for sandbox \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\": plugin type=\"calico\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/" podSandboxID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Feb 9 12:33:45.078734 kubelet[2604]: E0209 12:33:45.078672 2604 kuberuntime_manager.go:1315] "Failed to stop sandbox" podSandboxID={"Type":"containerd","ID":"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995"} Feb 9 12:33:45.078734 kubelet[2604]: E0209 12:33:45.078720 2604 kuberuntime_manager.go:1028] "killPodWithSyncResult failed" err="failed to \"KillPodSandbox\" for \"68728d04-1b22-4a01-b400-f233f97ddf7a\" with KillPodSandboxError: \"rpc error: code = Unknown desc = failed to destroy network for sandbox \\\"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\\\": plugin type=\\\"calico\\\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/\"" Feb 9 12:33:45.078843 kubelet[2604]: E0209 12:33:45.078744 2604 pod_workers.go:1300] "Error syncing pod, skipping" err="failed to \"KillPodSandbox\" for \"68728d04-1b22-4a01-b400-f233f97ddf7a\" with KillPodSandboxError: \"rpc error: code = Unknown desc = failed to destroy network for sandbox \\\"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\\\": plugin type=\\\"calico\\\" failed (delete): stat /var/lib/calico/nodename: no such file or directory: check that the calico/node container is running and has mounted /var/lib/calico/\"" pod="kube-system/coredns-5dd5756b68-hcnbs" podUID="68728d04-1b22-4a01-b400-f233f97ddf7a" Feb 9 12:33:45.510936 sshd[3778]: Failed password for invalid user jerome from 163.228.248.90 port 37702 ssh2 Feb 9 12:33:47.470990 sshd[3778]: Received disconnect from 163.228.248.90 port 37702:11: Bye Bye [preauth] Feb 9 12:33:47.470990 sshd[3778]: Disconnected from invalid user jerome 163.228.248.90 port 37702 [preauth] Feb 9 12:33:47.473371 systemd[1]: sshd@22-86.109.11.101:22-163.228.248.90:37702.service: Deactivated successfully. Feb 9 12:33:47.472000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@22-86.109.11.101:22-163.228.248.90:37702 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:47.567263 kernel: audit: type=1131 audit(1707482027.472:1200): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@22-86.109.11.101:22-163.228.248.90:37702 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:50.076474 systemd[1]: var-lib-containerd-tmpmounts-containerd\x2dmount1922819313.mount: Deactivated successfully. Feb 9 12:33:50.099160 env[1477]: time="2024-02-09T12:33:50.099112390Z" level=info msg="ImageCreate event &ImageCreate{Name:ghcr.io/flatcar/calico/node:v3.27.0,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:33:50.099677 env[1477]: time="2024-02-09T12:33:50.099636649Z" level=info msg="ImageCreate event &ImageCreate{Name:sha256:1843802b91be8ff1c1d35ee08461ebe909e7a2199e59396f69886439a372312c,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:33:50.100264 env[1477]: time="2024-02-09T12:33:50.100203425Z" level=info msg="ImageUpdate event &ImageUpdate{Name:ghcr.io/flatcar/calico/node:v3.27.0,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:33:50.100816 env[1477]: time="2024-02-09T12:33:50.100776643Z" level=info msg="ImageCreate event &ImageCreate{Name:ghcr.io/flatcar/calico/node@sha256:a45dffb21a0e9ca8962f36359a2ab776beeecd93843543c2fa1745d7bbb0f754,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:33:50.101099 env[1477]: time="2024-02-09T12:33:50.101056471Z" level=info msg="PullImage \"ghcr.io/flatcar/calico/node:v3.27.0\" returns image reference \"sha256:1843802b91be8ff1c1d35ee08461ebe909e7a2199e59396f69886439a372312c\"" Feb 9 12:33:50.105523 env[1477]: time="2024-02-09T12:33:50.105482102Z" level=info msg="CreateContainer within sandbox \"850feefdab8161420d2481eac46f616c79a24b992d9e81ae92892fc32fa0101b\" for container &ContainerMetadata{Name:calico-node,Attempt:0,}" Feb 9 12:33:50.110540 env[1477]: time="2024-02-09T12:33:50.110496288Z" level=info msg="CreateContainer within sandbox \"850feefdab8161420d2481eac46f616c79a24b992d9e81ae92892fc32fa0101b\" for &ContainerMetadata{Name:calico-node,Attempt:0,} returns container id \"9d556dbe6b3fc02430d2328b18e8a1997a4b769cedc769946286bf793ebfa1d1\"" Feb 9 12:33:50.110741 env[1477]: time="2024-02-09T12:33:50.110685458Z" level=info msg="StartContainer for \"9d556dbe6b3fc02430d2328b18e8a1997a4b769cedc769946286bf793ebfa1d1\"" Feb 9 12:33:50.131729 systemd[1]: Started cri-containerd-9d556dbe6b3fc02430d2328b18e8a1997a4b769cedc769946286bf793ebfa1d1.scope. Feb 9 12:33:50.140000 audit[3912]: AVC avc: denied { perfmon } for pid=3912 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.140000 audit[3912]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c0001976b0 a2=3c a3=8 items=0 ppid=3158 pid=3912 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:50.303405 kernel: audit: type=1400 audit(1707482030.140:1201): avc: denied { perfmon } for pid=3912 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.303486 kernel: audit: type=1300 audit(1707482030.140:1201): arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c0001976b0 a2=3c a3=8 items=0 ppid=3158 pid=3912 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:50.303506 kernel: audit: type=1327 audit(1707482030.140:1201): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3964353536646265366233666330323433306432333238623138653861 Feb 9 12:33:50.140000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3964353536646265366233666330323433306432333238623138653861 Feb 9 12:33:50.397178 kernel: audit: type=1400 audit(1707482030.140:1202): avc: denied { bpf } for pid=3912 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.140000 audit[3912]: AVC avc: denied { bpf } for pid=3912 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.460975 kernel: audit: type=1400 audit(1707482030.140:1202): avc: denied { bpf } for pid=3912 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.140000 audit[3912]: AVC avc: denied { bpf } for pid=3912 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.524834 kernel: audit: type=1400 audit(1707482030.140:1202): avc: denied { bpf } for pid=3912 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.140000 audit[3912]: AVC avc: denied { bpf } for pid=3912 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.588711 kernel: audit: type=1400 audit(1707482030.140:1202): avc: denied { perfmon } for pid=3912 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.140000 audit[3912]: AVC avc: denied { perfmon } for pid=3912 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.652886 kernel: audit: type=1400 audit(1707482030.140:1202): avc: denied { perfmon } for pid=3912 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.140000 audit[3912]: AVC avc: denied { perfmon } for pid=3912 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.717171 kernel: audit: type=1400 audit(1707482030.140:1202): avc: denied { perfmon } for pid=3912 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.140000 audit[3912]: AVC avc: denied { perfmon } for pid=3912 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.735517 env[1477]: time="2024-02-09T12:33:50.735489180Z" level=info msg="StartContainer for \"9d556dbe6b3fc02430d2328b18e8a1997a4b769cedc769946286bf793ebfa1d1\" returns successfully" Feb 9 12:33:50.781490 kernel: audit: type=1400 audit(1707482030.140:1202): avc: denied { perfmon } for pid=3912 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.140000 audit[3912]: AVC avc: denied { perfmon } for pid=3912 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.140000 audit[3912]: AVC avc: denied { perfmon } for pid=3912 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.140000 audit[3912]: AVC avc: denied { bpf } for pid=3912 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.140000 audit[3912]: AVC avc: denied { bpf } for pid=3912 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.140000 audit: BPF prog-id=145 op=LOAD Feb 9 12:33:50.140000 audit[3912]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c0001979d8 a2=78 a3=c000278430 items=0 ppid=3158 pid=3912 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:50.140000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3964353536646265366233666330323433306432333238623138653861 Feb 9 12:33:50.395000 audit[3912]: AVC avc: denied { bpf } for pid=3912 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.395000 audit[3912]: AVC avc: denied { bpf } for pid=3912 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.395000 audit[3912]: AVC avc: denied { perfmon } for pid=3912 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.395000 audit[3912]: AVC avc: denied { perfmon } for pid=3912 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.395000 audit[3912]: AVC avc: denied { perfmon } for pid=3912 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.395000 audit[3912]: AVC avc: denied { perfmon } for pid=3912 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.395000 audit[3912]: AVC avc: denied { perfmon } for pid=3912 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.395000 audit[3912]: AVC avc: denied { bpf } for pid=3912 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.395000 audit[3912]: AVC avc: denied { bpf } for pid=3912 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.395000 audit: BPF prog-id=146 op=LOAD Feb 9 12:33:50.395000 audit[3912]: SYSCALL arch=c000003e syscall=321 success=yes exit=17 a0=5 a1=c000197770 a2=78 a3=c000278478 items=0 ppid=3158 pid=3912 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:50.395000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3964353536646265366233666330323433306432333238623138653861 Feb 9 12:33:50.523000 audit: BPF prog-id=146 op=UNLOAD Feb 9 12:33:50.523000 audit: BPF prog-id=145 op=UNLOAD Feb 9 12:33:50.523000 audit[3912]: AVC avc: denied { bpf } for pid=3912 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.523000 audit[3912]: AVC avc: denied { bpf } for pid=3912 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.523000 audit[3912]: AVC avc: denied { bpf } for pid=3912 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.523000 audit[3912]: AVC avc: denied { perfmon } for pid=3912 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.523000 audit[3912]: AVC avc: denied { perfmon } for pid=3912 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.523000 audit[3912]: AVC avc: denied { perfmon } for pid=3912 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.523000 audit[3912]: AVC avc: denied { perfmon } for pid=3912 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.523000 audit[3912]: AVC avc: denied { perfmon } for pid=3912 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.523000 audit[3912]: AVC avc: denied { bpf } for pid=3912 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.523000 audit[3912]: AVC avc: denied { bpf } for pid=3912 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:50.523000 audit: BPF prog-id=147 op=LOAD Feb 9 12:33:50.523000 audit[3912]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c000197c30 a2=78 a3=c000278508 items=0 ppid=3158 pid=3912 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:50.523000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3964353536646265366233666330323433306432333238623138653861 Feb 9 12:33:50.942300 kernel: wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information. Feb 9 12:33:50.942383 kernel: wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld . All Rights Reserved. Feb 9 12:33:51.338256 kubelet[2604]: I0209 12:33:51.338185 2604 pod_startup_latency_tracker.go:102] "Observed pod startup duration" pod="calico-system/calico-node-dbz6z" podStartSLOduration=2.371307952 podCreationTimestamp="2024-02-09 12:32:45 +0000 UTC" firstStartedPulling="2024-02-09 12:32:46.134503184 +0000 UTC m=+19.161990374" lastFinishedPulling="2024-02-09 12:33:50.101291844 +0000 UTC m=+83.128779034" observedRunningTime="2024-02-09 12:33:51.336810211 +0000 UTC m=+84.364297478" watchObservedRunningTime="2024-02-09 12:33:51.338096612 +0000 UTC m=+84.365583851" Feb 9 12:33:52.021817 systemd[1]: Started sshd@23-86.109.11.101:22-38.7.207.12:40944.service. Feb 9 12:33:52.020000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@23-86.109.11.101:22-38.7.207.12:40944 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:52.138000 audit[4062]: AVC avc: denied { write } for pid=4062 comm="tee" name="fd" dev="proc" ino=37212 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 Feb 9 12:33:52.138000 audit[4062]: SYSCALL arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=7fffeb369973 a2=241 a3=1b6 items=1 ppid=4029 pid=4062 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:52.138000 audit: CWD cwd="/etc/service/enabled/cni/log" Feb 9 12:33:52.138000 audit: PATH item=0 name="/dev/fd/63" inode=42265 dev=00:0c mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:33:52.138000 audit: PROCTITLE proctitle=2F7573722F62696E2F636F72657574696C73002D2D636F72657574696C732D70726F672D73686562616E673D746565002F7573722F62696E2F746565002F6465762F66642F3633 Feb 9 12:33:52.139000 audit[4063]: AVC avc: denied { write } for pid=4063 comm="tee" name="fd" dev="proc" ino=47150 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 Feb 9 12:33:52.139000 audit[4063]: SYSCALL arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=7fffa7f96962 a2=241 a3=1b6 items=1 ppid=4031 pid=4063 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:52.139000 audit: CWD cwd="/etc/service/enabled/node-status-reporter/log" Feb 9 12:33:52.139000 audit: PATH item=0 name="/dev/fd/63" inode=43225 dev=00:0c mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:33:52.139000 audit: PROCTITLE proctitle=2F7573722F62696E2F636F72657574696C73002D2D636F72657574696C732D70726F672D73686562616E673D746565002F7573722F62696E2F746565002F6465762F66642F3633 Feb 9 12:33:52.139000 audit[4069]: AVC avc: denied { write } for pid=4069 comm="tee" name="fd" dev="proc" ino=31660 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 Feb 9 12:33:52.139000 audit[4069]: SYSCALL arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=7ffc52df9971 a2=241 a3=1b6 items=1 ppid=4033 pid=4069 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:52.139000 audit: CWD cwd="/etc/service/enabled/confd/log" Feb 9 12:33:52.139000 audit: PATH item=0 name="/dev/fd/63" inode=31657 dev=00:0c mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:33:52.139000 audit[4070]: AVC avc: denied { write } for pid=4070 comm="tee" name="fd" dev="proc" ino=36432 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 Feb 9 12:33:52.139000 audit: PROCTITLE proctitle=2F7573722F62696E2F636F72657574696C73002D2D636F72657574696C732D70726F672D73686562616E673D746565002F7573722F62696E2F746565002F6465762F66642F3633 Feb 9 12:33:52.139000 audit[4070]: SYSCALL arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=7ffe8a213971 a2=241 a3=1b6 items=1 ppid=4030 pid=4070 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:52.139000 audit: CWD cwd="/etc/service/enabled/bird6/log" Feb 9 12:33:52.139000 audit: PATH item=0 name="/dev/fd/63" inode=36429 dev=00:0c mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:33:52.139000 audit: PROCTITLE proctitle=2F7573722F62696E2F636F72657574696C73002D2D636F72657574696C732D70726F672D73686562616E673D746565002F7573722F62696E2F746565002F6465762F66642F3633 Feb 9 12:33:52.139000 audit[4071]: AVC avc: denied { write } for pid=4071 comm="tee" name="fd" dev="proc" ino=40306 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 Feb 9 12:33:52.139000 audit[4071]: SYSCALL arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=7ffe3aeaa972 a2=241 a3=1b6 items=1 ppid=4036 pid=4071 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:52.139000 audit: CWD cwd="/etc/service/enabled/bird/log" Feb 9 12:33:52.139000 audit: PATH item=0 name="/dev/fd/63" inode=35142 dev=00:0c mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:33:52.139000 audit: PROCTITLE proctitle=2F7573722F62696E2F636F72657574696C73002D2D636F72657574696C732D70726F672D73686562616E673D746565002F7573722F62696E2F746565002F6465762F66642F3633 Feb 9 12:33:52.139000 audit[4074]: AVC avc: denied { write } for pid=4074 comm="tee" name="fd" dev="proc" ino=43228 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 Feb 9 12:33:52.139000 audit[4074]: SYSCALL arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=7ffd854e3971 a2=241 a3=1b6 items=1 ppid=4034 pid=4074 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:52.139000 audit: CWD cwd="/etc/service/enabled/felix/log" Feb 9 12:33:52.139000 audit: PATH item=0 name="/dev/fd/63" inode=35143 dev=00:0c mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:33:52.139000 audit: PROCTITLE proctitle=2F7573722F62696E2F636F72657574696C73002D2D636F72657574696C732D70726F672D73686562616E673D746565002F7573722F62696E2F746565002F6465762F66642F3633 Feb 9 12:33:52.140000 audit[4097]: AVC avc: denied { write } for pid=4097 comm="tee" name="fd" dev="proc" ino=33446 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 Feb 9 12:33:52.140000 audit[4097]: SYSCALL arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=7ffc1802a961 a2=241 a3=1b6 items=1 ppid=4032 pid=4097 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:52.140000 audit: CWD cwd="/etc/service/enabled/allocate-tunnel-addrs/log" Feb 9 12:33:52.140000 audit: PATH item=0 name="/dev/fd/63" inode=47152 dev=00:0c mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 Feb 9 12:33:52.140000 audit: PROCTITLE proctitle=2F7573722F62696E2F636F72657574696C73002D2D636F72657574696C732D70726F672D73686562616E673D746565002F7573722F62696E2F746565002F6465762F66642F3633 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { bpf } for pid=4208 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { bpf } for pid=4208 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { perfmon } for pid=4208 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { perfmon } for pid=4208 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { perfmon } for pid=4208 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { perfmon } for pid=4208 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { perfmon } for pid=4208 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { bpf } for pid=4208 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { bpf } for pid=4208 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit: BPF prog-id=148 op=LOAD Feb 9 12:33:52.226000 audit[4208]: SYSCALL arch=c000003e syscall=321 success=yes exit=4 a0=5 a1=7ffcb7c0f900 a2=70 a3=7f129e94e000 items=0 ppid=4044 pid=4208 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:52.226000 audit: PROCTITLE proctitle=627066746F6F6C0070726F67006C6F6164002F7573722F6C69622F63616C69636F2F6270662F66696C7465722E6F002F7379732F66732F6270662F63616C69636F2F7864702F70726566696C7465725F76315F63616C69636F5F746D705F41007479706500786470 Feb 9 12:33:52.226000 audit: BPF prog-id=148 op=UNLOAD Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { bpf } for pid=4208 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { bpf } for pid=4208 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { perfmon } for pid=4208 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { perfmon } for pid=4208 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { perfmon } for pid=4208 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { perfmon } for pid=4208 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { perfmon } for pid=4208 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { bpf } for pid=4208 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { bpf } for pid=4208 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit: BPF prog-id=149 op=LOAD Feb 9 12:33:52.226000 audit[4208]: SYSCALL arch=c000003e syscall=321 success=yes exit=4 a0=5 a1=7ffcb7c0f900 a2=70 a3=6e items=0 ppid=4044 pid=4208 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:52.226000 audit: PROCTITLE proctitle=627066746F6F6C0070726F67006C6F6164002F7573722F6C69622F63616C69636F2F6270662F66696C7465722E6F002F7379732F66732F6270662F63616C69636F2F7864702F70726566696C7465725F76315F63616C69636F5F746D705F41007479706500786470 Feb 9 12:33:52.226000 audit: BPF prog-id=149 op=UNLOAD Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { perfmon } for pid=4208 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: SYSCALL arch=c000003e syscall=321 success=yes exit=4 a0=0 a1=7ffcb7c0f8b0 a2=70 a3=7ffcb7c0f900 items=0 ppid=4044 pid=4208 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:52.226000 audit: PROCTITLE proctitle=627066746F6F6C0070726F67006C6F6164002F7573722F6C69622F63616C69636F2F6270662F66696C7465722E6F002F7379732F66732F6270662F63616C69636F2F7864702F70726566696C7465725F76315F63616C69636F5F746D705F41007479706500786470 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { bpf } for pid=4208 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { bpf } for pid=4208 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { perfmon } for pid=4208 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { perfmon } for pid=4208 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { perfmon } for pid=4208 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { perfmon } for pid=4208 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { perfmon } for pid=4208 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { bpf } for pid=4208 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { bpf } for pid=4208 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit: BPF prog-id=150 op=LOAD Feb 9 12:33:52.226000 audit[4208]: SYSCALL arch=c000003e syscall=321 success=yes exit=5 a0=5 a1=7ffcb7c0f890 a2=70 a3=7ffcb7c0f900 items=0 ppid=4044 pid=4208 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:52.226000 audit: PROCTITLE proctitle=627066746F6F6C0070726F67006C6F6164002F7573722F6C69622F63616C69636F2F6270662F66696C7465722E6F002F7379732F66732F6270662F63616C69636F2F7864702F70726566696C7465725F76315F63616C69636F5F746D705F41007479706500786470 Feb 9 12:33:52.226000 audit: BPF prog-id=150 op=UNLOAD Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { bpf } for pid=4208 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: SYSCALL arch=c000003e syscall=321 success=yes exit=4 a0=12 a1=7ffcb7c0f970 a2=70 a3=0 items=0 ppid=4044 pid=4208 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:52.226000 audit: PROCTITLE proctitle=627066746F6F6C0070726F67006C6F6164002F7573722F6C69622F63616C69636F2F6270662F66696C7465722E6F002F7379732F66732F6270662F63616C69636F2F7864702F70726566696C7465725F76315F63616C69636F5F746D705F41007479706500786470 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { bpf } for pid=4208 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: SYSCALL arch=c000003e syscall=321 success=yes exit=4 a0=12 a1=7ffcb7c0f960 a2=70 a3=0 items=0 ppid=4044 pid=4208 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:52.226000 audit: PROCTITLE proctitle=627066746F6F6C0070726F67006C6F6164002F7573722F6C69622F63616C69636F2F6270662F66696C7465722E6F002F7379732F66732F6270662F63616C69636F2F7864702F70726566696C7465725F76315F63616C69636F5F746D705F41007479706500786470 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { bpf } for pid=4208 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: SYSCALL arch=c000003e syscall=321 success=yes exit=3 a0=0 a1=7ffcb7c0f9a0 a2=70 a3=0 items=0 ppid=4044 pid=4208 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:52.226000 audit: PROCTITLE proctitle=627066746F6F6C0070726F67006C6F6164002F7573722F6C69622F63616C69636F2F6270662F66696C7465722E6F002F7379732F66732F6270662F63616C69636F2F7864702F70726566696C7465725F76315F63616C69636F5F746D705F41007479706500786470 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { bpf } for pid=4208 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { bpf } for pid=4208 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { bpf } for pid=4208 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { perfmon } for pid=4208 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { perfmon } for pid=4208 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { perfmon } for pid=4208 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { perfmon } for pid=4208 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { perfmon } for pid=4208 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { bpf } for pid=4208 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit[4208]: AVC avc: denied { bpf } for pid=4208 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.226000 audit: BPF prog-id=151 op=LOAD Feb 9 12:33:52.226000 audit[4208]: SYSCALL arch=c000003e syscall=321 success=yes exit=5 a0=5 a1=7ffcb7c0f8c0 a2=70 a3=ffffffff items=0 ppid=4044 pid=4208 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:52.226000 audit: PROCTITLE proctitle=627066746F6F6C0070726F67006C6F6164002F7573722F6C69622F63616C69636F2F6270662F66696C7465722E6F002F7379732F66732F6270662F63616C69636F2F7864702F70726566696C7465725F76315F63616C69636F5F746D705F41007479706500786470 Feb 9 12:33:52.228000 audit[4212]: AVC avc: denied { bpf } for pid=4212 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.228000 audit[4212]: SYSCALL arch=c000003e syscall=321 success=yes exit=0 a0=f a1=7fff5a3f0180 a2=70 a3=fff81000 items=0 ppid=4044 pid=4212 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:52.228000 audit: PROCTITLE proctitle=627066746F6F6C002D2D6A736F6E002D2D7072657474790070726F670073686F770070696E6E6564002F7379732F66732F6270662F63616C69636F2F7864702F70726566696C7465725F76315F63616C69636F5F746D705F41 Feb 9 12:33:52.228000 audit[4212]: AVC avc: denied { bpf } for pid=4212 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:52.228000 audit[4212]: SYSCALL arch=c000003e syscall=321 success=yes exit=0 a0=f a1=7fff5a3f0050 a2=70 a3=3 items=0 ppid=4044 pid=4212 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="bpftool" exe="/usr/bin/bpftool" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:52.228000 audit: PROCTITLE proctitle=627066746F6F6C002D2D6A736F6E002D2D7072657474790070726F670073686F770070696E6E6564002F7379732F66732F6270662F63616C69636F2F7864702F70726566696C7465725F76315F63616C69636F5F746D705F41 Feb 9 12:33:52.247000 audit: BPF prog-id=151 op=UNLOAD Feb 9 12:33:52.281000 audit[4267]: NETFILTER_CFG table=mangle:95 family=2 entries=19 op=nft_register_chain pid=4267 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" Feb 9 12:33:52.281000 audit[4267]: SYSCALL arch=c000003e syscall=46 success=yes exit=6800 a0=3 a1=7ffcd6fe4450 a2=0 a3=7ffcd6fe443c items=0 ppid=4044 pid=4267 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:52.281000 audit: PROCTITLE proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 Feb 9 12:33:52.283000 audit[4266]: NETFILTER_CFG table=raw:96 family=2 entries=19 op=nft_register_chain pid=4266 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" Feb 9 12:33:52.283000 audit[4266]: SYSCALL arch=c000003e syscall=46 success=yes exit=6132 a0=3 a1=7fff5a4d7920 a2=0 a3=55e1a7770000 items=0 ppid=4044 pid=4266 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:52.283000 audit: PROCTITLE proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 Feb 9 12:33:52.284000 audit[4268]: NETFILTER_CFG table=nat:97 family=2 entries=16 op=nft_register_chain pid=4268 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" Feb 9 12:33:52.284000 audit[4268]: SYSCALL arch=c000003e syscall=46 success=yes exit=5188 a0=3 a1=7ffe7ad4b820 a2=0 a3=55d3dc72d000 items=0 ppid=4044 pid=4268 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:52.284000 audit: PROCTITLE proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 Feb 9 12:33:52.286000 audit[4271]: NETFILTER_CFG table=filter:98 family=2 entries=39 op=nft_register_chain pid=4271 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" Feb 9 12:33:52.286000 audit[4271]: SYSCALL arch=c000003e syscall=46 success=yes exit=18472 a0=3 a1=7ffd10784be0 a2=0 a3=561c547cd000 items=0 ppid=4044 pid=4271 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:52.286000 audit: PROCTITLE proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 Feb 9 12:33:52.935486 sshd[4019]: Invalid user lxt from 38.7.207.12 port 40944 Feb 9 12:33:52.941018 sshd[4019]: pam_faillock(sshd:auth): User unknown Feb 9 12:33:52.942043 sshd[4019]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:33:52.942126 sshd[4019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.7.207.12 Feb 9 12:33:52.942974 sshd[4019]: pam_faillock(sshd:auth): User unknown Feb 9 12:33:52.941000 audit[4019]: USER_AUTH pid=4019 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="lxt" exe="/usr/sbin/sshd" hostname=38.7.207.12 addr=38.7.207.12 terminal=ssh res=failed' Feb 9 12:33:53.219951 systemd-networkd[1320]: vxlan.calico: Link UP Feb 9 12:33:53.219968 systemd-networkd[1320]: vxlan.calico: Gained carrier Feb 9 12:33:54.462539 systemd-networkd[1320]: vxlan.calico: Gained IPv6LL Feb 9 12:33:55.285504 sshd[4019]: Failed password for invalid user lxt from 38.7.207.12 port 40944 ssh2 Feb 9 12:33:55.643804 systemd[1]: Started sshd@24-86.109.11.101:22-43.156.225.133:43374.service. Feb 9 12:33:55.642000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@24-86.109.11.101:22-43.156.225.133:43374 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:55.671423 kernel: kauditd_printk_skb: 153 callbacks suppressed Feb 9 12:33:55.671506 kernel: audit: type=1130 audit(1707482035.642:1234): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@24-86.109.11.101:22-43.156.225.133:43374 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:56.025949 env[1477]: time="2024-02-09T12:33:56.025755965Z" level=info msg="StopPodSandbox for \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\"" Feb 9 12:33:56.025949 env[1477]: time="2024-02-09T12:33:56.025758996Z" level=info msg="StopPodSandbox for \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\"" Feb 9 12:33:56.103100 sshd[4019]: Received disconnect from 38.7.207.12 port 40944:11: Bye Bye [preauth] Feb 9 12:33:56.103100 sshd[4019]: Disconnected from invalid user lxt 38.7.207.12 port 40944 [preauth] Feb 9 12:33:56.104200 systemd[1]: sshd@23-86.109.11.101:22-38.7.207.12:40944.service: Deactivated successfully. Feb 9 12:33:56.103000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@23-86.109.11.101:22-38.7.207.12:40944 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:56.117051 env[1477]: 2024-02-09 12:33:56.090 [INFO][4367] k8s.go 578: Cleaning up netns ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Feb 9 12:33:56.117051 env[1477]: 2024-02-09 12:33:56.090 [INFO][4367] dataplane_linux.go 530: Deleting workload's device in netns. ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" iface="eth0" netns="/var/run/netns/cni-cb2d6bee-50ef-de45-5174-c33728c75883" Feb 9 12:33:56.117051 env[1477]: 2024-02-09 12:33:56.090 [INFO][4367] dataplane_linux.go 541: Entered netns, deleting veth. ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" iface="eth0" netns="/var/run/netns/cni-cb2d6bee-50ef-de45-5174-c33728c75883" Feb 9 12:33:56.117051 env[1477]: 2024-02-09 12:33:56.091 [INFO][4367] dataplane_linux.go 568: Workload's veth was already gone. Nothing to do. ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" iface="eth0" netns="/var/run/netns/cni-cb2d6bee-50ef-de45-5174-c33728c75883" Feb 9 12:33:56.117051 env[1477]: 2024-02-09 12:33:56.091 [INFO][4367] k8s.go 585: Releasing IP address(es) ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Feb 9 12:33:56.117051 env[1477]: 2024-02-09 12:33:56.091 [INFO][4367] utils.go 188: Calico CNI releasing IP address ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Feb 9 12:33:56.117051 env[1477]: 2024-02-09 12:33:56.107 [INFO][4403] ipam_plugin.go 415: Releasing address using handleID ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" HandleID="k8s-pod-network.1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0" Feb 9 12:33:56.117051 env[1477]: 2024-02-09 12:33:56.107 [INFO][4403] ipam_plugin.go 356: About to acquire host-wide IPAM lock. Feb 9 12:33:56.117051 env[1477]: 2024-02-09 12:33:56.107 [INFO][4403] ipam_plugin.go 371: Acquired host-wide IPAM lock. Feb 9 12:33:56.117051 env[1477]: 2024-02-09 12:33:56.113 [WARNING][4403] ipam_plugin.go 432: Asked to release address but it doesn't exist. Ignoring ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" HandleID="k8s-pod-network.1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0" Feb 9 12:33:56.117051 env[1477]: 2024-02-09 12:33:56.113 [INFO][4403] ipam_plugin.go 443: Releasing address using workloadID ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" HandleID="k8s-pod-network.1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0" Feb 9 12:33:56.117051 env[1477]: 2024-02-09 12:33:56.115 [INFO][4403] ipam_plugin.go 377: Released host-wide IPAM lock. Feb 9 12:33:56.117051 env[1477]: 2024-02-09 12:33:56.116 [INFO][4367] k8s.go 591: Teardown processing complete. ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Feb 9 12:33:56.120126 systemd[1]: run-netns-cni\x2dcb2d6bee\x2d50ef\x2dde45\x2d5174\x2dc33728c75883.mount: Deactivated successfully. Feb 9 12:33:56.125001 env[1477]: 2024-02-09 12:33:56.093 [INFO][4368] k8s.go 578: Cleaning up netns ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Feb 9 12:33:56.125001 env[1477]: 2024-02-09 12:33:56.093 [INFO][4368] dataplane_linux.go 530: Deleting workload's device in netns. ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" iface="eth0" netns="/var/run/netns/cni-95883ec6-559a-14fc-8f06-6f8ecde25d8e" Feb 9 12:33:56.125001 env[1477]: 2024-02-09 12:33:56.093 [INFO][4368] dataplane_linux.go 541: Entered netns, deleting veth. ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" iface="eth0" netns="/var/run/netns/cni-95883ec6-559a-14fc-8f06-6f8ecde25d8e" Feb 9 12:33:56.125001 env[1477]: 2024-02-09 12:33:56.093 [INFO][4368] dataplane_linux.go 568: Workload's veth was already gone. Nothing to do. ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" iface="eth0" netns="/var/run/netns/cni-95883ec6-559a-14fc-8f06-6f8ecde25d8e" Feb 9 12:33:56.125001 env[1477]: 2024-02-09 12:33:56.093 [INFO][4368] k8s.go 585: Releasing IP address(es) ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Feb 9 12:33:56.125001 env[1477]: 2024-02-09 12:33:56.093 [INFO][4368] utils.go 188: Calico CNI releasing IP address ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Feb 9 12:33:56.125001 env[1477]: 2024-02-09 12:33:56.109 [INFO][4408] ipam_plugin.go 415: Releasing address using handleID ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" HandleID="k8s-pod-network.cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Workload="ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0" Feb 9 12:33:56.125001 env[1477]: 2024-02-09 12:33:56.109 [INFO][4408] ipam_plugin.go 356: About to acquire host-wide IPAM lock. Feb 9 12:33:56.125001 env[1477]: 2024-02-09 12:33:56.115 [INFO][4408] ipam_plugin.go 371: Acquired host-wide IPAM lock. Feb 9 12:33:56.125001 env[1477]: 2024-02-09 12:33:56.120 [WARNING][4408] ipam_plugin.go 432: Asked to release address but it doesn't exist. Ignoring ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" HandleID="k8s-pod-network.cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Workload="ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0" Feb 9 12:33:56.125001 env[1477]: 2024-02-09 12:33:56.120 [INFO][4408] ipam_plugin.go 443: Releasing address using workloadID ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" HandleID="k8s-pod-network.cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Workload="ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0" Feb 9 12:33:56.125001 env[1477]: 2024-02-09 12:33:56.122 [INFO][4408] ipam_plugin.go 377: Released host-wide IPAM lock. Feb 9 12:33:56.125001 env[1477]: 2024-02-09 12:33:56.124 [INFO][4368] k8s.go 591: Teardown processing complete. ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Feb 9 12:33:56.126609 systemd[1]: run-netns-cni\x2d95883ec6\x2d559a\x2d14fc\x2d8f06\x2d6f8ecde25d8e.mount: Deactivated successfully. Feb 9 12:33:56.193278 kernel: audit: type=1131 audit(1707482036.103:1235): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@23-86.109.11.101:22-38.7.207.12:40944 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:33:56.193313 env[1477]: time="2024-02-09T12:33:56.193258502Z" level=info msg="TearDown network for sandbox \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\" successfully" Feb 9 12:33:56.193313 env[1477]: time="2024-02-09T12:33:56.193283807Z" level=info msg="StopPodSandbox for \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\" returns successfully" Feb 9 12:33:56.193355 env[1477]: time="2024-02-09T12:33:56.193314741Z" level=info msg="TearDown network for sandbox \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\" successfully" Feb 9 12:33:56.193355 env[1477]: time="2024-02-09T12:33:56.193328947Z" level=info msg="StopPodSandbox for \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\" returns successfully" Feb 9 12:33:56.193698 env[1477]: time="2024-02-09T12:33:56.193653919Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:coredns-5dd5756b68-w85nl,Uid:6767a203-ea0f-489a-b56d-95cceaa81e84,Namespace:kube-system,Attempt:1,}" Feb 9 12:33:56.193698 env[1477]: time="2024-02-09T12:33:56.193683009Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:calico-kube-controllers-8598b7b64f-447jc,Uid:9dece026-c927-4497-a4b2-37fd11886d77,Namespace:calico-system,Attempt:1,}" Feb 9 12:33:56.254132 systemd-networkd[1320]: calib01d505d2ad: Link UP Feb 9 12:33:56.310613 kernel: IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready Feb 9 12:33:56.310691 kernel: IPv6: ADDRCONF(NETDEV_CHANGE): calib01d505d2ad: link becomes ready Feb 9 12:33:56.310746 systemd-networkd[1320]: calib01d505d2ad: Gained carrier Feb 9 12:33:56.311356 systemd-networkd[1320]: cali04585fa2f12: Link UP Feb 9 12:33:56.318275 env[1477]: 2024-02-09 12:33:56.216 [INFO][4441] plugin.go 327: Calico CNI found existing endpoint: &{{WorkloadEndpoint projectcalico.org/v3} {ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0 coredns-5dd5756b68- kube-system 6767a203-ea0f-489a-b56d-95cceaa81e84 809 0 2024-02-09 12:32:40 +0000 UTC map[k8s-app:kube-dns pod-template-hash:5dd5756b68 projectcalico.org/namespace:kube-system projectcalico.org/orchestrator:k8s projectcalico.org/serviceaccount:coredns] map[] [] [] []} {k8s ci-3510.3.2-a-260490bd8e coredns-5dd5756b68-w85nl eth0 coredns [] [] [kns.kube-system ksa.kube-system.coredns] calib01d505d2ad [{dns UDP 53 0 } {dns-tcp TCP 53 0 } {metrics TCP 9153 0 }] []}} ContainerID="3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b" Namespace="kube-system" Pod="coredns-5dd5756b68-w85nl" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-" Feb 9 12:33:56.318275 env[1477]: 2024-02-09 12:33:56.216 [INFO][4441] k8s.go 76: Extracted identifiers for CmdAddK8s ContainerID="3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b" Namespace="kube-system" Pod="coredns-5dd5756b68-w85nl" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0" Feb 9 12:33:56.318275 env[1477]: 2024-02-09 12:33:56.230 [INFO][4482] ipam_plugin.go 228: Calico CNI IPAM request count IPv4=1 IPv6=0 ContainerID="3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b" HandleID="k8s-pod-network.3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0" Feb 9 12:33:56.318275 env[1477]: 2024-02-09 12:33:56.236 [INFO][4482] ipam_plugin.go 268: Auto assigning IP ContainerID="3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b" HandleID="k8s-pod-network.3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0" assignArgs=ipam.AutoAssignArgs{Num4:1, Num6:0, HandleID:(*string)(0xc0000513b0), Attrs:map[string]string{"namespace":"kube-system", "node":"ci-3510.3.2-a-260490bd8e", "pod":"coredns-5dd5756b68-w85nl", "timestamp":"2024-02-09 12:33:56.230470764 +0000 UTC"}, Hostname:"ci-3510.3.2-a-260490bd8e", IPv4Pools:[]net.IPNet{}, IPv6Pools:[]net.IPNet{}, MaxBlocksPerHost:0, HostReservedAttrIPv4s:(*ipam.HostReservedAttr)(nil), HostReservedAttrIPv6s:(*ipam.HostReservedAttr)(nil), IntendedUse:"Workload"} Feb 9 12:33:56.318275 env[1477]: 2024-02-09 12:33:56.236 [INFO][4482] ipam_plugin.go 356: About to acquire host-wide IPAM lock. Feb 9 12:33:56.318275 env[1477]: 2024-02-09 12:33:56.236 [INFO][4482] ipam_plugin.go 371: Acquired host-wide IPAM lock. Feb 9 12:33:56.318275 env[1477]: 2024-02-09 12:33:56.236 [INFO][4482] ipam.go 107: Auto-assign 1 ipv4, 0 ipv6 addrs for host 'ci-3510.3.2-a-260490bd8e' Feb 9 12:33:56.318275 env[1477]: 2024-02-09 12:33:56.237 [INFO][4482] ipam.go 660: Looking up existing affinities for host handle="k8s-pod-network.3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b" host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:56.318275 env[1477]: 2024-02-09 12:33:56.240 [INFO][4482] ipam.go 372: Looking up existing affinities for host host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:56.318275 env[1477]: 2024-02-09 12:33:56.243 [INFO][4482] ipam.go 489: Trying affinity for 192.168.29.192/26 host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:56.318275 env[1477]: 2024-02-09 12:33:56.244 [INFO][4482] ipam.go 155: Attempting to load block cidr=192.168.29.192/26 host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:56.318275 env[1477]: 2024-02-09 12:33:56.246 [INFO][4482] ipam.go 232: Affinity is confirmed and block has been loaded cidr=192.168.29.192/26 host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:56.318275 env[1477]: 2024-02-09 12:33:56.246 [INFO][4482] ipam.go 1180: Attempting to assign 1 addresses from block block=192.168.29.192/26 handle="k8s-pod-network.3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b" host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:56.318275 env[1477]: 2024-02-09 12:33:56.247 [INFO][4482] ipam.go 1682: Creating new handle: k8s-pod-network.3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b Feb 9 12:33:56.318275 env[1477]: 2024-02-09 12:33:56.249 [INFO][4482] ipam.go 1203: Writing block in order to claim IPs block=192.168.29.192/26 handle="k8s-pod-network.3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b" host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:56.318275 env[1477]: 2024-02-09 12:33:56.252 [INFO][4482] ipam.go 1216: Successfully claimed IPs: [192.168.29.193/26] block=192.168.29.192/26 handle="k8s-pod-network.3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b" host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:56.318275 env[1477]: 2024-02-09 12:33:56.252 [INFO][4482] ipam.go 847: Auto-assigned 1 out of 1 IPv4s: [192.168.29.193/26] handle="k8s-pod-network.3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b" host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:56.318275 env[1477]: 2024-02-09 12:33:56.252 [INFO][4482] ipam_plugin.go 377: Released host-wide IPAM lock. Feb 9 12:33:56.318275 env[1477]: 2024-02-09 12:33:56.252 [INFO][4482] ipam_plugin.go 286: Calico CNI IPAM assigned addresses IPv4=[192.168.29.193/26] IPv6=[] ContainerID="3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b" HandleID="k8s-pod-network.3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0" Feb 9 12:33:56.318866 env[1477]: 2024-02-09 12:33:56.253 [INFO][4441] k8s.go 385: Populated endpoint ContainerID="3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b" Namespace="kube-system" Pod="coredns-5dd5756b68-w85nl" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0" endpoint=&v3.WorkloadEndpoint{TypeMeta:v1.TypeMeta{Kind:"WorkloadEndpoint", APIVersion:"projectcalico.org/v3"}, ObjectMeta:v1.ObjectMeta{Name:"ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0", GenerateName:"coredns-5dd5756b68-", Namespace:"kube-system", SelfLink:"", UID:"6767a203-ea0f-489a-b56d-95cceaa81e84", ResourceVersion:"809", Generation:0, CreationTimestamp:time.Date(2024, time.February, 9, 12, 32, 40, 0, time.Local), DeletionTimestamp:, DeletionGracePeriodSeconds:(*int64)(nil), Labels:map[string]string{"k8s-app":"kube-dns", "pod-template-hash":"5dd5756b68", "projectcalico.org/namespace":"kube-system", "projectcalico.org/orchestrator":"k8s", "projectcalico.org/serviceaccount":"coredns"}, Annotations:map[string]string(nil), OwnerReferences:[]v1.OwnerReference(nil), Finalizers:[]string(nil), ManagedFields:[]v1.ManagedFieldsEntry(nil)}, Spec:v3.WorkloadEndpointSpec{Orchestrator:"k8s", Workload:"", Node:"ci-3510.3.2-a-260490bd8e", ContainerID:"", Pod:"coredns-5dd5756b68-w85nl", Endpoint:"eth0", ServiceAccountName:"coredns", IPNetworks:[]string{"192.168.29.193/32"}, IPNATs:[]v3.IPNAT(nil), IPv4Gateway:"", IPv6Gateway:"", Profiles:[]string{"kns.kube-system", "ksa.kube-system.coredns"}, InterfaceName:"calib01d505d2ad", MAC:"", Ports:[]v3.WorkloadEndpointPort{v3.WorkloadEndpointPort{Name:"dns", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"UDP"}, Port:0x35, HostPort:0x0, HostIP:""}, v3.WorkloadEndpointPort{Name:"dns-tcp", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"TCP"}, Port:0x35, HostPort:0x0, HostIP:""}, v3.WorkloadEndpointPort{Name:"metrics", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"TCP"}, Port:0x23c1, HostPort:0x0, HostIP:""}}, AllowSpoofedSourcePrefixes:[]string(nil)}} Feb 9 12:33:56.318866 env[1477]: 2024-02-09 12:33:56.253 [INFO][4441] k8s.go 386: Calico CNI using IPs: [192.168.29.193/32] ContainerID="3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b" Namespace="kube-system" Pod="coredns-5dd5756b68-w85nl" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0" Feb 9 12:33:56.318866 env[1477]: 2024-02-09 12:33:56.253 [INFO][4441] dataplane_linux.go 68: Setting the host side veth name to calib01d505d2ad ContainerID="3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b" Namespace="kube-system" Pod="coredns-5dd5756b68-w85nl" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0" Feb 9 12:33:56.318866 env[1477]: 2024-02-09 12:33:56.310 [INFO][4441] dataplane_linux.go 479: Disabling IPv4 forwarding ContainerID="3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b" Namespace="kube-system" Pod="coredns-5dd5756b68-w85nl" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0" Feb 9 12:33:56.318866 env[1477]: 2024-02-09 12:33:56.311 [INFO][4441] k8s.go 413: Added Mac, interface name, and active container ID to endpoint ContainerID="3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b" Namespace="kube-system" Pod="coredns-5dd5756b68-w85nl" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0" endpoint=&v3.WorkloadEndpoint{TypeMeta:v1.TypeMeta{Kind:"WorkloadEndpoint", APIVersion:"projectcalico.org/v3"}, ObjectMeta:v1.ObjectMeta{Name:"ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0", GenerateName:"coredns-5dd5756b68-", Namespace:"kube-system", SelfLink:"", UID:"6767a203-ea0f-489a-b56d-95cceaa81e84", ResourceVersion:"809", Generation:0, CreationTimestamp:time.Date(2024, time.February, 9, 12, 32, 40, 0, time.Local), DeletionTimestamp:, DeletionGracePeriodSeconds:(*int64)(nil), Labels:map[string]string{"k8s-app":"kube-dns", "pod-template-hash":"5dd5756b68", "projectcalico.org/namespace":"kube-system", "projectcalico.org/orchestrator":"k8s", "projectcalico.org/serviceaccount":"coredns"}, Annotations:map[string]string(nil), OwnerReferences:[]v1.OwnerReference(nil), Finalizers:[]string(nil), ManagedFields:[]v1.ManagedFieldsEntry(nil)}, Spec:v3.WorkloadEndpointSpec{Orchestrator:"k8s", Workload:"", Node:"ci-3510.3.2-a-260490bd8e", ContainerID:"3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b", Pod:"coredns-5dd5756b68-w85nl", Endpoint:"eth0", ServiceAccountName:"coredns", IPNetworks:[]string{"192.168.29.193/32"}, IPNATs:[]v3.IPNAT(nil), IPv4Gateway:"", IPv6Gateway:"", Profiles:[]string{"kns.kube-system", "ksa.kube-system.coredns"}, InterfaceName:"calib01d505d2ad", MAC:"36:7c:64:b5:64:02", Ports:[]v3.WorkloadEndpointPort{v3.WorkloadEndpointPort{Name:"dns", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"UDP"}, Port:0x35, HostPort:0x0, HostIP:""}, v3.WorkloadEndpointPort{Name:"dns-tcp", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"TCP"}, Port:0x35, HostPort:0x0, HostIP:""}, v3.WorkloadEndpointPort{Name:"metrics", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"TCP"}, Port:0x23c1, HostPort:0x0, HostIP:""}}, AllowSpoofedSourcePrefixes:[]string(nil)}} Feb 9 12:33:56.318866 env[1477]: 2024-02-09 12:33:56.316 [INFO][4441] k8s.go 491: Wrote updated endpoint to datastore ContainerID="3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b" Namespace="kube-system" Pod="coredns-5dd5756b68-w85nl" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0" Feb 9 12:33:56.324503 env[1477]: time="2024-02-09T12:33:56.324472410Z" level=info msg="loading plugin \"io.containerd.event.v1.publisher\"..." runtime=io.containerd.runc.v2 type=io.containerd.event.v1 Feb 9 12:33:56.324503 env[1477]: time="2024-02-09T12:33:56.324494320Z" level=info msg="loading plugin \"io.containerd.internal.v1.shutdown\"..." runtime=io.containerd.runc.v2 type=io.containerd.internal.v1 Feb 9 12:33:56.324503 env[1477]: time="2024-02-09T12:33:56.324501233Z" level=info msg="loading plugin \"io.containerd.ttrpc.v1.task\"..." runtime=io.containerd.runc.v2 type=io.containerd.ttrpc.v1 Feb 9 12:33:56.323000 audit[4541]: NETFILTER_CFG table=filter:99 family=2 entries=36 op=nft_register_chain pid=4541 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" Feb 9 12:33:56.324673 env[1477]: time="2024-02-09T12:33:56.324568049Z" level=info msg="starting signal loop" namespace=k8s.io path=/run/containerd/io.containerd.runtime.v2.task/k8s.io/3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b pid=4542 runtime=io.containerd.runc.v2 Feb 9 12:33:56.339235 kernel: IPv6: ADDRCONF(NETDEV_CHANGE): cali04585fa2f12: link becomes ready Feb 9 12:33:56.339292 kernel: audit: type=1325 audit(1707482036.323:1236): table=filter:99 family=2 entries=36 op=nft_register_chain pid=4541 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" Feb 9 12:33:56.339459 systemd-networkd[1320]: cali04585fa2f12: Gained carrier Feb 9 12:33:56.356110 systemd[1]: Started cri-containerd-3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b.scope. Feb 9 12:33:56.323000 audit[4541]: SYSCALL arch=c000003e syscall=46 success=yes exit=19908 a0=3 a1=7ffe0df141d0 a2=0 a3=7ffe0df141bc items=0 ppid=4044 pid=4541 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:56.491604 kernel: audit: type=1300 audit(1707482036.323:1236): arch=c000003e syscall=46 success=yes exit=19908 a0=3 a1=7ffe0df141d0 a2=0 a3=7ffe0df141bc items=0 ppid=4044 pid=4541 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:56.491643 kernel: audit: type=1327 audit(1707482036.323:1236): proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 Feb 9 12:33:56.323000 audit: PROCTITLE proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 Feb 9 12:33:56.497000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.614196 kernel: audit: type=1400 audit(1707482036.497:1237): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.614237 kernel: audit: type=1400 audit(1707482036.497:1238): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.497000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.620535 env[1477]: 2024-02-09 12:33:56.217 [INFO][4439] plugin.go 327: Calico CNI found existing endpoint: &{{WorkloadEndpoint projectcalico.org/v3} {ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0 calico-kube-controllers-8598b7b64f- calico-system 9dece026-c927-4497-a4b2-37fd11886d77 810 0 2024-02-09 12:32:45 +0000 UTC map[app.kubernetes.io/name:calico-kube-controllers k8s-app:calico-kube-controllers pod-template-hash:8598b7b64f projectcalico.org/namespace:calico-system projectcalico.org/orchestrator:k8s projectcalico.org/serviceaccount:calico-kube-controllers] map[] [] [] []} {k8s ci-3510.3.2-a-260490bd8e calico-kube-controllers-8598b7b64f-447jc eth0 calico-kube-controllers [] [] [kns.calico-system ksa.calico-system.calico-kube-controllers] cali04585fa2f12 [] []}} ContainerID="ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da" Namespace="calico-system" Pod="calico-kube-controllers-8598b7b64f-447jc" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-" Feb 9 12:33:56.620535 env[1477]: 2024-02-09 12:33:56.217 [INFO][4439] k8s.go 76: Extracted identifiers for CmdAddK8s ContainerID="ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da" Namespace="calico-system" Pod="calico-kube-controllers-8598b7b64f-447jc" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0" Feb 9 12:33:56.620535 env[1477]: 2024-02-09 12:33:56.230 [INFO][4483] ipam_plugin.go 228: Calico CNI IPAM request count IPv4=1 IPv6=0 ContainerID="ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da" HandleID="k8s-pod-network.ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da" Workload="ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0" Feb 9 12:33:56.620535 env[1477]: 2024-02-09 12:33:56.238 [INFO][4483] ipam_plugin.go 268: Auto assigning IP ContainerID="ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da" HandleID="k8s-pod-network.ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da" Workload="ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0" assignArgs=ipam.AutoAssignArgs{Num4:1, Num6:0, HandleID:(*string)(0xc0001254c0), Attrs:map[string]string{"namespace":"calico-system", "node":"ci-3510.3.2-a-260490bd8e", "pod":"calico-kube-controllers-8598b7b64f-447jc", "timestamp":"2024-02-09 12:33:56.230810607 +0000 UTC"}, Hostname:"ci-3510.3.2-a-260490bd8e", IPv4Pools:[]net.IPNet{}, IPv6Pools:[]net.IPNet{}, MaxBlocksPerHost:0, HostReservedAttrIPv4s:(*ipam.HostReservedAttr)(nil), HostReservedAttrIPv6s:(*ipam.HostReservedAttr)(nil), IntendedUse:"Workload"} Feb 9 12:33:56.620535 env[1477]: 2024-02-09 12:33:56.238 [INFO][4483] ipam_plugin.go 356: About to acquire host-wide IPAM lock. Feb 9 12:33:56.620535 env[1477]: 2024-02-09 12:33:56.252 [INFO][4483] ipam_plugin.go 371: Acquired host-wide IPAM lock. Feb 9 12:33:56.620535 env[1477]: 2024-02-09 12:33:56.252 [INFO][4483] ipam.go 107: Auto-assign 1 ipv4, 0 ipv6 addrs for host 'ci-3510.3.2-a-260490bd8e' Feb 9 12:33:56.620535 env[1477]: 2024-02-09 12:33:56.253 [INFO][4483] ipam.go 660: Looking up existing affinities for host handle="k8s-pod-network.ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da" host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:56.620535 env[1477]: 2024-02-09 12:33:56.284 [INFO][4483] ipam.go 372: Looking up existing affinities for host host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:56.620535 env[1477]: 2024-02-09 12:33:56.287 [INFO][4483] ipam.go 489: Trying affinity for 192.168.29.192/26 host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:56.620535 env[1477]: 2024-02-09 12:33:56.288 [INFO][4483] ipam.go 155: Attempting to load block cidr=192.168.29.192/26 host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:56.620535 env[1477]: 2024-02-09 12:33:56.290 [INFO][4483] ipam.go 232: Affinity is confirmed and block has been loaded cidr=192.168.29.192/26 host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:56.620535 env[1477]: 2024-02-09 12:33:56.290 [INFO][4483] ipam.go 1180: Attempting to assign 1 addresses from block block=192.168.29.192/26 handle="k8s-pod-network.ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da" host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:56.620535 env[1477]: 2024-02-09 12:33:56.291 [INFO][4483] ipam.go 1682: Creating new handle: k8s-pod-network.ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da Feb 9 12:33:56.620535 env[1477]: 2024-02-09 12:33:56.293 [INFO][4483] ipam.go 1203: Writing block in order to claim IPs block=192.168.29.192/26 handle="k8s-pod-network.ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da" host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:56.620535 env[1477]: 2024-02-09 12:33:56.296 [INFO][4483] ipam.go 1216: Successfully claimed IPs: [192.168.29.194/26] block=192.168.29.192/26 handle="k8s-pod-network.ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da" host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:56.620535 env[1477]: 2024-02-09 12:33:56.296 [INFO][4483] ipam.go 847: Auto-assigned 1 out of 1 IPv4s: [192.168.29.194/26] handle="k8s-pod-network.ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da" host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:56.620535 env[1477]: 2024-02-09 12:33:56.296 [INFO][4483] ipam_plugin.go 377: Released host-wide IPAM lock. Feb 9 12:33:56.620535 env[1477]: 2024-02-09 12:33:56.296 [INFO][4483] ipam_plugin.go 286: Calico CNI IPAM assigned addresses IPv4=[192.168.29.194/26] IPv6=[] ContainerID="ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da" HandleID="k8s-pod-network.ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da" Workload="ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0" Feb 9 12:33:56.620950 env[1477]: 2024-02-09 12:33:56.297 [INFO][4439] k8s.go 385: Populated endpoint ContainerID="ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da" Namespace="calico-system" Pod="calico-kube-controllers-8598b7b64f-447jc" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0" endpoint=&v3.WorkloadEndpoint{TypeMeta:v1.TypeMeta{Kind:"WorkloadEndpoint", APIVersion:"projectcalico.org/v3"}, ObjectMeta:v1.ObjectMeta{Name:"ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0", GenerateName:"calico-kube-controllers-8598b7b64f-", Namespace:"calico-system", SelfLink:"", UID:"9dece026-c927-4497-a4b2-37fd11886d77", ResourceVersion:"810", Generation:0, CreationTimestamp:time.Date(2024, time.February, 9, 12, 32, 45, 0, time.Local), DeletionTimestamp:, DeletionGracePeriodSeconds:(*int64)(nil), Labels:map[string]string{"app.kubernetes.io/name":"calico-kube-controllers", "k8s-app":"calico-kube-controllers", "pod-template-hash":"8598b7b64f", "projectcalico.org/namespace":"calico-system", "projectcalico.org/orchestrator":"k8s", "projectcalico.org/serviceaccount":"calico-kube-controllers"}, Annotations:map[string]string(nil), OwnerReferences:[]v1.OwnerReference(nil), Finalizers:[]string(nil), ManagedFields:[]v1.ManagedFieldsEntry(nil)}, Spec:v3.WorkloadEndpointSpec{Orchestrator:"k8s", Workload:"", Node:"ci-3510.3.2-a-260490bd8e", ContainerID:"", Pod:"calico-kube-controllers-8598b7b64f-447jc", Endpoint:"eth0", ServiceAccountName:"calico-kube-controllers", IPNetworks:[]string{"192.168.29.194/32"}, IPNATs:[]v3.IPNAT(nil), IPv4Gateway:"", IPv6Gateway:"", Profiles:[]string{"kns.calico-system", "ksa.calico-system.calico-kube-controllers"}, InterfaceName:"cali04585fa2f12", MAC:"", Ports:[]v3.WorkloadEndpointPort(nil), AllowSpoofedSourcePrefixes:[]string(nil)}} Feb 9 12:33:56.620950 env[1477]: 2024-02-09 12:33:56.297 [INFO][4439] k8s.go 386: Calico CNI using IPs: [192.168.29.194/32] ContainerID="ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da" Namespace="calico-system" Pod="calico-kube-controllers-8598b7b64f-447jc" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0" Feb 9 12:33:56.620950 env[1477]: 2024-02-09 12:33:56.297 [INFO][4439] dataplane_linux.go 68: Setting the host side veth name to cali04585fa2f12 ContainerID="ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da" Namespace="calico-system" Pod="calico-kube-controllers-8598b7b64f-447jc" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0" Feb 9 12:33:56.620950 env[1477]: 2024-02-09 12:33:56.614 [INFO][4439] dataplane_linux.go 479: Disabling IPv4 forwarding ContainerID="ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da" Namespace="calico-system" Pod="calico-kube-controllers-8598b7b64f-447jc" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0" Feb 9 12:33:56.620950 env[1477]: 2024-02-09 12:33:56.614 [INFO][4439] k8s.go 413: Added Mac, interface name, and active container ID to endpoint ContainerID="ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da" Namespace="calico-system" Pod="calico-kube-controllers-8598b7b64f-447jc" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0" endpoint=&v3.WorkloadEndpoint{TypeMeta:v1.TypeMeta{Kind:"WorkloadEndpoint", APIVersion:"projectcalico.org/v3"}, ObjectMeta:v1.ObjectMeta{Name:"ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0", GenerateName:"calico-kube-controllers-8598b7b64f-", Namespace:"calico-system", SelfLink:"", UID:"9dece026-c927-4497-a4b2-37fd11886d77", ResourceVersion:"810", Generation:0, CreationTimestamp:time.Date(2024, time.February, 9, 12, 32, 45, 0, time.Local), DeletionTimestamp:, DeletionGracePeriodSeconds:(*int64)(nil), Labels:map[string]string{"app.kubernetes.io/name":"calico-kube-controllers", "k8s-app":"calico-kube-controllers", "pod-template-hash":"8598b7b64f", "projectcalico.org/namespace":"calico-system", "projectcalico.org/orchestrator":"k8s", "projectcalico.org/serviceaccount":"calico-kube-controllers"}, Annotations:map[string]string(nil), OwnerReferences:[]v1.OwnerReference(nil), Finalizers:[]string(nil), ManagedFields:[]v1.ManagedFieldsEntry(nil)}, Spec:v3.WorkloadEndpointSpec{Orchestrator:"k8s", Workload:"", Node:"ci-3510.3.2-a-260490bd8e", ContainerID:"ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da", Pod:"calico-kube-controllers-8598b7b64f-447jc", Endpoint:"eth0", ServiceAccountName:"calico-kube-controllers", IPNetworks:[]string{"192.168.29.194/32"}, IPNATs:[]v3.IPNAT(nil), IPv4Gateway:"", IPv6Gateway:"", Profiles:[]string{"kns.calico-system", "ksa.calico-system.calico-kube-controllers"}, InterfaceName:"cali04585fa2f12", MAC:"26:c7:88:c2:3d:10", Ports:[]v3.WorkloadEndpointPort(nil), AllowSpoofedSourcePrefixes:[]string(nil)}} Feb 9 12:33:56.620950 env[1477]: 2024-02-09 12:33:56.619 [INFO][4439] k8s.go 491: Wrote updated endpoint to datastore ContainerID="ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da" Namespace="calico-system" Pod="calico-kube-controllers-8598b7b64f-447jc" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0" Feb 9 12:33:56.676256 kernel: audit: type=1400 audit(1707482036.497:1239): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.497000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.678793 sshd[4333]: Invalid user zhangrongjing from 43.156.225.133 port 43374 Feb 9 12:33:56.679476 env[1477]: time="2024-02-09T12:33:56.679415876Z" level=info msg="loading plugin \"io.containerd.event.v1.publisher\"..." runtime=io.containerd.runc.v2 type=io.containerd.event.v1 Feb 9 12:33:56.679476 env[1477]: time="2024-02-09T12:33:56.679438959Z" level=info msg="loading plugin \"io.containerd.internal.v1.shutdown\"..." runtime=io.containerd.runc.v2 type=io.containerd.internal.v1 Feb 9 12:33:56.679476 env[1477]: time="2024-02-09T12:33:56.679448431Z" level=info msg="loading plugin \"io.containerd.ttrpc.v1.task\"..." runtime=io.containerd.runc.v2 type=io.containerd.ttrpc.v1 Feb 9 12:33:56.679565 env[1477]: time="2024-02-09T12:33:56.679511315Z" level=info msg="starting signal loop" namespace=k8s.io path=/run/containerd/io.containerd.runtime.v2.task/k8s.io/ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da pid=4592 runtime=io.containerd.runc.v2 Feb 9 12:33:56.680013 sshd[4333]: pam_faillock(sshd:auth): User unknown Feb 9 12:33:56.680188 sshd[4333]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:33:56.680205 sshd[4333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.156.225.133 Feb 9 12:33:56.680372 sshd[4333]: pam_faillock(sshd:auth): User unknown Feb 9 12:33:56.497000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.752568 systemd[1]: Started cri-containerd-ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da.scope. Feb 9 12:33:56.800821 kernel: audit: type=1400 audit(1707482036.497:1240): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.800857 kernel: audit: type=1400 audit(1707482036.497:1241): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.497000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.497000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.497000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.497000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.497000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.612000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.612000 audit: BPF prog-id=152 op=LOAD Feb 9 12:33:56.613000 audit[4553]: AVC avc: denied { bpf } for pid=4553 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.613000 audit[4553]: SYSCALL arch=c000003e syscall=321 success=yes exit=0 a0=f a1=c000145c48 a2=10 a3=1c items=0 ppid=4542 pid=4553 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:56.613000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3364623233646632613534623862383862336139666631626335653835 Feb 9 12:33:56.613000 audit[4553]: AVC avc: denied { perfmon } for pid=4553 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.613000 audit[4553]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=0 a1=c0001456b0 a2=3c a3=8 items=0 ppid=4542 pid=4553 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:56.613000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3364623233646632613534623862383862336139666631626335653835 Feb 9 12:33:56.613000 audit[4553]: AVC avc: denied { bpf } for pid=4553 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.613000 audit[4553]: AVC avc: denied { bpf } for pid=4553 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.613000 audit[4553]: AVC avc: denied { bpf } for pid=4553 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.613000 audit[4553]: AVC avc: denied { perfmon } for pid=4553 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.613000 audit[4553]: AVC avc: denied { perfmon } for pid=4553 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.613000 audit[4553]: AVC avc: denied { perfmon } for pid=4553 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.613000 audit[4553]: AVC avc: denied { perfmon } for pid=4553 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.613000 audit[4553]: AVC avc: denied { perfmon } for pid=4553 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.613000 audit[4553]: AVC avc: denied { bpf } for pid=4553 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.625000 audit[4584]: NETFILTER_CFG table=filter:100 family=2 entries=40 op=nft_register_chain pid=4584 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" Feb 9 12:33:56.625000 audit[4584]: SYSCALL arch=c000003e syscall=46 success=yes exit=21096 a0=3 a1=7ffc3dc7aa90 a2=0 a3=7ffc3dc7aa7c items=0 ppid=4044 pid=4584 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:56.625000 audit: PROCTITLE proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 Feb 9 12:33:56.679000 audit[4333]: USER_AUTH pid=4333 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="zhangrongjing" exe="/usr/sbin/sshd" hostname=43.156.225.133 addr=43.156.225.133 terminal=ssh res=failed' Feb 9 12:33:56.613000 audit[4553]: AVC avc: denied { bpf } for pid=4553 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.613000 audit: BPF prog-id=153 op=LOAD Feb 9 12:33:56.613000 audit[4553]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c0001459d8 a2=78 a3=c0003d8410 items=0 ppid=4542 pid=4553 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:56.613000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3364623233646632613534623862383862336139666631626335653835 Feb 9 12:33:56.737000 audit[4553]: AVC avc: denied { bpf } for pid=4553 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.737000 audit[4553]: AVC avc: denied { bpf } for pid=4553 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.737000 audit[4553]: AVC avc: denied { perfmon } for pid=4553 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.737000 audit[4553]: AVC avc: denied { perfmon } for pid=4553 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.737000 audit[4553]: AVC avc: denied { perfmon } for pid=4553 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.737000 audit[4553]: AVC avc: denied { perfmon } for pid=4553 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.737000 audit[4553]: AVC avc: denied { perfmon } for pid=4553 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.737000 audit[4553]: AVC avc: denied { bpf } for pid=4553 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.806000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.806000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.806000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.806000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.806000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.806000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.806000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.806000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.806000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.737000 audit[4553]: AVC avc: denied { bpf } for pid=4553 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.737000 audit: BPF prog-id=154 op=LOAD Feb 9 12:33:56.737000 audit[4553]: SYSCALL arch=c000003e syscall=321 success=yes exit=18 a0=5 a1=c000145770 a2=78 a3=c0003d8458 items=0 ppid=4542 pid=4553 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:56.737000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3364623233646632613534623862383862336139666631626335653835 Feb 9 12:33:56.862000 audit: BPF prog-id=154 op=UNLOAD Feb 9 12:33:56.862000 audit: BPF prog-id=153 op=UNLOAD Feb 9 12:33:56.862000 audit[4553]: AVC avc: denied { bpf } for pid=4553 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4553]: AVC avc: denied { bpf } for pid=4553 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4553]: AVC avc: denied { bpf } for pid=4553 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4553]: AVC avc: denied { perfmon } for pid=4553 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4553]: AVC avc: denied { perfmon } for pid=4553 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4553]: AVC avc: denied { perfmon } for pid=4553 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4553]: AVC avc: denied { perfmon } for pid=4553 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4553]: AVC avc: denied { perfmon } for pid=4553 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4553]: AVC avc: denied { bpf } for pid=4553 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit: BPF prog-id=155 op=LOAD Feb 9 12:33:56.862000 audit[4553]: AVC avc: denied { bpf } for pid=4553 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit: BPF prog-id=156 op=LOAD Feb 9 12:33:56.862000 audit[4553]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c000145c30 a2=78 a3=c000208b70 items=0 ppid=4542 pid=4553 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:56.862000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3364623233646632613534623862383862336139666631626335653835 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { bpf } for pid=4601 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: SYSCALL arch=c000003e syscall=321 success=yes exit=0 a0=f a1=c000117c48 a2=10 a3=1c items=0 ppid=4592 pid=4601 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:56.862000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6164326666663066343439326130623433363661333730306136653161 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { perfmon } for pid=4601 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=0 a1=c0001176b0 a2=3c a3=c items=0 ppid=4592 pid=4601 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:56.862000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6164326666663066343439326130623433363661333730306136653161 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { bpf } for pid=4601 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { bpf } for pid=4601 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { bpf } for pid=4601 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { perfmon } for pid=4601 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { perfmon } for pid=4601 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { perfmon } for pid=4601 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { perfmon } for pid=4601 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { perfmon } for pid=4601 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { bpf } for pid=4601 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { bpf } for pid=4601 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit: BPF prog-id=157 op=LOAD Feb 9 12:33:56.862000 audit[4601]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c0001179d8 a2=78 a3=c000180c10 items=0 ppid=4592 pid=4601 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:56.862000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6164326666663066343439326130623433363661333730306136653161 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { bpf } for pid=4601 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { bpf } for pid=4601 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { perfmon } for pid=4601 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { perfmon } for pid=4601 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { perfmon } for pid=4601 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { perfmon } for pid=4601 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { perfmon } for pid=4601 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { bpf } for pid=4601 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { bpf } for pid=4601 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit: BPF prog-id=158 op=LOAD Feb 9 12:33:56.862000 audit[4601]: SYSCALL arch=c000003e syscall=321 success=yes exit=18 a0=5 a1=c000117770 a2=78 a3=c000180c58 items=0 ppid=4592 pid=4601 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:56.862000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6164326666663066343439326130623433363661333730306136653161 Feb 9 12:33:56.862000 audit: BPF prog-id=158 op=UNLOAD Feb 9 12:33:56.862000 audit: BPF prog-id=157 op=UNLOAD Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { bpf } for pid=4601 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { bpf } for pid=4601 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { bpf } for pid=4601 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { perfmon } for pid=4601 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { perfmon } for pid=4601 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { perfmon } for pid=4601 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { perfmon } for pid=4601 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { perfmon } for pid=4601 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { bpf } for pid=4601 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit[4601]: AVC avc: denied { bpf } for pid=4601 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.862000 audit: BPF prog-id=159 op=LOAD Feb 9 12:33:56.862000 audit[4601]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c000117c30 a2=78 a3=c000181068 items=0 ppid=4592 pid=4601 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:56.862000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6164326666663066343439326130623433363661333730306136653161 Feb 9 12:33:56.880718 env[1477]: time="2024-02-09T12:33:56.880691697Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:calico-kube-controllers-8598b7b64f-447jc,Uid:9dece026-c927-4497-a4b2-37fd11886d77,Namespace:calico-system,Attempt:1,} returns sandbox id \"ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da\"" Feb 9 12:33:56.881327 env[1477]: time="2024-02-09T12:33:56.881315662Z" level=info msg="PullImage \"ghcr.io/flatcar/calico/kube-controllers:v3.27.0\"" Feb 9 12:33:56.891929 env[1477]: time="2024-02-09T12:33:56.891879056Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:coredns-5dd5756b68-w85nl,Uid:6767a203-ea0f-489a-b56d-95cceaa81e84,Namespace:kube-system,Attempt:1,} returns sandbox id \"3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b\"" Feb 9 12:33:56.893060 env[1477]: time="2024-02-09T12:33:56.893044584Z" level=info msg="CreateContainer within sandbox \"3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b\" for container &ContainerMetadata{Name:coredns,Attempt:0,}" Feb 9 12:33:56.897491 env[1477]: time="2024-02-09T12:33:56.897473579Z" level=info msg="CreateContainer within sandbox \"3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b\" for &ContainerMetadata{Name:coredns,Attempt:0,} returns container id \"9f535ff07ecec4bfee9380270c4096a1498574cc832e3ec4450181c24679910d\"" Feb 9 12:33:56.897663 env[1477]: time="2024-02-09T12:33:56.897651034Z" level=info msg="StartContainer for \"9f535ff07ecec4bfee9380270c4096a1498574cc832e3ec4450181c24679910d\"" Feb 9 12:33:56.905262 systemd[1]: Started cri-containerd-9f535ff07ecec4bfee9380270c4096a1498574cc832e3ec4450181c24679910d.scope. Feb 9 12:33:56.910000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit: BPF prog-id=160 op=LOAD Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { bpf } for pid=4639 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: SYSCALL arch=c000003e syscall=321 success=yes exit=0 a0=f a1=c000197c48 a2=10 a3=1c items=0 ppid=4542 pid=4639 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:56.910000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3966353335666630376563656334626665653933383032373063343039 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { perfmon } for pid=4639 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=0 a1=c0001976b0 a2=3c a3=c items=0 ppid=4542 pid=4639 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:56.910000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3966353335666630376563656334626665653933383032373063343039 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { bpf } for pid=4639 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { bpf } for pid=4639 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { bpf } for pid=4639 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { perfmon } for pid=4639 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { perfmon } for pid=4639 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { perfmon } for pid=4639 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { perfmon } for pid=4639 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { perfmon } for pid=4639 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { bpf } for pid=4639 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { bpf } for pid=4639 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit: BPF prog-id=161 op=LOAD Feb 9 12:33:56.910000 audit[4639]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c0001979d8 a2=78 a3=c0003b0120 items=0 ppid=4542 pid=4639 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:56.910000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3966353335666630376563656334626665653933383032373063343039 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { bpf } for pid=4639 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { bpf } for pid=4639 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { perfmon } for pid=4639 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { perfmon } for pid=4639 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { perfmon } for pid=4639 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { perfmon } for pid=4639 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { perfmon } for pid=4639 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { bpf } for pid=4639 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { bpf } for pid=4639 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit: BPF prog-id=162 op=LOAD Feb 9 12:33:56.910000 audit[4639]: SYSCALL arch=c000003e syscall=321 success=yes exit=18 a0=5 a1=c000197770 a2=78 a3=c0003b0168 items=0 ppid=4542 pid=4639 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:56.910000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3966353335666630376563656334626665653933383032373063343039 Feb 9 12:33:56.910000 audit: BPF prog-id=162 op=UNLOAD Feb 9 12:33:56.910000 audit: BPF prog-id=161 op=UNLOAD Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { bpf } for pid=4639 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { bpf } for pid=4639 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { bpf } for pid=4639 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { perfmon } for pid=4639 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { perfmon } for pid=4639 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { perfmon } for pid=4639 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { perfmon } for pid=4639 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { perfmon } for pid=4639 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { bpf } for pid=4639 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit[4639]: AVC avc: denied { bpf } for pid=4639 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:56.910000 audit: BPF prog-id=163 op=LOAD Feb 9 12:33:56.910000 audit[4639]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c000197c30 a2=78 a3=c0003b0578 items=0 ppid=4542 pid=4639 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:56.910000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3966353335666630376563656334626665653933383032373063343039 Feb 9 12:33:56.918088 env[1477]: time="2024-02-09T12:33:56.918037719Z" level=info msg="StartContainer for \"9f535ff07ecec4bfee9380270c4096a1498574cc832e3ec4450181c24679910d\" returns successfully" Feb 9 12:33:57.350416 kubelet[2604]: I0209 12:33:57.350303 2604 pod_startup_latency_tracker.go:102] "Observed pod startup duration" pod="kube-system/coredns-5dd5756b68-w85nl" podStartSLOduration=77.350177262 podCreationTimestamp="2024-02-09 12:32:40 +0000 UTC" firstStartedPulling="0001-01-01 00:00:00 +0000 UTC" lastFinishedPulling="0001-01-01 00:00:00 +0000 UTC" observedRunningTime="2024-02-09 12:33:57.349888449 +0000 UTC m=+90.377375709" watchObservedRunningTime="2024-02-09 12:33:57.350177262 +0000 UTC m=+90.377664503" Feb 9 12:33:57.370000 audit[4681]: NETFILTER_CFG table=filter:101 family=2 entries=14 op=nft_register_rule pid=4681 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:33:57.370000 audit[4681]: SYSCALL arch=c000003e syscall=46 success=yes exit=4956 a0=3 a1=7ffdaada2470 a2=0 a3=7ffdaada245c items=0 ppid=2874 pid=4681 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:57.370000 audit: PROCTITLE proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:33:57.372000 audit[4681]: NETFILTER_CFG table=nat:102 family=2 entries=14 op=nft_register_rule pid=4681 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:33:57.372000 audit[4681]: SYSCALL arch=c000003e syscall=46 success=yes exit=3300 a0=3 a1=7ffdaada2470 a2=0 a3=31030 items=0 ppid=2874 pid=4681 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:57.372000 audit: PROCTITLE proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:33:57.395000 audit[4683]: NETFILTER_CFG table=filter:103 family=2 entries=11 op=nft_register_rule pid=4683 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:33:57.395000 audit[4683]: SYSCALL arch=c000003e syscall=46 success=yes exit=2844 a0=3 a1=7ffc60e07f00 a2=0 a3=7ffc60e07eec items=0 ppid=2874 pid=4683 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:57.395000 audit: PROCTITLE proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:33:57.398000 audit[4683]: NETFILTER_CFG table=nat:104 family=2 entries=35 op=nft_register_chain pid=4683 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:33:57.398000 audit[4683]: SYSCALL arch=c000003e syscall=46 success=yes exit=13788 a0=3 a1=7ffc60e07f00 a2=0 a3=7ffc60e07eec items=0 ppid=2874 pid=4683 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:57.398000 audit: PROCTITLE proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:33:57.662520 systemd-networkd[1320]: calib01d505d2ad: Gained IPv6LL Feb 9 12:33:58.026361 env[1477]: time="2024-02-09T12:33:58.026113922Z" level=info msg="StopPodSandbox for \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\"" Feb 9 12:33:58.127086 env[1477]: 2024-02-09 12:33:58.094 [INFO][4702] k8s.go 578: Cleaning up netns ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Feb 9 12:33:58.127086 env[1477]: 2024-02-09 12:33:58.095 [INFO][4702] dataplane_linux.go 530: Deleting workload's device in netns. ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" iface="eth0" netns="/var/run/netns/cni-d2809c18-443a-d3a9-1ec9-36202abaacf4" Feb 9 12:33:58.127086 env[1477]: 2024-02-09 12:33:58.095 [INFO][4702] dataplane_linux.go 541: Entered netns, deleting veth. ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" iface="eth0" netns="/var/run/netns/cni-d2809c18-443a-d3a9-1ec9-36202abaacf4" Feb 9 12:33:58.127086 env[1477]: 2024-02-09 12:33:58.095 [INFO][4702] dataplane_linux.go 568: Workload's veth was already gone. Nothing to do. ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" iface="eth0" netns="/var/run/netns/cni-d2809c18-443a-d3a9-1ec9-36202abaacf4" Feb 9 12:33:58.127086 env[1477]: 2024-02-09 12:33:58.095 [INFO][4702] k8s.go 585: Releasing IP address(es) ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Feb 9 12:33:58.127086 env[1477]: 2024-02-09 12:33:58.095 [INFO][4702] utils.go 188: Calico CNI releasing IP address ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Feb 9 12:33:58.127086 env[1477]: 2024-02-09 12:33:58.115 [INFO][4720] ipam_plugin.go 415: Releasing address using handleID ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" HandleID="k8s-pod-network.bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Workload="ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0" Feb 9 12:33:58.127086 env[1477]: 2024-02-09 12:33:58.115 [INFO][4720] ipam_plugin.go 356: About to acquire host-wide IPAM lock. Feb 9 12:33:58.127086 env[1477]: 2024-02-09 12:33:58.115 [INFO][4720] ipam_plugin.go 371: Acquired host-wide IPAM lock. Feb 9 12:33:58.127086 env[1477]: 2024-02-09 12:33:58.123 [WARNING][4720] ipam_plugin.go 432: Asked to release address but it doesn't exist. Ignoring ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" HandleID="k8s-pod-network.bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Workload="ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0" Feb 9 12:33:58.127086 env[1477]: 2024-02-09 12:33:58.123 [INFO][4720] ipam_plugin.go 443: Releasing address using workloadID ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" HandleID="k8s-pod-network.bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Workload="ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0" Feb 9 12:33:58.127086 env[1477]: 2024-02-09 12:33:58.124 [INFO][4720] ipam_plugin.go 377: Released host-wide IPAM lock. Feb 9 12:33:58.127086 env[1477]: 2024-02-09 12:33:58.125 [INFO][4702] k8s.go 591: Teardown processing complete. ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Feb 9 12:33:58.127655 env[1477]: time="2024-02-09T12:33:58.127195395Z" level=info msg="TearDown network for sandbox \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\" successfully" Feb 9 12:33:58.127655 env[1477]: time="2024-02-09T12:33:58.127235972Z" level=info msg="StopPodSandbox for \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\" returns successfully" Feb 9 12:33:58.127905 env[1477]: time="2024-02-09T12:33:58.127849573Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:csi-node-driver-8dfwv,Uid:9d7d849f-47a3-4ce5-b643-2347a74f746a,Namespace:calico-system,Attempt:1,}" Feb 9 12:33:58.129849 systemd[1]: run-netns-cni\x2dd2809c18\x2d443a\x2dd3a9\x2d1ec9\x2d36202abaacf4.mount: Deactivated successfully. Feb 9 12:33:58.208924 systemd-networkd[1320]: cali05433f3eb29: Link UP Feb 9 12:33:58.263543 kernel: IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready Feb 9 12:33:58.263592 kernel: IPv6: ADDRCONF(NETDEV_CHANGE): cali05433f3eb29: link becomes ready Feb 9 12:33:58.263744 systemd-networkd[1320]: cali05433f3eb29: Gained carrier Feb 9 12:33:58.263842 systemd-networkd[1320]: cali04585fa2f12: Gained IPv6LL Feb 9 12:33:58.268992 env[1477]: 2024-02-09 12:33:58.164 [INFO][4737] plugin.go 327: Calico CNI found existing endpoint: &{{WorkloadEndpoint projectcalico.org/v3} {ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0 csi-node-driver- calico-system 9d7d849f-47a3-4ce5-b643-2347a74f746a 832 0 2024-02-09 12:32:45 +0000 UTC map[app.kubernetes.io/name:csi-node-driver controller-revision-hash:676488fcc9 k8s-app:csi-node-driver name:csi-node-driver pod-template-generation:1 projectcalico.org/namespace:calico-system projectcalico.org/orchestrator:k8s projectcalico.org/serviceaccount:default] map[] [] [] []} {k8s ci-3510.3.2-a-260490bd8e csi-node-driver-8dfwv eth0 default [] [] [kns.calico-system ksa.calico-system.default] cali05433f3eb29 [] []}} ContainerID="8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb" Namespace="calico-system" Pod="csi-node-driver-8dfwv" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-" Feb 9 12:33:58.268992 env[1477]: 2024-02-09 12:33:58.164 [INFO][4737] k8s.go 76: Extracted identifiers for CmdAddK8s ContainerID="8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb" Namespace="calico-system" Pod="csi-node-driver-8dfwv" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0" Feb 9 12:33:58.268992 env[1477]: 2024-02-09 12:33:58.184 [INFO][4760] ipam_plugin.go 228: Calico CNI IPAM request count IPv4=1 IPv6=0 ContainerID="8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb" HandleID="k8s-pod-network.8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb" Workload="ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0" Feb 9 12:33:58.268992 env[1477]: 2024-02-09 12:33:58.190 [INFO][4760] ipam_plugin.go 268: Auto assigning IP ContainerID="8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb" HandleID="k8s-pod-network.8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb" Workload="ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0" assignArgs=ipam.AutoAssignArgs{Num4:1, Num6:0, HandleID:(*string)(0xc00029d230), Attrs:map[string]string{"namespace":"calico-system", "node":"ci-3510.3.2-a-260490bd8e", "pod":"csi-node-driver-8dfwv", "timestamp":"2024-02-09 12:33:58.184125915 +0000 UTC"}, Hostname:"ci-3510.3.2-a-260490bd8e", IPv4Pools:[]net.IPNet{}, IPv6Pools:[]net.IPNet{}, MaxBlocksPerHost:0, HostReservedAttrIPv4s:(*ipam.HostReservedAttr)(nil), HostReservedAttrIPv6s:(*ipam.HostReservedAttr)(nil), IntendedUse:"Workload"} Feb 9 12:33:58.268992 env[1477]: 2024-02-09 12:33:58.190 [INFO][4760] ipam_plugin.go 356: About to acquire host-wide IPAM lock. Feb 9 12:33:58.268992 env[1477]: 2024-02-09 12:33:58.190 [INFO][4760] ipam_plugin.go 371: Acquired host-wide IPAM lock. Feb 9 12:33:58.268992 env[1477]: 2024-02-09 12:33:58.190 [INFO][4760] ipam.go 107: Auto-assign 1 ipv4, 0 ipv6 addrs for host 'ci-3510.3.2-a-260490bd8e' Feb 9 12:33:58.268992 env[1477]: 2024-02-09 12:33:58.192 [INFO][4760] ipam.go 660: Looking up existing affinities for host handle="k8s-pod-network.8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb" host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:58.268992 env[1477]: 2024-02-09 12:33:58.194 [INFO][4760] ipam.go 372: Looking up existing affinities for host host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:58.268992 env[1477]: 2024-02-09 12:33:58.197 [INFO][4760] ipam.go 489: Trying affinity for 192.168.29.192/26 host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:58.268992 env[1477]: 2024-02-09 12:33:58.198 [INFO][4760] ipam.go 155: Attempting to load block cidr=192.168.29.192/26 host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:58.268992 env[1477]: 2024-02-09 12:33:58.200 [INFO][4760] ipam.go 232: Affinity is confirmed and block has been loaded cidr=192.168.29.192/26 host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:58.268992 env[1477]: 2024-02-09 12:33:58.200 [INFO][4760] ipam.go 1180: Attempting to assign 1 addresses from block block=192.168.29.192/26 handle="k8s-pod-network.8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb" host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:58.268992 env[1477]: 2024-02-09 12:33:58.201 [INFO][4760] ipam.go 1682: Creating new handle: k8s-pod-network.8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb Feb 9 12:33:58.268992 env[1477]: 2024-02-09 12:33:58.203 [INFO][4760] ipam.go 1203: Writing block in order to claim IPs block=192.168.29.192/26 handle="k8s-pod-network.8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb" host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:58.268992 env[1477]: 2024-02-09 12:33:58.207 [INFO][4760] ipam.go 1216: Successfully claimed IPs: [192.168.29.195/26] block=192.168.29.192/26 handle="k8s-pod-network.8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb" host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:58.268992 env[1477]: 2024-02-09 12:33:58.207 [INFO][4760] ipam.go 847: Auto-assigned 1 out of 1 IPv4s: [192.168.29.195/26] handle="k8s-pod-network.8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb" host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:58.268992 env[1477]: 2024-02-09 12:33:58.207 [INFO][4760] ipam_plugin.go 377: Released host-wide IPAM lock. Feb 9 12:33:58.268992 env[1477]: 2024-02-09 12:33:58.207 [INFO][4760] ipam_plugin.go 286: Calico CNI IPAM assigned addresses IPv4=[192.168.29.195/26] IPv6=[] ContainerID="8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb" HandleID="k8s-pod-network.8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb" Workload="ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0" Feb 9 12:33:58.269651 env[1477]: 2024-02-09 12:33:58.208 [INFO][4737] k8s.go 385: Populated endpoint ContainerID="8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb" Namespace="calico-system" Pod="csi-node-driver-8dfwv" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0" endpoint=&v3.WorkloadEndpoint{TypeMeta:v1.TypeMeta{Kind:"WorkloadEndpoint", APIVersion:"projectcalico.org/v3"}, ObjectMeta:v1.ObjectMeta{Name:"ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0", GenerateName:"csi-node-driver-", Namespace:"calico-system", SelfLink:"", UID:"9d7d849f-47a3-4ce5-b643-2347a74f746a", ResourceVersion:"832", Generation:0, CreationTimestamp:time.Date(2024, time.February, 9, 12, 32, 45, 0, time.Local), DeletionTimestamp:, DeletionGracePeriodSeconds:(*int64)(nil), Labels:map[string]string{"app.kubernetes.io/name":"csi-node-driver", "controller-revision-hash":"676488fcc9", "k8s-app":"csi-node-driver", "name":"csi-node-driver", "pod-template-generation":"1", "projectcalico.org/namespace":"calico-system", "projectcalico.org/orchestrator":"k8s", "projectcalico.org/serviceaccount":"default"}, Annotations:map[string]string(nil), OwnerReferences:[]v1.OwnerReference(nil), Finalizers:[]string(nil), ManagedFields:[]v1.ManagedFieldsEntry(nil)}, Spec:v3.WorkloadEndpointSpec{Orchestrator:"k8s", Workload:"", Node:"ci-3510.3.2-a-260490bd8e", ContainerID:"", Pod:"csi-node-driver-8dfwv", Endpoint:"eth0", ServiceAccountName:"default", IPNetworks:[]string{"192.168.29.195/32"}, IPNATs:[]v3.IPNAT(nil), IPv4Gateway:"", IPv6Gateway:"", Profiles:[]string{"kns.calico-system", "ksa.calico-system.default"}, InterfaceName:"cali05433f3eb29", MAC:"", Ports:[]v3.WorkloadEndpointPort(nil), AllowSpoofedSourcePrefixes:[]string(nil)}} Feb 9 12:33:58.269651 env[1477]: 2024-02-09 12:33:58.208 [INFO][4737] k8s.go 386: Calico CNI using IPs: [192.168.29.195/32] ContainerID="8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb" Namespace="calico-system" Pod="csi-node-driver-8dfwv" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0" Feb 9 12:33:58.269651 env[1477]: 2024-02-09 12:33:58.208 [INFO][4737] dataplane_linux.go 68: Setting the host side veth name to cali05433f3eb29 ContainerID="8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb" Namespace="calico-system" Pod="csi-node-driver-8dfwv" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0" Feb 9 12:33:58.269651 env[1477]: 2024-02-09 12:33:58.263 [INFO][4737] dataplane_linux.go 479: Disabling IPv4 forwarding ContainerID="8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb" Namespace="calico-system" Pod="csi-node-driver-8dfwv" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0" Feb 9 12:33:58.269651 env[1477]: 2024-02-09 12:33:58.263 [INFO][4737] k8s.go 413: Added Mac, interface name, and active container ID to endpoint ContainerID="8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb" Namespace="calico-system" Pod="csi-node-driver-8dfwv" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0" endpoint=&v3.WorkloadEndpoint{TypeMeta:v1.TypeMeta{Kind:"WorkloadEndpoint", APIVersion:"projectcalico.org/v3"}, ObjectMeta:v1.ObjectMeta{Name:"ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0", GenerateName:"csi-node-driver-", Namespace:"calico-system", SelfLink:"", UID:"9d7d849f-47a3-4ce5-b643-2347a74f746a", ResourceVersion:"832", Generation:0, CreationTimestamp:time.Date(2024, time.February, 9, 12, 32, 45, 0, time.Local), DeletionTimestamp:, DeletionGracePeriodSeconds:(*int64)(nil), Labels:map[string]string{"app.kubernetes.io/name":"csi-node-driver", "controller-revision-hash":"676488fcc9", "k8s-app":"csi-node-driver", "name":"csi-node-driver", "pod-template-generation":"1", "projectcalico.org/namespace":"calico-system", "projectcalico.org/orchestrator":"k8s", "projectcalico.org/serviceaccount":"default"}, Annotations:map[string]string(nil), OwnerReferences:[]v1.OwnerReference(nil), Finalizers:[]string(nil), ManagedFields:[]v1.ManagedFieldsEntry(nil)}, Spec:v3.WorkloadEndpointSpec{Orchestrator:"k8s", Workload:"", Node:"ci-3510.3.2-a-260490bd8e", ContainerID:"8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb", Pod:"csi-node-driver-8dfwv", Endpoint:"eth0", ServiceAccountName:"default", IPNetworks:[]string{"192.168.29.195/32"}, IPNATs:[]v3.IPNAT(nil), IPv4Gateway:"", IPv6Gateway:"", Profiles:[]string{"kns.calico-system", "ksa.calico-system.default"}, InterfaceName:"cali05433f3eb29", MAC:"16:0a:2d:b3:6d:4e", Ports:[]v3.WorkloadEndpointPort(nil), AllowSpoofedSourcePrefixes:[]string(nil)}} Feb 9 12:33:58.269651 env[1477]: 2024-02-09 12:33:58.268 [INFO][4737] k8s.go 491: Wrote updated endpoint to datastore ContainerID="8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb" Namespace="calico-system" Pod="csi-node-driver-8dfwv" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0" Feb 9 12:33:58.274622 env[1477]: time="2024-02-09T12:33:58.274586345Z" level=info msg="loading plugin \"io.containerd.event.v1.publisher\"..." runtime=io.containerd.runc.v2 type=io.containerd.event.v1 Feb 9 12:33:58.274622 env[1477]: time="2024-02-09T12:33:58.274607566Z" level=info msg="loading plugin \"io.containerd.internal.v1.shutdown\"..." runtime=io.containerd.runc.v2 type=io.containerd.internal.v1 Feb 9 12:33:58.274622 env[1477]: time="2024-02-09T12:33:58.274614572Z" level=info msg="loading plugin \"io.containerd.ttrpc.v1.task\"..." runtime=io.containerd.runc.v2 type=io.containerd.ttrpc.v1 Feb 9 12:33:58.274779 env[1477]: time="2024-02-09T12:33:58.274726074Z" level=info msg="starting signal loop" namespace=k8s.io path=/run/containerd/io.containerd.runtime.v2.task/k8s.io/8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb pid=4795 runtime=io.containerd.runc.v2 Feb 9 12:33:58.274000 audit[4800]: NETFILTER_CFG table=filter:105 family=2 entries=44 op=nft_register_chain pid=4800 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" Feb 9 12:33:58.274000 audit[4800]: SYSCALL arch=c000003e syscall=46 success=yes exit=22360 a0=3 a1=7fffb325c7b0 a2=0 a3=7fffb325c79c items=0 ppid=4044 pid=4800 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:58.274000 audit: PROCTITLE proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 Feb 9 12:33:58.293673 systemd[1]: Started cri-containerd-8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb.scope. Feb 9 12:33:58.296000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.296000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.296000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.296000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.296000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.296000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.296000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.296000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.296000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.296000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.296000 audit: BPF prog-id=164 op=LOAD Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { bpf } for pid=4806 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: SYSCALL arch=c000003e syscall=321 success=yes exit=0 a0=f a1=c000117c48 a2=10 a3=1c items=0 ppid=4795 pid=4806 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:58.297000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3865373439306564653866323263346135633639303936633230323237 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { perfmon } for pid=4806 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c0001176b0 a2=3c a3=c items=0 ppid=4795 pid=4806 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:58.297000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3865373439306564653866323263346135633639303936633230323237 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { bpf } for pid=4806 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { bpf } for pid=4806 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { bpf } for pid=4806 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { perfmon } for pid=4806 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { perfmon } for pid=4806 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { perfmon } for pid=4806 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { perfmon } for pid=4806 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { perfmon } for pid=4806 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { bpf } for pid=4806 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { bpf } for pid=4806 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit: BPF prog-id=165 op=LOAD Feb 9 12:33:58.297000 audit[4806]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c0001179d8 a2=78 a3=c000304730 items=0 ppid=4795 pid=4806 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:58.297000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3865373439306564653866323263346135633639303936633230323237 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { bpf } for pid=4806 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { bpf } for pid=4806 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { perfmon } for pid=4806 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { perfmon } for pid=4806 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { perfmon } for pid=4806 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { perfmon } for pid=4806 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { perfmon } for pid=4806 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { bpf } for pid=4806 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { bpf } for pid=4806 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit: BPF prog-id=166 op=LOAD Feb 9 12:33:58.297000 audit[4806]: SYSCALL arch=c000003e syscall=321 success=yes exit=17 a0=5 a1=c000117770 a2=78 a3=c000304778 items=0 ppid=4795 pid=4806 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:58.297000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3865373439306564653866323263346135633639303936633230323237 Feb 9 12:33:58.297000 audit: BPF prog-id=166 op=UNLOAD Feb 9 12:33:58.297000 audit: BPF prog-id=165 op=UNLOAD Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { bpf } for pid=4806 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { bpf } for pid=4806 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { bpf } for pid=4806 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { perfmon } for pid=4806 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { perfmon } for pid=4806 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { perfmon } for pid=4806 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { perfmon } for pid=4806 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { perfmon } for pid=4806 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { bpf } for pid=4806 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit[4806]: AVC avc: denied { bpf } for pid=4806 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:58.297000 audit: BPF prog-id=167 op=LOAD Feb 9 12:33:58.297000 audit[4806]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c000117c30 a2=78 a3=c000304b88 items=0 ppid=4795 pid=4806 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:58.297000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3865373439306564653866323263346135633639303936633230323237 Feb 9 12:33:58.315504 env[1477]: time="2024-02-09T12:33:58.315452521Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:csi-node-driver-8dfwv,Uid:9d7d849f-47a3-4ce5-b643-2347a74f746a,Namespace:calico-system,Attempt:1,} returns sandbox id \"8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb\"" Feb 9 12:33:58.902993 sshd[4333]: Failed password for invalid user zhangrongjing from 43.156.225.133 port 43374 ssh2 Feb 9 12:33:59.026584 env[1477]: time="2024-02-09T12:33:59.026463718Z" level=info msg="StopPodSandbox for \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\"" Feb 9 12:33:59.097474 env[1477]: 2024-02-09 12:33:59.080 [INFO][4845] k8s.go 578: Cleaning up netns ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Feb 9 12:33:59.097474 env[1477]: 2024-02-09 12:33:59.080 [INFO][4845] dataplane_linux.go 530: Deleting workload's device in netns. ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" iface="eth0" netns="/var/run/netns/cni-2148927b-5b2e-f5e1-2a8e-dd8d87de108f" Feb 9 12:33:59.097474 env[1477]: 2024-02-09 12:33:59.080 [INFO][4845] dataplane_linux.go 541: Entered netns, deleting veth. ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" iface="eth0" netns="/var/run/netns/cni-2148927b-5b2e-f5e1-2a8e-dd8d87de108f" Feb 9 12:33:59.097474 env[1477]: 2024-02-09 12:33:59.080 [INFO][4845] dataplane_linux.go 568: Workload's veth was already gone. Nothing to do. ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" iface="eth0" netns="/var/run/netns/cni-2148927b-5b2e-f5e1-2a8e-dd8d87de108f" Feb 9 12:33:59.097474 env[1477]: 2024-02-09 12:33:59.080 [INFO][4845] k8s.go 585: Releasing IP address(es) ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Feb 9 12:33:59.097474 env[1477]: 2024-02-09 12:33:59.080 [INFO][4845] utils.go 188: Calico CNI releasing IP address ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Feb 9 12:33:59.097474 env[1477]: 2024-02-09 12:33:59.090 [INFO][4860] ipam_plugin.go 415: Releasing address using handleID ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" HandleID="k8s-pod-network.cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0" Feb 9 12:33:59.097474 env[1477]: 2024-02-09 12:33:59.090 [INFO][4860] ipam_plugin.go 356: About to acquire host-wide IPAM lock. Feb 9 12:33:59.097474 env[1477]: 2024-02-09 12:33:59.090 [INFO][4860] ipam_plugin.go 371: Acquired host-wide IPAM lock. Feb 9 12:33:59.097474 env[1477]: 2024-02-09 12:33:59.094 [WARNING][4860] ipam_plugin.go 432: Asked to release address but it doesn't exist. Ignoring ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" HandleID="k8s-pod-network.cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0" Feb 9 12:33:59.097474 env[1477]: 2024-02-09 12:33:59.094 [INFO][4860] ipam_plugin.go 443: Releasing address using workloadID ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" HandleID="k8s-pod-network.cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0" Feb 9 12:33:59.097474 env[1477]: 2024-02-09 12:33:59.096 [INFO][4860] ipam_plugin.go 377: Released host-wide IPAM lock. Feb 9 12:33:59.097474 env[1477]: 2024-02-09 12:33:59.096 [INFO][4845] k8s.go 591: Teardown processing complete. ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Feb 9 12:33:59.097860 env[1477]: time="2024-02-09T12:33:59.097550940Z" level=info msg="TearDown network for sandbox \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\" successfully" Feb 9 12:33:59.097860 env[1477]: time="2024-02-09T12:33:59.097571621Z" level=info msg="StopPodSandbox for \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\" returns successfully" Feb 9 12:33:59.098057 env[1477]: time="2024-02-09T12:33:59.098021409Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:coredns-5dd5756b68-hcnbs,Uid:68728d04-1b22-4a01-b400-f233f97ddf7a,Namespace:kube-system,Attempt:1,}" Feb 9 12:33:59.129242 systemd[1]: run-netns-cni\x2d2148927b\x2d5b2e\x2df5e1\x2d2a8e\x2ddd8d87de108f.mount: Deactivated successfully. Feb 9 12:33:59.158831 systemd-networkd[1320]: cali2cdfa806cf9: Link UP Feb 9 12:33:59.186265 kernel: IPv6: ADDRCONF(NETDEV_CHANGE): cali2cdfa806cf9: link becomes ready Feb 9 12:33:59.186389 systemd-networkd[1320]: cali2cdfa806cf9: Gained carrier Feb 9 12:33:59.192190 env[1477]: 2024-02-09 12:33:59.118 [INFO][4876] plugin.go 327: Calico CNI found existing endpoint: &{{WorkloadEndpoint projectcalico.org/v3} {ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0 coredns-5dd5756b68- kube-system 68728d04-1b22-4a01-b400-f233f97ddf7a 840 0 2024-02-09 12:32:40 +0000 UTC map[k8s-app:kube-dns pod-template-hash:5dd5756b68 projectcalico.org/namespace:kube-system projectcalico.org/orchestrator:k8s projectcalico.org/serviceaccount:coredns] map[] [] [] []} {k8s ci-3510.3.2-a-260490bd8e coredns-5dd5756b68-hcnbs eth0 coredns [] [] [kns.kube-system ksa.kube-system.coredns] cali2cdfa806cf9 [{dns UDP 53 0 } {dns-tcp TCP 53 0 } {metrics TCP 9153 0 }] []}} ContainerID="8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923" Namespace="kube-system" Pod="coredns-5dd5756b68-hcnbs" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-" Feb 9 12:33:59.192190 env[1477]: 2024-02-09 12:33:59.118 [INFO][4876] k8s.go 76: Extracted identifiers for CmdAddK8s ContainerID="8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923" Namespace="kube-system" Pod="coredns-5dd5756b68-hcnbs" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0" Feb 9 12:33:59.192190 env[1477]: 2024-02-09 12:33:59.132 [INFO][4901] ipam_plugin.go 228: Calico CNI IPAM request count IPv4=1 IPv6=0 ContainerID="8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923" HandleID="k8s-pod-network.8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0" Feb 9 12:33:59.192190 env[1477]: 2024-02-09 12:33:59.139 [INFO][4901] ipam_plugin.go 268: Auto assigning IP ContainerID="8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923" HandleID="k8s-pod-network.8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0" assignArgs=ipam.AutoAssignArgs{Num4:1, Num6:0, HandleID:(*string)(0xc00089d800), Attrs:map[string]string{"namespace":"kube-system", "node":"ci-3510.3.2-a-260490bd8e", "pod":"coredns-5dd5756b68-hcnbs", "timestamp":"2024-02-09 12:33:59.132846583 +0000 UTC"}, Hostname:"ci-3510.3.2-a-260490bd8e", IPv4Pools:[]net.IPNet{}, IPv6Pools:[]net.IPNet{}, MaxBlocksPerHost:0, HostReservedAttrIPv4s:(*ipam.HostReservedAttr)(nil), HostReservedAttrIPv6s:(*ipam.HostReservedAttr)(nil), IntendedUse:"Workload"} Feb 9 12:33:59.192190 env[1477]: 2024-02-09 12:33:59.139 [INFO][4901] ipam_plugin.go 356: About to acquire host-wide IPAM lock. Feb 9 12:33:59.192190 env[1477]: 2024-02-09 12:33:59.139 [INFO][4901] ipam_plugin.go 371: Acquired host-wide IPAM lock. Feb 9 12:33:59.192190 env[1477]: 2024-02-09 12:33:59.139 [INFO][4901] ipam.go 107: Auto-assign 1 ipv4, 0 ipv6 addrs for host 'ci-3510.3.2-a-260490bd8e' Feb 9 12:33:59.192190 env[1477]: 2024-02-09 12:33:59.141 [INFO][4901] ipam.go 660: Looking up existing affinities for host handle="k8s-pod-network.8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923" host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:59.192190 env[1477]: 2024-02-09 12:33:59.144 [INFO][4901] ipam.go 372: Looking up existing affinities for host host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:59.192190 env[1477]: 2024-02-09 12:33:59.147 [INFO][4901] ipam.go 489: Trying affinity for 192.168.29.192/26 host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:59.192190 env[1477]: 2024-02-09 12:33:59.148 [INFO][4901] ipam.go 155: Attempting to load block cidr=192.168.29.192/26 host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:59.192190 env[1477]: 2024-02-09 12:33:59.149 [INFO][4901] ipam.go 232: Affinity is confirmed and block has been loaded cidr=192.168.29.192/26 host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:59.192190 env[1477]: 2024-02-09 12:33:59.149 [INFO][4901] ipam.go 1180: Attempting to assign 1 addresses from block block=192.168.29.192/26 handle="k8s-pod-network.8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923" host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:59.192190 env[1477]: 2024-02-09 12:33:59.151 [INFO][4901] ipam.go 1682: Creating new handle: k8s-pod-network.8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923 Feb 9 12:33:59.192190 env[1477]: 2024-02-09 12:33:59.153 [INFO][4901] ipam.go 1203: Writing block in order to claim IPs block=192.168.29.192/26 handle="k8s-pod-network.8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923" host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:59.192190 env[1477]: 2024-02-09 12:33:59.156 [INFO][4901] ipam.go 1216: Successfully claimed IPs: [192.168.29.196/26] block=192.168.29.192/26 handle="k8s-pod-network.8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923" host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:59.192190 env[1477]: 2024-02-09 12:33:59.156 [INFO][4901] ipam.go 847: Auto-assigned 1 out of 1 IPv4s: [192.168.29.196/26] handle="k8s-pod-network.8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923" host="ci-3510.3.2-a-260490bd8e" Feb 9 12:33:59.192190 env[1477]: 2024-02-09 12:33:59.157 [INFO][4901] ipam_plugin.go 377: Released host-wide IPAM lock. Feb 9 12:33:59.192190 env[1477]: 2024-02-09 12:33:59.157 [INFO][4901] ipam_plugin.go 286: Calico CNI IPAM assigned addresses IPv4=[192.168.29.196/26] IPv6=[] ContainerID="8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923" HandleID="k8s-pod-network.8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0" Feb 9 12:33:59.192859 env[1477]: 2024-02-09 12:33:59.157 [INFO][4876] k8s.go 385: Populated endpoint ContainerID="8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923" Namespace="kube-system" Pod="coredns-5dd5756b68-hcnbs" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0" endpoint=&v3.WorkloadEndpoint{TypeMeta:v1.TypeMeta{Kind:"WorkloadEndpoint", APIVersion:"projectcalico.org/v3"}, ObjectMeta:v1.ObjectMeta{Name:"ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0", GenerateName:"coredns-5dd5756b68-", Namespace:"kube-system", SelfLink:"", UID:"68728d04-1b22-4a01-b400-f233f97ddf7a", ResourceVersion:"840", Generation:0, CreationTimestamp:time.Date(2024, time.February, 9, 12, 32, 40, 0, time.Local), DeletionTimestamp:, DeletionGracePeriodSeconds:(*int64)(nil), Labels:map[string]string{"k8s-app":"kube-dns", "pod-template-hash":"5dd5756b68", "projectcalico.org/namespace":"kube-system", "projectcalico.org/orchestrator":"k8s", "projectcalico.org/serviceaccount":"coredns"}, Annotations:map[string]string(nil), OwnerReferences:[]v1.OwnerReference(nil), Finalizers:[]string(nil), ManagedFields:[]v1.ManagedFieldsEntry(nil)}, Spec:v3.WorkloadEndpointSpec{Orchestrator:"k8s", Workload:"", Node:"ci-3510.3.2-a-260490bd8e", ContainerID:"", Pod:"coredns-5dd5756b68-hcnbs", Endpoint:"eth0", ServiceAccountName:"coredns", IPNetworks:[]string{"192.168.29.196/32"}, IPNATs:[]v3.IPNAT(nil), IPv4Gateway:"", IPv6Gateway:"", Profiles:[]string{"kns.kube-system", "ksa.kube-system.coredns"}, InterfaceName:"cali2cdfa806cf9", MAC:"", Ports:[]v3.WorkloadEndpointPort{v3.WorkloadEndpointPort{Name:"dns", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"UDP"}, Port:0x35, HostPort:0x0, HostIP:""}, v3.WorkloadEndpointPort{Name:"dns-tcp", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"TCP"}, Port:0x35, HostPort:0x0, HostIP:""}, v3.WorkloadEndpointPort{Name:"metrics", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"TCP"}, Port:0x23c1, HostPort:0x0, HostIP:""}}, AllowSpoofedSourcePrefixes:[]string(nil)}} Feb 9 12:33:59.192859 env[1477]: 2024-02-09 12:33:59.158 [INFO][4876] k8s.go 386: Calico CNI using IPs: [192.168.29.196/32] ContainerID="8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923" Namespace="kube-system" Pod="coredns-5dd5756b68-hcnbs" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0" Feb 9 12:33:59.192859 env[1477]: 2024-02-09 12:33:59.158 [INFO][4876] dataplane_linux.go 68: Setting the host side veth name to cali2cdfa806cf9 ContainerID="8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923" Namespace="kube-system" Pod="coredns-5dd5756b68-hcnbs" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0" Feb 9 12:33:59.192859 env[1477]: 2024-02-09 12:33:59.186 [INFO][4876] dataplane_linux.go 479: Disabling IPv4 forwarding ContainerID="8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923" Namespace="kube-system" Pod="coredns-5dd5756b68-hcnbs" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0" Feb 9 12:33:59.192859 env[1477]: 2024-02-09 12:33:59.186 [INFO][4876] k8s.go 413: Added Mac, interface name, and active container ID to endpoint ContainerID="8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923" Namespace="kube-system" Pod="coredns-5dd5756b68-hcnbs" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0" endpoint=&v3.WorkloadEndpoint{TypeMeta:v1.TypeMeta{Kind:"WorkloadEndpoint", APIVersion:"projectcalico.org/v3"}, ObjectMeta:v1.ObjectMeta{Name:"ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0", GenerateName:"coredns-5dd5756b68-", Namespace:"kube-system", SelfLink:"", UID:"68728d04-1b22-4a01-b400-f233f97ddf7a", ResourceVersion:"840", Generation:0, CreationTimestamp:time.Date(2024, time.February, 9, 12, 32, 40, 0, time.Local), DeletionTimestamp:, DeletionGracePeriodSeconds:(*int64)(nil), Labels:map[string]string{"k8s-app":"kube-dns", "pod-template-hash":"5dd5756b68", "projectcalico.org/namespace":"kube-system", "projectcalico.org/orchestrator":"k8s", "projectcalico.org/serviceaccount":"coredns"}, Annotations:map[string]string(nil), OwnerReferences:[]v1.OwnerReference(nil), Finalizers:[]string(nil), ManagedFields:[]v1.ManagedFieldsEntry(nil)}, Spec:v3.WorkloadEndpointSpec{Orchestrator:"k8s", Workload:"", Node:"ci-3510.3.2-a-260490bd8e", ContainerID:"8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923", Pod:"coredns-5dd5756b68-hcnbs", Endpoint:"eth0", ServiceAccountName:"coredns", IPNetworks:[]string{"192.168.29.196/32"}, IPNATs:[]v3.IPNAT(nil), IPv4Gateway:"", IPv6Gateway:"", Profiles:[]string{"kns.kube-system", "ksa.kube-system.coredns"}, InterfaceName:"cali2cdfa806cf9", MAC:"9a:53:ae:35:f6:11", Ports:[]v3.WorkloadEndpointPort{v3.WorkloadEndpointPort{Name:"dns", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"UDP"}, Port:0x35, HostPort:0x0, HostIP:""}, v3.WorkloadEndpointPort{Name:"dns-tcp", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"TCP"}, Port:0x35, HostPort:0x0, HostIP:""}, v3.WorkloadEndpointPort{Name:"metrics", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"TCP"}, Port:0x23c1, HostPort:0x0, HostIP:""}}, AllowSpoofedSourcePrefixes:[]string(nil)}} Feb 9 12:33:59.192859 env[1477]: 2024-02-09 12:33:59.191 [INFO][4876] k8s.go 491: Wrote updated endpoint to datastore ContainerID="8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923" Namespace="kube-system" Pod="coredns-5dd5756b68-hcnbs" WorkloadEndpoint="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0" Feb 9 12:33:59.198802 env[1477]: time="2024-02-09T12:33:59.198766886Z" level=info msg="loading plugin \"io.containerd.event.v1.publisher\"..." runtime=io.containerd.runc.v2 type=io.containerd.event.v1 Feb 9 12:33:59.198802 env[1477]: time="2024-02-09T12:33:59.198789511Z" level=info msg="loading plugin \"io.containerd.internal.v1.shutdown\"..." runtime=io.containerd.runc.v2 type=io.containerd.internal.v1 Feb 9 12:33:59.198802 env[1477]: time="2024-02-09T12:33:59.198797012Z" level=info msg="loading plugin \"io.containerd.ttrpc.v1.task\"..." runtime=io.containerd.runc.v2 type=io.containerd.ttrpc.v1 Feb 9 12:33:59.198921 env[1477]: time="2024-02-09T12:33:59.198866117Z" level=info msg="starting signal loop" namespace=k8s.io path=/run/containerd/io.containerd.runtime.v2.task/k8s.io/8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923 pid=4936 runtime=io.containerd.runc.v2 Feb 9 12:33:59.198000 audit[4941]: NETFILTER_CFG table=filter:106 family=2 entries=34 op=nft_register_chain pid=4941 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" Feb 9 12:33:59.198000 audit[4941]: SYSCALL arch=c000003e syscall=46 success=yes exit=17884 a0=3 a1=7ffc300d06b0 a2=0 a3=7ffc300d069c items=0 ppid=4044 pid=4941 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:59.198000 audit: PROCTITLE proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 Feb 9 12:33:59.217887 systemd[1]: Started cri-containerd-8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923.scope. Feb 9 12:33:59.221000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.221000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.221000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.221000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.221000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.221000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.221000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.221000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.221000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.221000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.221000 audit: BPF prog-id=168 op=LOAD Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { bpf } for pid=4948 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: SYSCALL arch=c000003e syscall=321 success=yes exit=0 a0=f a1=c000199c48 a2=10 a3=1c items=0 ppid=4936 pid=4948 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:59.222000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3838363365613666633662333539303239643131386136366630393034 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { perfmon } for pid=4948 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=0 a1=c0001996b0 a2=3c a3=c items=0 ppid=4936 pid=4948 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:59.222000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3838363365613666633662333539303239643131386136366630393034 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { bpf } for pid=4948 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { bpf } for pid=4948 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { bpf } for pid=4948 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { perfmon } for pid=4948 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { perfmon } for pid=4948 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { perfmon } for pid=4948 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { perfmon } for pid=4948 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { perfmon } for pid=4948 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { bpf } for pid=4948 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { bpf } for pid=4948 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit: BPF prog-id=169 op=LOAD Feb 9 12:33:59.222000 audit[4948]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c0001999d8 a2=78 a3=c000308e80 items=0 ppid=4936 pid=4948 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:59.222000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3838363365613666633662333539303239643131386136366630393034 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { bpf } for pid=4948 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { bpf } for pid=4948 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { perfmon } for pid=4948 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { perfmon } for pid=4948 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { perfmon } for pid=4948 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { perfmon } for pid=4948 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { perfmon } for pid=4948 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { bpf } for pid=4948 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { bpf } for pid=4948 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit: BPF prog-id=170 op=LOAD Feb 9 12:33:59.222000 audit[4948]: SYSCALL arch=c000003e syscall=321 success=yes exit=18 a0=5 a1=c000199770 a2=78 a3=c000308ec8 items=0 ppid=4936 pid=4948 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:59.222000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3838363365613666633662333539303239643131386136366630393034 Feb 9 12:33:59.222000 audit: BPF prog-id=170 op=UNLOAD Feb 9 12:33:59.222000 audit: BPF prog-id=169 op=UNLOAD Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { bpf } for pid=4948 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { bpf } for pid=4948 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { bpf } for pid=4948 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { perfmon } for pid=4948 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { perfmon } for pid=4948 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { perfmon } for pid=4948 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { perfmon } for pid=4948 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { perfmon } for pid=4948 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { bpf } for pid=4948 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit[4948]: AVC avc: denied { bpf } for pid=4948 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.222000 audit: BPF prog-id=171 op=LOAD Feb 9 12:33:59.222000 audit[4948]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c000199c30 a2=78 a3=c0003092d8 items=0 ppid=4936 pid=4948 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:59.222000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3838363365613666633662333539303239643131386136366630393034 Feb 9 12:33:59.254017 env[1477]: time="2024-02-09T12:33:59.253960481Z" level=info msg="RunPodSandbox for &PodSandboxMetadata{Name:coredns-5dd5756b68-hcnbs,Uid:68728d04-1b22-4a01-b400-f233f97ddf7a,Namespace:kube-system,Attempt:1,} returns sandbox id \"8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923\"" Feb 9 12:33:59.255246 env[1477]: time="2024-02-09T12:33:59.255197821Z" level=info msg="CreateContainer within sandbox \"8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923\" for container &ContainerMetadata{Name:coredns,Attempt:0,}" Feb 9 12:33:59.260134 env[1477]: time="2024-02-09T12:33:59.260115943Z" level=info msg="CreateContainer within sandbox \"8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923\" for &ContainerMetadata{Name:coredns,Attempt:0,} returns container id \"4e3b2477688742e426c0305a6c356b2c7f88c4fb2251d611eed4dc35b0ad123f\"" Feb 9 12:33:59.260356 env[1477]: time="2024-02-09T12:33:59.260341914Z" level=info msg="StartContainer for \"4e3b2477688742e426c0305a6c356b2c7f88c4fb2251d611eed4dc35b0ad123f\"" Feb 9 12:33:59.268309 systemd[1]: Started cri-containerd-4e3b2477688742e426c0305a6c356b2c7f88c4fb2251d611eed4dc35b0ad123f.scope. Feb 9 12:33:59.273000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.273000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.273000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.273000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.273000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.273000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.273000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.273000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.273000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.273000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.273000 audit: BPF prog-id=172 op=LOAD Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { bpf } for pid=4976 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: SYSCALL arch=c000003e syscall=321 success=yes exit=0 a0=f a1=c000197c48 a2=10 a3=1c items=0 ppid=4936 pid=4976 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:59.274000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3465336232343737363838373432653432366330333035613663333536 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { perfmon } for pid=4976 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=0 a1=c0001976b0 a2=3c a3=c items=0 ppid=4936 pid=4976 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:59.274000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3465336232343737363838373432653432366330333035613663333536 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { bpf } for pid=4976 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { bpf } for pid=4976 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { bpf } for pid=4976 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { perfmon } for pid=4976 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { perfmon } for pid=4976 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { perfmon } for pid=4976 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { perfmon } for pid=4976 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { perfmon } for pid=4976 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { bpf } for pid=4976 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { bpf } for pid=4976 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit: BPF prog-id=173 op=LOAD Feb 9 12:33:59.274000 audit[4976]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c0001979d8 a2=78 a3=c0003ae120 items=0 ppid=4936 pid=4976 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:59.274000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3465336232343737363838373432653432366330333035613663333536 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { bpf } for pid=4976 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { bpf } for pid=4976 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { perfmon } for pid=4976 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { perfmon } for pid=4976 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { perfmon } for pid=4976 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { perfmon } for pid=4976 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { perfmon } for pid=4976 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { bpf } for pid=4976 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { bpf } for pid=4976 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit: BPF prog-id=174 op=LOAD Feb 9 12:33:59.274000 audit[4976]: SYSCALL arch=c000003e syscall=321 success=yes exit=18 a0=5 a1=c000197770 a2=78 a3=c0003ae168 items=0 ppid=4936 pid=4976 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:59.274000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3465336232343737363838373432653432366330333035613663333536 Feb 9 12:33:59.274000 audit: BPF prog-id=174 op=UNLOAD Feb 9 12:33:59.274000 audit: BPF prog-id=173 op=UNLOAD Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { bpf } for pid=4976 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { bpf } for pid=4976 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { bpf } for pid=4976 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { perfmon } for pid=4976 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { perfmon } for pid=4976 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { perfmon } for pid=4976 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { perfmon } for pid=4976 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { perfmon } for pid=4976 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { bpf } for pid=4976 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit[4976]: AVC avc: denied { bpf } for pid=4976 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:33:59.274000 audit: BPF prog-id=175 op=LOAD Feb 9 12:33:59.274000 audit[4976]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c000197c30 a2=78 a3=c0003ae578 items=0 ppid=4936 pid=4976 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:59.274000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3465336232343737363838373432653432366330333035613663333536 Feb 9 12:33:59.294435 env[1477]: time="2024-02-09T12:33:59.294375876Z" level=info msg="StartContainer for \"4e3b2477688742e426c0305a6c356b2c7f88c4fb2251d611eed4dc35b0ad123f\" returns successfully" Feb 9 12:33:59.383000 audit[5014]: NETFILTER_CFG table=filter:107 family=2 entries=8 op=nft_register_rule pid=5014 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:33:59.383000 audit[5014]: SYSCALL arch=c000003e syscall=46 success=yes exit=2844 a0=3 a1=7ffd3b04df80 a2=0 a3=7ffd3b04df6c items=0 ppid=2874 pid=5014 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:59.383000 audit: PROCTITLE proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:33:59.385000 audit[5014]: NETFILTER_CFG table=nat:108 family=2 entries=44 op=nft_register_rule pid=5014 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:33:59.385000 audit[5014]: SYSCALL arch=c000003e syscall=46 success=yes exit=13788 a0=3 a1=7ffd3b04df80 a2=0 a3=7ffd3b04df6c items=0 ppid=2874 pid=5014 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:33:59.385000 audit: PROCTITLE proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:34:00.286435 systemd-networkd[1320]: cali05433f3eb29: Gained IPv6LL Feb 9 12:34:00.287032 systemd-networkd[1320]: cali2cdfa806cf9: Gained IPv6LL Feb 9 12:34:00.364990 kubelet[2604]: I0209 12:34:00.364909 2604 pod_startup_latency_tracker.go:102] "Observed pod startup duration" pod="kube-system/coredns-5dd5756b68-hcnbs" podStartSLOduration=80.364794791 podCreationTimestamp="2024-02-09 12:32:40 +0000 UTC" firstStartedPulling="0001-01-01 00:00:00 +0000 UTC" lastFinishedPulling="0001-01-01 00:00:00 +0000 UTC" observedRunningTime="2024-02-09 12:33:59.359688212 +0000 UTC m=+92.387175506" watchObservedRunningTime="2024-02-09 12:34:00.364794791 +0000 UTC m=+93.392282057" Feb 9 12:34:00.388000 audit[5019]: NETFILTER_CFG table=filter:109 family=2 entries=8 op=nft_register_rule pid=5019 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:34:00.388000 audit[5019]: SYSCALL arch=c000003e syscall=46 success=yes exit=2844 a0=3 a1=7fff4b522b60 a2=0 a3=7fff4b522b4c items=0 ppid=2874 pid=5019 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:34:00.388000 audit: PROCTITLE proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:34:00.399000 audit[5019]: NETFILTER_CFG table=nat:110 family=2 entries=56 op=nft_register_chain pid=5019 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:34:00.399000 audit[5019]: SYSCALL arch=c000003e syscall=46 success=yes exit=19452 a0=3 a1=7fff4b522b60 a2=0 a3=7fff4b522b4c items=0 ppid=2874 pid=5019 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:34:00.399000 audit: PROCTITLE proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:34:00.629906 sshd[4333]: Received disconnect from 43.156.225.133 port 43374:11: Bye Bye [preauth] Feb 9 12:34:00.629906 sshd[4333]: Disconnected from invalid user zhangrongjing 43.156.225.133 port 43374 [preauth] Feb 9 12:34:00.632611 systemd[1]: sshd@24-86.109.11.101:22-43.156.225.133:43374.service: Deactivated successfully. Feb 9 12:34:00.631000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@24-86.109.11.101:22-43.156.225.133:43374 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:07.435385 systemd[1]: Started sshd@25-86.109.11.101:22-101.35.54.203:38822.service. Feb 9 12:34:07.435000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@25-86.109.11.101:22-101.35.54.203:38822 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:07.473775 kernel: kauditd_printk_skb: 372 callbacks suppressed Feb 9 12:34:07.473849 kernel: audit: type=1130 audit(1707482047.435:1358): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@25-86.109.11.101:22-101.35.54.203:38822 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:08.277902 sshd[5032]: Invalid user wanghy from 101.35.54.203 port 38822 Feb 9 12:34:08.284066 sshd[5032]: pam_faillock(sshd:auth): User unknown Feb 9 12:34:08.285122 sshd[5032]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:34:08.285211 sshd[5032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.35.54.203 Feb 9 12:34:08.286184 sshd[5032]: pam_faillock(sshd:auth): User unknown Feb 9 12:34:08.286000 audit[5032]: USER_AUTH pid=5032 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="wanghy" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:34:08.373343 kernel: audit: type=1100 audit(1707482048.286:1359): pid=5032 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="wanghy" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:34:10.488950 sshd[5032]: Failed password for invalid user wanghy from 101.35.54.203 port 38822 ssh2 Feb 9 12:34:11.238966 systemd[1]: Started sshd@26-86.109.11.101:22-163.228.248.90:43713.service. Feb 9 12:34:11.238000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@26-86.109.11.101:22-163.228.248.90:43713 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:11.325235 kernel: audit: type=1130 audit(1707482051.238:1360): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@26-86.109.11.101:22-163.228.248.90:43713 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:12.307221 sshd[5037]: Invalid user ammar from 163.228.248.90 port 43713 Feb 9 12:34:12.308532 sshd[5037]: pam_faillock(sshd:auth): User unknown Feb 9 12:34:12.308777 sshd[5037]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:34:12.308796 sshd[5037]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.228.248.90 Feb 9 12:34:12.309013 sshd[5037]: pam_faillock(sshd:auth): User unknown Feb 9 12:34:12.308000 audit[5037]: USER_AUTH pid=5037 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="ammar" exe="/usr/sbin/sshd" hostname=163.228.248.90 addr=163.228.248.90 terminal=ssh res=failed' Feb 9 12:34:12.396302 kernel: audit: type=1100 audit(1707482052.308:1361): pid=5037 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="ammar" exe="/usr/sbin/sshd" hostname=163.228.248.90 addr=163.228.248.90 terminal=ssh res=failed' Feb 9 12:34:12.549961 sshd[5032]: Received disconnect from 101.35.54.203 port 38822:11: Bye Bye [preauth] Feb 9 12:34:12.549961 sshd[5032]: Disconnected from invalid user wanghy 101.35.54.203 port 38822 [preauth] Feb 9 12:34:12.552470 systemd[1]: sshd@25-86.109.11.101:22-101.35.54.203:38822.service: Deactivated successfully. Feb 9 12:34:12.552000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@25-86.109.11.101:22-101.35.54.203:38822 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:12.639321 kernel: audit: type=1131 audit(1707482052.552:1362): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@25-86.109.11.101:22-101.35.54.203:38822 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:14.395494 sshd[5037]: Failed password for invalid user ammar from 163.228.248.90 port 43713 ssh2 Feb 9 12:34:16.374636 sshd[5037]: Received disconnect from 163.228.248.90 port 43713:11: Bye Bye [preauth] Feb 9 12:34:16.374636 sshd[5037]: Disconnected from invalid user ammar 163.228.248.90 port 43713 [preauth] Feb 9 12:34:16.377098 systemd[1]: sshd@26-86.109.11.101:22-163.228.248.90:43713.service: Deactivated successfully. Feb 9 12:34:16.376000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@26-86.109.11.101:22-163.228.248.90:43713 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:16.464275 kernel: audit: type=1131 audit(1707482056.376:1363): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@26-86.109.11.101:22-163.228.248.90:43713 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:16.570725 systemd[1]: Started sshd@27-86.109.11.101:22-106.54.212.205:33760.service. Feb 9 12:34:16.569000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@27-86.109.11.101:22-106.54.212.205:33760 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:16.657270 kernel: audit: type=1130 audit(1707482056.569:1364): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@27-86.109.11.101:22-106.54.212.205:33760 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:19.263619 systemd[1]: Started sshd@28-86.109.11.101:22-135.125.161.64:40662.service. Feb 9 12:34:19.262000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@28-86.109.11.101:22-135.125.161.64:40662 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:19.350243 kernel: audit: type=1130 audit(1707482059.262:1365): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@28-86.109.11.101:22-135.125.161.64:40662 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:19.962994 systemd[1]: Started sshd@29-86.109.11.101:22-104.248.145.46:58362.service. Feb 9 12:34:19.962000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@29-86.109.11.101:22-104.248.145.46:58362 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:20.055241 kernel: audit: type=1130 audit(1707482059.962:1366): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@29-86.109.11.101:22-104.248.145.46:58362 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:20.173143 sshd[5057]: Invalid user prometheus from 135.125.161.64 port 40662 Feb 9 12:34:20.179306 sshd[5057]: pam_faillock(sshd:auth): User unknown Feb 9 12:34:20.180305 sshd[5057]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:34:20.180395 sshd[5057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=135.125.161.64 Feb 9 12:34:20.181287 sshd[5057]: pam_faillock(sshd:auth): User unknown Feb 9 12:34:20.180000 audit[5057]: USER_AUTH pid=5057 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="prometheus" exe="/usr/sbin/sshd" hostname=135.125.161.64 addr=135.125.161.64 terminal=ssh res=failed' Feb 9 12:34:20.275406 kernel: audit: type=1100 audit(1707482060.180:1367): pid=5057 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="prometheus" exe="/usr/sbin/sshd" hostname=135.125.161.64 addr=135.125.161.64 terminal=ssh res=failed' Feb 9 12:34:20.998423 sshd[5060]: Invalid user aidana from 104.248.145.46 port 58362 Feb 9 12:34:21.004946 sshd[5060]: pam_faillock(sshd:auth): User unknown Feb 9 12:34:21.005951 sshd[5060]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:34:21.006042 sshd[5060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.145.46 Feb 9 12:34:21.006895 sshd[5060]: pam_faillock(sshd:auth): User unknown Feb 9 12:34:21.005000 audit[5060]: USER_AUTH pid=5060 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="aidana" exe="/usr/sbin/sshd" hostname=104.248.145.46 addr=104.248.145.46 terminal=ssh res=failed' Feb 9 12:34:21.097236 kernel: audit: type=1100 audit(1707482061.005:1368): pid=5060 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="aidana" exe="/usr/sbin/sshd" hostname=104.248.145.46 addr=104.248.145.46 terminal=ssh res=failed' Feb 9 12:34:22.367388 sshd[5057]: Failed password for invalid user prometheus from 135.125.161.64 port 40662 ssh2 Feb 9 12:34:23.080205 sshd[5057]: Received disconnect from 135.125.161.64 port 40662:11: Bye Bye [preauth] Feb 9 12:34:23.080205 sshd[5057]: Disconnected from invalid user prometheus 135.125.161.64 port 40662 [preauth] Feb 9 12:34:23.080866 systemd[1]: sshd@28-86.109.11.101:22-135.125.161.64:40662.service: Deactivated successfully. Feb 9 12:34:23.079000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@28-86.109.11.101:22-135.125.161.64:40662 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:23.171303 kernel: audit: type=1131 audit(1707482063.079:1369): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@28-86.109.11.101:22-135.125.161.64:40662 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:23.322000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:34:23.329488 sshd[5060]: Failed password for invalid user aidana from 104.248.145.46 port 58362 ssh2 Feb 9 12:34:23.322000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001f16500 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:34:23.538543 kernel: audit: type=1400 audit(1707482063.322:1370): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:34:23.538608 kernel: audit: type=1300 audit(1707482063.322:1370): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001f16500 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:34:23.538630 kernel: audit: type=1327 audit(1707482063.322:1370): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:34:23.322000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:34:23.631433 kernel: audit: type=1400 audit(1707482063.322:1371): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:34:23.322000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:34:23.723965 kernel: audit: type=1300 audit(1707482063.322:1371): arch=c000003e syscall=254 success=no exit=-13 a0=b a1=c0020ff470 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:34:23.322000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=b a1=c0020ff470 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:34:23.322000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:34:23.456000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="sda9" ino=521007 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:34:23.456000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=66 a1=c007556ae0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:34:23.456000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:34:23.456000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:34:23.456000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=66 a1=c007556b10 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:34:23.456000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:34:23.456000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="sda9" ino=521013 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:34:23.456000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=67 a1=c004124e40 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:34:23.456000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:34:23.457000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:34:23.457000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=67 a1=c009c0ce80 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:34:23.457000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:34:23.457000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:34:23.457000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=66 a1=c008061900 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:34:23.457000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:34:23.457000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:34:23.457000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=66 a1=c00402d110 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:34:23.457000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:34:25.300611 sshd[5060]: Received disconnect from 104.248.145.46 port 58362:11: Bye Bye [preauth] Feb 9 12:34:25.300611 sshd[5060]: Disconnected from invalid user aidana 104.248.145.46 port 58362 [preauth] Feb 9 12:34:25.302860 systemd[1]: sshd@29-86.109.11.101:22-104.248.145.46:58362.service: Deactivated successfully. Feb 9 12:34:25.302000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@29-86.109.11.101:22-104.248.145.46:58362 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:25.330306 kernel: kauditd_printk_skb: 19 callbacks suppressed Feb 9 12:34:25.330346 kernel: audit: type=1131 audit(1707482065.302:1378): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@29-86.109.11.101:22-104.248.145.46:58362 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:27.025921 env[1477]: time="2024-02-09T12:34:27.025815736Z" level=info msg="StopPodSandbox for \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\"" Feb 9 12:34:27.068218 env[1477]: 2024-02-09 12:34:27.045 [WARNING][5110] k8s.go 542: CNI_CONTAINERID does not match WorkloadEndpoint ConainerID, don't delete WEP. ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" WorkloadEndpoint=&v3.WorkloadEndpoint{TypeMeta:v1.TypeMeta{Kind:"WorkloadEndpoint", APIVersion:"projectcalico.org/v3"}, ObjectMeta:v1.ObjectMeta{Name:"ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0", GenerateName:"coredns-5dd5756b68-", Namespace:"kube-system", SelfLink:"", UID:"6767a203-ea0f-489a-b56d-95cceaa81e84", ResourceVersion:"825", Generation:0, CreationTimestamp:time.Date(2024, time.February, 9, 12, 32, 40, 0, time.Local), DeletionTimestamp:, DeletionGracePeriodSeconds:(*int64)(nil), Labels:map[string]string{"k8s-app":"kube-dns", "pod-template-hash":"5dd5756b68", "projectcalico.org/namespace":"kube-system", "projectcalico.org/orchestrator":"k8s", "projectcalico.org/serviceaccount":"coredns"}, Annotations:map[string]string(nil), OwnerReferences:[]v1.OwnerReference(nil), Finalizers:[]string(nil), ManagedFields:[]v1.ManagedFieldsEntry(nil)}, Spec:v3.WorkloadEndpointSpec{Orchestrator:"k8s", Workload:"", Node:"ci-3510.3.2-a-260490bd8e", ContainerID:"3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b", Pod:"coredns-5dd5756b68-w85nl", Endpoint:"eth0", ServiceAccountName:"coredns", IPNetworks:[]string{"192.168.29.193/32"}, IPNATs:[]v3.IPNAT(nil), IPv4Gateway:"", IPv6Gateway:"", Profiles:[]string{"kns.kube-system", "ksa.kube-system.coredns"}, InterfaceName:"calib01d505d2ad", MAC:"", Ports:[]v3.WorkloadEndpointPort{v3.WorkloadEndpointPort{Name:"dns", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"UDP"}, Port:0x35, HostPort:0x0, HostIP:""}, v3.WorkloadEndpointPort{Name:"dns-tcp", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"TCP"}, Port:0x35, HostPort:0x0, HostIP:""}, v3.WorkloadEndpointPort{Name:"metrics", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"TCP"}, Port:0x23c1, HostPort:0x0, HostIP:""}}, AllowSpoofedSourcePrefixes:[]string(nil)}} Feb 9 12:34:27.068218 env[1477]: 2024-02-09 12:34:27.045 [INFO][5110] k8s.go 578: Cleaning up netns ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Feb 9 12:34:27.068218 env[1477]: 2024-02-09 12:34:27.045 [INFO][5110] dataplane_linux.go 526: CleanUpNamespace called with no netns name, ignoring. ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" iface="eth0" netns="" Feb 9 12:34:27.068218 env[1477]: 2024-02-09 12:34:27.045 [INFO][5110] k8s.go 585: Releasing IP address(es) ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Feb 9 12:34:27.068218 env[1477]: 2024-02-09 12:34:27.045 [INFO][5110] utils.go 188: Calico CNI releasing IP address ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Feb 9 12:34:27.068218 env[1477]: 2024-02-09 12:34:27.058 [INFO][5123] ipam_plugin.go 415: Releasing address using handleID ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" HandleID="k8s-pod-network.1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0" Feb 9 12:34:27.068218 env[1477]: 2024-02-09 12:34:27.058 [INFO][5123] ipam_plugin.go 356: About to acquire host-wide IPAM lock. Feb 9 12:34:27.068218 env[1477]: 2024-02-09 12:34:27.058 [INFO][5123] ipam_plugin.go 371: Acquired host-wide IPAM lock. Feb 9 12:34:27.068218 env[1477]: 2024-02-09 12:34:27.064 [WARNING][5123] ipam_plugin.go 432: Asked to release address but it doesn't exist. Ignoring ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" HandleID="k8s-pod-network.1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0" Feb 9 12:34:27.068218 env[1477]: 2024-02-09 12:34:27.065 [INFO][5123] ipam_plugin.go 443: Releasing address using workloadID ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" HandleID="k8s-pod-network.1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0" Feb 9 12:34:27.068218 env[1477]: 2024-02-09 12:34:27.066 [INFO][5123] ipam_plugin.go 377: Released host-wide IPAM lock. Feb 9 12:34:27.068218 env[1477]: 2024-02-09 12:34:27.067 [INFO][5110] k8s.go 591: Teardown processing complete. ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Feb 9 12:34:27.068726 env[1477]: time="2024-02-09T12:34:27.068251646Z" level=info msg="TearDown network for sandbox \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\" successfully" Feb 9 12:34:27.068726 env[1477]: time="2024-02-09T12:34:27.068279119Z" level=info msg="StopPodSandbox for \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\" returns successfully" Feb 9 12:34:27.068726 env[1477]: time="2024-02-09T12:34:27.068669003Z" level=info msg="RemovePodSandbox for \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\"" Feb 9 12:34:27.068726 env[1477]: time="2024-02-09T12:34:27.068696926Z" level=info msg="Forcibly stopping sandbox \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\"" Feb 9 12:34:27.133773 env[1477]: 2024-02-09 12:34:27.102 [WARNING][5150] k8s.go 542: CNI_CONTAINERID does not match WorkloadEndpoint ConainerID, don't delete WEP. ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" WorkloadEndpoint=&v3.WorkloadEndpoint{TypeMeta:v1.TypeMeta{Kind:"WorkloadEndpoint", APIVersion:"projectcalico.org/v3"}, ObjectMeta:v1.ObjectMeta{Name:"ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0", GenerateName:"coredns-5dd5756b68-", Namespace:"kube-system", SelfLink:"", UID:"6767a203-ea0f-489a-b56d-95cceaa81e84", ResourceVersion:"825", Generation:0, CreationTimestamp:time.Date(2024, time.February, 9, 12, 32, 40, 0, time.Local), DeletionTimestamp:, DeletionGracePeriodSeconds:(*int64)(nil), Labels:map[string]string{"k8s-app":"kube-dns", "pod-template-hash":"5dd5756b68", "projectcalico.org/namespace":"kube-system", "projectcalico.org/orchestrator":"k8s", "projectcalico.org/serviceaccount":"coredns"}, Annotations:map[string]string(nil), OwnerReferences:[]v1.OwnerReference(nil), Finalizers:[]string(nil), ManagedFields:[]v1.ManagedFieldsEntry(nil)}, Spec:v3.WorkloadEndpointSpec{Orchestrator:"k8s", Workload:"", Node:"ci-3510.3.2-a-260490bd8e", ContainerID:"3db23df2a54b8b88b3a9ff1bc5e859393a5699d302468e13ab9ab61d32a00c2b", Pod:"coredns-5dd5756b68-w85nl", Endpoint:"eth0", ServiceAccountName:"coredns", IPNetworks:[]string{"192.168.29.193/32"}, IPNATs:[]v3.IPNAT(nil), IPv4Gateway:"", IPv6Gateway:"", Profiles:[]string{"kns.kube-system", "ksa.kube-system.coredns"}, InterfaceName:"calib01d505d2ad", MAC:"", Ports:[]v3.WorkloadEndpointPort{v3.WorkloadEndpointPort{Name:"dns", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"UDP"}, Port:0x35, HostPort:0x0, HostIP:""}, v3.WorkloadEndpointPort{Name:"dns-tcp", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"TCP"}, Port:0x35, HostPort:0x0, HostIP:""}, v3.WorkloadEndpointPort{Name:"metrics", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"TCP"}, Port:0x23c1, HostPort:0x0, HostIP:""}}, AllowSpoofedSourcePrefixes:[]string(nil)}} Feb 9 12:34:27.133773 env[1477]: 2024-02-09 12:34:27.102 [INFO][5150] k8s.go 578: Cleaning up netns ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Feb 9 12:34:27.133773 env[1477]: 2024-02-09 12:34:27.102 [INFO][5150] dataplane_linux.go 526: CleanUpNamespace called with no netns name, ignoring. ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" iface="eth0" netns="" Feb 9 12:34:27.133773 env[1477]: 2024-02-09 12:34:27.102 [INFO][5150] k8s.go 585: Releasing IP address(es) ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Feb 9 12:34:27.133773 env[1477]: 2024-02-09 12:34:27.102 [INFO][5150] utils.go 188: Calico CNI releasing IP address ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Feb 9 12:34:27.133773 env[1477]: 2024-02-09 12:34:27.122 [INFO][5164] ipam_plugin.go 415: Releasing address using handleID ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" HandleID="k8s-pod-network.1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0" Feb 9 12:34:27.133773 env[1477]: 2024-02-09 12:34:27.122 [INFO][5164] ipam_plugin.go 356: About to acquire host-wide IPAM lock. Feb 9 12:34:27.133773 env[1477]: 2024-02-09 12:34:27.122 [INFO][5164] ipam_plugin.go 371: Acquired host-wide IPAM lock. Feb 9 12:34:27.133773 env[1477]: 2024-02-09 12:34:27.130 [WARNING][5164] ipam_plugin.go 432: Asked to release address but it doesn't exist. Ignoring ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" HandleID="k8s-pod-network.1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0" Feb 9 12:34:27.133773 env[1477]: 2024-02-09 12:34:27.130 [INFO][5164] ipam_plugin.go 443: Releasing address using workloadID ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" HandleID="k8s-pod-network.1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--w85nl-eth0" Feb 9 12:34:27.133773 env[1477]: 2024-02-09 12:34:27.131 [INFO][5164] ipam_plugin.go 377: Released host-wide IPAM lock. Feb 9 12:34:27.133773 env[1477]: 2024-02-09 12:34:27.132 [INFO][5150] k8s.go 591: Teardown processing complete. ContainerID="1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe" Feb 9 12:34:27.134425 env[1477]: time="2024-02-09T12:34:27.133769234Z" level=info msg="TearDown network for sandbox \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\" successfully" Feb 9 12:34:27.135879 env[1477]: time="2024-02-09T12:34:27.135848965Z" level=info msg="RemovePodSandbox \"1ec939254eff9f7096e5c6a22cd9921916cdf9a9af41c42372e71523536058fe\" returns successfully" Feb 9 12:34:27.136259 env[1477]: time="2024-02-09T12:34:27.136217364Z" level=info msg="StopPodSandbox for \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\"" Feb 9 12:34:27.203961 env[1477]: 2024-02-09 12:34:27.171 [WARNING][5192] k8s.go 542: CNI_CONTAINERID does not match WorkloadEndpoint ConainerID, don't delete WEP. ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" WorkloadEndpoint=&v3.WorkloadEndpoint{TypeMeta:v1.TypeMeta{Kind:"WorkloadEndpoint", APIVersion:"projectcalico.org/v3"}, ObjectMeta:v1.ObjectMeta{Name:"ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0", GenerateName:"csi-node-driver-", Namespace:"calico-system", SelfLink:"", UID:"9d7d849f-47a3-4ce5-b643-2347a74f746a", ResourceVersion:"835", Generation:0, CreationTimestamp:time.Date(2024, time.February, 9, 12, 32, 45, 0, time.Local), DeletionTimestamp:, DeletionGracePeriodSeconds:(*int64)(nil), Labels:map[string]string{"app.kubernetes.io/name":"csi-node-driver", "controller-revision-hash":"676488fcc9", "k8s-app":"csi-node-driver", "name":"csi-node-driver", "pod-template-generation":"1", "projectcalico.org/namespace":"calico-system", "projectcalico.org/orchestrator":"k8s", "projectcalico.org/serviceaccount":"default"}, Annotations:map[string]string(nil), OwnerReferences:[]v1.OwnerReference(nil), Finalizers:[]string(nil), ManagedFields:[]v1.ManagedFieldsEntry(nil)}, Spec:v3.WorkloadEndpointSpec{Orchestrator:"k8s", Workload:"", Node:"ci-3510.3.2-a-260490bd8e", ContainerID:"8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb", Pod:"csi-node-driver-8dfwv", Endpoint:"eth0", ServiceAccountName:"default", IPNetworks:[]string{"192.168.29.195/32"}, IPNATs:[]v3.IPNAT(nil), IPv4Gateway:"", IPv6Gateway:"", Profiles:[]string{"kns.calico-system", "ksa.calico-system.default"}, InterfaceName:"cali05433f3eb29", MAC:"", Ports:[]v3.WorkloadEndpointPort(nil), AllowSpoofedSourcePrefixes:[]string(nil)}} Feb 9 12:34:27.203961 env[1477]: 2024-02-09 12:34:27.171 [INFO][5192] k8s.go 578: Cleaning up netns ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Feb 9 12:34:27.203961 env[1477]: 2024-02-09 12:34:27.171 [INFO][5192] dataplane_linux.go 526: CleanUpNamespace called with no netns name, ignoring. ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" iface="eth0" netns="" Feb 9 12:34:27.203961 env[1477]: 2024-02-09 12:34:27.171 [INFO][5192] k8s.go 585: Releasing IP address(es) ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Feb 9 12:34:27.203961 env[1477]: 2024-02-09 12:34:27.171 [INFO][5192] utils.go 188: Calico CNI releasing IP address ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Feb 9 12:34:27.203961 env[1477]: 2024-02-09 12:34:27.191 [INFO][5207] ipam_plugin.go 415: Releasing address using handleID ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" HandleID="k8s-pod-network.bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Workload="ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0" Feb 9 12:34:27.203961 env[1477]: 2024-02-09 12:34:27.191 [INFO][5207] ipam_plugin.go 356: About to acquire host-wide IPAM lock. Feb 9 12:34:27.203961 env[1477]: 2024-02-09 12:34:27.191 [INFO][5207] ipam_plugin.go 371: Acquired host-wide IPAM lock. Feb 9 12:34:27.203961 env[1477]: 2024-02-09 12:34:27.199 [WARNING][5207] ipam_plugin.go 432: Asked to release address but it doesn't exist. Ignoring ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" HandleID="k8s-pod-network.bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Workload="ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0" Feb 9 12:34:27.203961 env[1477]: 2024-02-09 12:34:27.199 [INFO][5207] ipam_plugin.go 443: Releasing address using workloadID ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" HandleID="k8s-pod-network.bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Workload="ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0" Feb 9 12:34:27.203961 env[1477]: 2024-02-09 12:34:27.200 [INFO][5207] ipam_plugin.go 377: Released host-wide IPAM lock. Feb 9 12:34:27.203961 env[1477]: 2024-02-09 12:34:27.202 [INFO][5192] k8s.go 591: Teardown processing complete. ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Feb 9 12:34:27.204609 env[1477]: time="2024-02-09T12:34:27.203985624Z" level=info msg="TearDown network for sandbox \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\" successfully" Feb 9 12:34:27.204609 env[1477]: time="2024-02-09T12:34:27.204017767Z" level=info msg="StopPodSandbox for \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\" returns successfully" Feb 9 12:34:27.204609 env[1477]: time="2024-02-09T12:34:27.204430039Z" level=info msg="RemovePodSandbox for \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\"" Feb 9 12:34:27.204609 env[1477]: time="2024-02-09T12:34:27.204461731Z" level=info msg="Forcibly stopping sandbox \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\"" Feb 9 12:34:27.275720 env[1477]: 2024-02-09 12:34:27.238 [WARNING][5240] k8s.go 542: CNI_CONTAINERID does not match WorkloadEndpoint ConainerID, don't delete WEP. ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" WorkloadEndpoint=&v3.WorkloadEndpoint{TypeMeta:v1.TypeMeta{Kind:"WorkloadEndpoint", APIVersion:"projectcalico.org/v3"}, ObjectMeta:v1.ObjectMeta{Name:"ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0", GenerateName:"csi-node-driver-", Namespace:"calico-system", SelfLink:"", UID:"9d7d849f-47a3-4ce5-b643-2347a74f746a", ResourceVersion:"835", Generation:0, CreationTimestamp:time.Date(2024, time.February, 9, 12, 32, 45, 0, time.Local), DeletionTimestamp:, DeletionGracePeriodSeconds:(*int64)(nil), Labels:map[string]string{"app.kubernetes.io/name":"csi-node-driver", "controller-revision-hash":"676488fcc9", "k8s-app":"csi-node-driver", "name":"csi-node-driver", "pod-template-generation":"1", "projectcalico.org/namespace":"calico-system", "projectcalico.org/orchestrator":"k8s", "projectcalico.org/serviceaccount":"default"}, Annotations:map[string]string(nil), OwnerReferences:[]v1.OwnerReference(nil), Finalizers:[]string(nil), ManagedFields:[]v1.ManagedFieldsEntry(nil)}, Spec:v3.WorkloadEndpointSpec{Orchestrator:"k8s", Workload:"", Node:"ci-3510.3.2-a-260490bd8e", ContainerID:"8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb", Pod:"csi-node-driver-8dfwv", Endpoint:"eth0", ServiceAccountName:"default", IPNetworks:[]string{"192.168.29.195/32"}, IPNATs:[]v3.IPNAT(nil), IPv4Gateway:"", IPv6Gateway:"", Profiles:[]string{"kns.calico-system", "ksa.calico-system.default"}, InterfaceName:"cali05433f3eb29", MAC:"", Ports:[]v3.WorkloadEndpointPort(nil), AllowSpoofedSourcePrefixes:[]string(nil)}} Feb 9 12:34:27.275720 env[1477]: 2024-02-09 12:34:27.239 [INFO][5240] k8s.go 578: Cleaning up netns ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Feb 9 12:34:27.275720 env[1477]: 2024-02-09 12:34:27.239 [INFO][5240] dataplane_linux.go 526: CleanUpNamespace called with no netns name, ignoring. ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" iface="eth0" netns="" Feb 9 12:34:27.275720 env[1477]: 2024-02-09 12:34:27.239 [INFO][5240] k8s.go 585: Releasing IP address(es) ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Feb 9 12:34:27.275720 env[1477]: 2024-02-09 12:34:27.239 [INFO][5240] utils.go 188: Calico CNI releasing IP address ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Feb 9 12:34:27.275720 env[1477]: 2024-02-09 12:34:27.258 [INFO][5256] ipam_plugin.go 415: Releasing address using handleID ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" HandleID="k8s-pod-network.bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Workload="ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0" Feb 9 12:34:27.275720 env[1477]: 2024-02-09 12:34:27.259 [INFO][5256] ipam_plugin.go 356: About to acquire host-wide IPAM lock. Feb 9 12:34:27.275720 env[1477]: 2024-02-09 12:34:27.259 [INFO][5256] ipam_plugin.go 371: Acquired host-wide IPAM lock. Feb 9 12:34:27.275720 env[1477]: 2024-02-09 12:34:27.267 [WARNING][5256] ipam_plugin.go 432: Asked to release address but it doesn't exist. Ignoring ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" HandleID="k8s-pod-network.bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Workload="ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0" Feb 9 12:34:27.275720 env[1477]: 2024-02-09 12:34:27.267 [INFO][5256] ipam_plugin.go 443: Releasing address using workloadID ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" HandleID="k8s-pod-network.bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Workload="ci--3510.3.2--a--260490bd8e-k8s-csi--node--driver--8dfwv-eth0" Feb 9 12:34:27.275720 env[1477]: 2024-02-09 12:34:27.270 [INFO][5256] ipam_plugin.go 377: Released host-wide IPAM lock. Feb 9 12:34:27.275720 env[1477]: 2024-02-09 12:34:27.273 [INFO][5240] k8s.go 591: Teardown processing complete. ContainerID="bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43" Feb 9 12:34:27.277477 env[1477]: time="2024-02-09T12:34:27.275758637Z" level=info msg="TearDown network for sandbox \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\" successfully" Feb 9 12:34:27.279754 env[1477]: time="2024-02-09T12:34:27.279695196Z" level=info msg="RemovePodSandbox \"bf08b15553db8fcd99396f19b5565801ea15278d8eb0cfecc75b2c0fce480e43\" returns successfully" Feb 9 12:34:27.280678 env[1477]: time="2024-02-09T12:34:27.280572717Z" level=info msg="StopPodSandbox for \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\"" Feb 9 12:34:27.382876 env[1477]: 2024-02-09 12:34:27.344 [WARNING][5289] k8s.go 542: CNI_CONTAINERID does not match WorkloadEndpoint ConainerID, don't delete WEP. ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" WorkloadEndpoint=&v3.WorkloadEndpoint{TypeMeta:v1.TypeMeta{Kind:"WorkloadEndpoint", APIVersion:"projectcalico.org/v3"}, ObjectMeta:v1.ObjectMeta{Name:"ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0", GenerateName:"calico-kube-controllers-8598b7b64f-", Namespace:"calico-system", SelfLink:"", UID:"9dece026-c927-4497-a4b2-37fd11886d77", ResourceVersion:"817", Generation:0, CreationTimestamp:time.Date(2024, time.February, 9, 12, 32, 45, 0, time.Local), DeletionTimestamp:, DeletionGracePeriodSeconds:(*int64)(nil), Labels:map[string]string{"app.kubernetes.io/name":"calico-kube-controllers", "k8s-app":"calico-kube-controllers", "pod-template-hash":"8598b7b64f", "projectcalico.org/namespace":"calico-system", "projectcalico.org/orchestrator":"k8s", "projectcalico.org/serviceaccount":"calico-kube-controllers"}, Annotations:map[string]string(nil), OwnerReferences:[]v1.OwnerReference(nil), Finalizers:[]string(nil), ManagedFields:[]v1.ManagedFieldsEntry(nil)}, Spec:v3.WorkloadEndpointSpec{Orchestrator:"k8s", Workload:"", Node:"ci-3510.3.2-a-260490bd8e", ContainerID:"ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da", Pod:"calico-kube-controllers-8598b7b64f-447jc", Endpoint:"eth0", ServiceAccountName:"calico-kube-controllers", IPNetworks:[]string{"192.168.29.194/32"}, IPNATs:[]v3.IPNAT(nil), IPv4Gateway:"", IPv6Gateway:"", Profiles:[]string{"kns.calico-system", "ksa.calico-system.calico-kube-controllers"}, InterfaceName:"cali04585fa2f12", MAC:"", Ports:[]v3.WorkloadEndpointPort(nil), AllowSpoofedSourcePrefixes:[]string(nil)}} Feb 9 12:34:27.382876 env[1477]: 2024-02-09 12:34:27.344 [INFO][5289] k8s.go 578: Cleaning up netns ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Feb 9 12:34:27.382876 env[1477]: 2024-02-09 12:34:27.344 [INFO][5289] dataplane_linux.go 526: CleanUpNamespace called with no netns name, ignoring. ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" iface="eth0" netns="" Feb 9 12:34:27.382876 env[1477]: 2024-02-09 12:34:27.344 [INFO][5289] k8s.go 585: Releasing IP address(es) ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Feb 9 12:34:27.382876 env[1477]: 2024-02-09 12:34:27.344 [INFO][5289] utils.go 188: Calico CNI releasing IP address ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Feb 9 12:34:27.382876 env[1477]: 2024-02-09 12:34:27.368 [INFO][5306] ipam_plugin.go 415: Releasing address using handleID ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" HandleID="k8s-pod-network.cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Workload="ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0" Feb 9 12:34:27.382876 env[1477]: 2024-02-09 12:34:27.368 [INFO][5306] ipam_plugin.go 356: About to acquire host-wide IPAM lock. Feb 9 12:34:27.382876 env[1477]: 2024-02-09 12:34:27.368 [INFO][5306] ipam_plugin.go 371: Acquired host-wide IPAM lock. Feb 9 12:34:27.382876 env[1477]: 2024-02-09 12:34:27.377 [WARNING][5306] ipam_plugin.go 432: Asked to release address but it doesn't exist. Ignoring ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" HandleID="k8s-pod-network.cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Workload="ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0" Feb 9 12:34:27.382876 env[1477]: 2024-02-09 12:34:27.377 [INFO][5306] ipam_plugin.go 443: Releasing address using workloadID ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" HandleID="k8s-pod-network.cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Workload="ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0" Feb 9 12:34:27.382876 env[1477]: 2024-02-09 12:34:27.380 [INFO][5306] ipam_plugin.go 377: Released host-wide IPAM lock. Feb 9 12:34:27.382876 env[1477]: 2024-02-09 12:34:27.381 [INFO][5289] k8s.go 591: Teardown processing complete. ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Feb 9 12:34:27.383763 env[1477]: time="2024-02-09T12:34:27.382909960Z" level=info msg="TearDown network for sandbox \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\" successfully" Feb 9 12:34:27.383763 env[1477]: time="2024-02-09T12:34:27.382948922Z" level=info msg="StopPodSandbox for \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\" returns successfully" Feb 9 12:34:27.383763 env[1477]: time="2024-02-09T12:34:27.383492559Z" level=info msg="RemovePodSandbox for \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\"" Feb 9 12:34:27.383763 env[1477]: time="2024-02-09T12:34:27.383544050Z" level=info msg="Forcibly stopping sandbox \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\"" Feb 9 12:34:27.465544 env[1477]: 2024-02-09 12:34:27.428 [WARNING][5341] k8s.go 542: CNI_CONTAINERID does not match WorkloadEndpoint ConainerID, don't delete WEP. ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" WorkloadEndpoint=&v3.WorkloadEndpoint{TypeMeta:v1.TypeMeta{Kind:"WorkloadEndpoint", APIVersion:"projectcalico.org/v3"}, ObjectMeta:v1.ObjectMeta{Name:"ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0", GenerateName:"calico-kube-controllers-8598b7b64f-", Namespace:"calico-system", SelfLink:"", UID:"9dece026-c927-4497-a4b2-37fd11886d77", ResourceVersion:"817", Generation:0, CreationTimestamp:time.Date(2024, time.February, 9, 12, 32, 45, 0, time.Local), DeletionTimestamp:, DeletionGracePeriodSeconds:(*int64)(nil), Labels:map[string]string{"app.kubernetes.io/name":"calico-kube-controllers", "k8s-app":"calico-kube-controllers", "pod-template-hash":"8598b7b64f", "projectcalico.org/namespace":"calico-system", "projectcalico.org/orchestrator":"k8s", "projectcalico.org/serviceaccount":"calico-kube-controllers"}, Annotations:map[string]string(nil), OwnerReferences:[]v1.OwnerReference(nil), Finalizers:[]string(nil), ManagedFields:[]v1.ManagedFieldsEntry(nil)}, Spec:v3.WorkloadEndpointSpec{Orchestrator:"k8s", Workload:"", Node:"ci-3510.3.2-a-260490bd8e", ContainerID:"ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da", Pod:"calico-kube-controllers-8598b7b64f-447jc", Endpoint:"eth0", ServiceAccountName:"calico-kube-controllers", IPNetworks:[]string{"192.168.29.194/32"}, IPNATs:[]v3.IPNAT(nil), IPv4Gateway:"", IPv6Gateway:"", Profiles:[]string{"kns.calico-system", "ksa.calico-system.calico-kube-controllers"}, InterfaceName:"cali04585fa2f12", MAC:"", Ports:[]v3.WorkloadEndpointPort(nil), AllowSpoofedSourcePrefixes:[]string(nil)}} Feb 9 12:34:27.465544 env[1477]: 2024-02-09 12:34:27.428 [INFO][5341] k8s.go 578: Cleaning up netns ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Feb 9 12:34:27.465544 env[1477]: 2024-02-09 12:34:27.428 [INFO][5341] dataplane_linux.go 526: CleanUpNamespace called with no netns name, ignoring. ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" iface="eth0" netns="" Feb 9 12:34:27.465544 env[1477]: 2024-02-09 12:34:27.428 [INFO][5341] k8s.go 585: Releasing IP address(es) ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Feb 9 12:34:27.465544 env[1477]: 2024-02-09 12:34:27.428 [INFO][5341] utils.go 188: Calico CNI releasing IP address ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Feb 9 12:34:27.465544 env[1477]: 2024-02-09 12:34:27.448 [INFO][5359] ipam_plugin.go 415: Releasing address using handleID ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" HandleID="k8s-pod-network.cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Workload="ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0" Feb 9 12:34:27.465544 env[1477]: 2024-02-09 12:34:27.448 [INFO][5359] ipam_plugin.go 356: About to acquire host-wide IPAM lock. Feb 9 12:34:27.465544 env[1477]: 2024-02-09 12:34:27.448 [INFO][5359] ipam_plugin.go 371: Acquired host-wide IPAM lock. Feb 9 12:34:27.465544 env[1477]: 2024-02-09 12:34:27.457 [WARNING][5359] ipam_plugin.go 432: Asked to release address but it doesn't exist. Ignoring ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" HandleID="k8s-pod-network.cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Workload="ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0" Feb 9 12:34:27.465544 env[1477]: 2024-02-09 12:34:27.457 [INFO][5359] ipam_plugin.go 443: Releasing address using workloadID ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" HandleID="k8s-pod-network.cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Workload="ci--3510.3.2--a--260490bd8e-k8s-calico--kube--controllers--8598b7b64f--447jc-eth0" Feb 9 12:34:27.465544 env[1477]: 2024-02-09 12:34:27.460 [INFO][5359] ipam_plugin.go 377: Released host-wide IPAM lock. Feb 9 12:34:27.465544 env[1477]: 2024-02-09 12:34:27.463 [INFO][5341] k8s.go 591: Teardown processing complete. ContainerID="cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3" Feb 9 12:34:27.467048 env[1477]: time="2024-02-09T12:34:27.465595972Z" level=info msg="TearDown network for sandbox \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\" successfully" Feb 9 12:34:27.469611 env[1477]: time="2024-02-09T12:34:27.469512998Z" level=info msg="RemovePodSandbox \"cee59f1d6426566b48a9506feebaa3bfbc7042f41e9ebf844cdfb96b6bc471c3\" returns successfully" Feb 9 12:34:27.470502 env[1477]: time="2024-02-09T12:34:27.470400934Z" level=info msg="StopPodSandbox for \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\"" Feb 9 12:34:27.562569 env[1477]: 2024-02-09 12:34:27.530 [WARNING][5389] k8s.go 542: CNI_CONTAINERID does not match WorkloadEndpoint ConainerID, don't delete WEP. ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" WorkloadEndpoint=&v3.WorkloadEndpoint{TypeMeta:v1.TypeMeta{Kind:"WorkloadEndpoint", APIVersion:"projectcalico.org/v3"}, ObjectMeta:v1.ObjectMeta{Name:"ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0", GenerateName:"coredns-5dd5756b68-", Namespace:"kube-system", SelfLink:"", UID:"68728d04-1b22-4a01-b400-f233f97ddf7a", ResourceVersion:"852", Generation:0, CreationTimestamp:time.Date(2024, time.February, 9, 12, 32, 40, 0, time.Local), DeletionTimestamp:, DeletionGracePeriodSeconds:(*int64)(nil), Labels:map[string]string{"k8s-app":"kube-dns", "pod-template-hash":"5dd5756b68", "projectcalico.org/namespace":"kube-system", "projectcalico.org/orchestrator":"k8s", "projectcalico.org/serviceaccount":"coredns"}, Annotations:map[string]string(nil), OwnerReferences:[]v1.OwnerReference(nil), Finalizers:[]string(nil), ManagedFields:[]v1.ManagedFieldsEntry(nil)}, Spec:v3.WorkloadEndpointSpec{Orchestrator:"k8s", Workload:"", Node:"ci-3510.3.2-a-260490bd8e", ContainerID:"8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923", Pod:"coredns-5dd5756b68-hcnbs", Endpoint:"eth0", ServiceAccountName:"coredns", IPNetworks:[]string{"192.168.29.196/32"}, IPNATs:[]v3.IPNAT(nil), IPv4Gateway:"", IPv6Gateway:"", Profiles:[]string{"kns.kube-system", "ksa.kube-system.coredns"}, InterfaceName:"cali2cdfa806cf9", MAC:"", Ports:[]v3.WorkloadEndpointPort{v3.WorkloadEndpointPort{Name:"dns", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"UDP"}, Port:0x35, HostPort:0x0, HostIP:""}, v3.WorkloadEndpointPort{Name:"dns-tcp", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"TCP"}, Port:0x35, HostPort:0x0, HostIP:""}, v3.WorkloadEndpointPort{Name:"metrics", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"TCP"}, Port:0x23c1, HostPort:0x0, HostIP:""}}, AllowSpoofedSourcePrefixes:[]string(nil)}} Feb 9 12:34:27.562569 env[1477]: 2024-02-09 12:34:27.530 [INFO][5389] k8s.go 578: Cleaning up netns ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Feb 9 12:34:27.562569 env[1477]: 2024-02-09 12:34:27.530 [INFO][5389] dataplane_linux.go 526: CleanUpNamespace called with no netns name, ignoring. ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" iface="eth0" netns="" Feb 9 12:34:27.562569 env[1477]: 2024-02-09 12:34:27.530 [INFO][5389] k8s.go 585: Releasing IP address(es) ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Feb 9 12:34:27.562569 env[1477]: 2024-02-09 12:34:27.530 [INFO][5389] utils.go 188: Calico CNI releasing IP address ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Feb 9 12:34:27.562569 env[1477]: 2024-02-09 12:34:27.550 [INFO][5407] ipam_plugin.go 415: Releasing address using handleID ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" HandleID="k8s-pod-network.cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0" Feb 9 12:34:27.562569 env[1477]: 2024-02-09 12:34:27.550 [INFO][5407] ipam_plugin.go 356: About to acquire host-wide IPAM lock. Feb 9 12:34:27.562569 env[1477]: 2024-02-09 12:34:27.550 [INFO][5407] ipam_plugin.go 371: Acquired host-wide IPAM lock. Feb 9 12:34:27.562569 env[1477]: 2024-02-09 12:34:27.558 [WARNING][5407] ipam_plugin.go 432: Asked to release address but it doesn't exist. Ignoring ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" HandleID="k8s-pod-network.cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0" Feb 9 12:34:27.562569 env[1477]: 2024-02-09 12:34:27.558 [INFO][5407] ipam_plugin.go 443: Releasing address using workloadID ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" HandleID="k8s-pod-network.cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0" Feb 9 12:34:27.562569 env[1477]: 2024-02-09 12:34:27.560 [INFO][5407] ipam_plugin.go 377: Released host-wide IPAM lock. Feb 9 12:34:27.562569 env[1477]: 2024-02-09 12:34:27.561 [INFO][5389] k8s.go 591: Teardown processing complete. ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Feb 9 12:34:27.563279 env[1477]: time="2024-02-09T12:34:27.562595205Z" level=info msg="TearDown network for sandbox \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\" successfully" Feb 9 12:34:27.563279 env[1477]: time="2024-02-09T12:34:27.562627829Z" level=info msg="StopPodSandbox for \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\" returns successfully" Feb 9 12:34:27.563279 env[1477]: time="2024-02-09T12:34:27.563050171Z" level=info msg="RemovePodSandbox for \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\"" Feb 9 12:34:27.563279 env[1477]: time="2024-02-09T12:34:27.563083501Z" level=info msg="Forcibly stopping sandbox \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\"" Feb 9 12:34:27.626862 env[1477]: 2024-02-09 12:34:27.597 [WARNING][5441] k8s.go 542: CNI_CONTAINERID does not match WorkloadEndpoint ConainerID, don't delete WEP. ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" WorkloadEndpoint=&v3.WorkloadEndpoint{TypeMeta:v1.TypeMeta{Kind:"WorkloadEndpoint", APIVersion:"projectcalico.org/v3"}, ObjectMeta:v1.ObjectMeta{Name:"ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0", GenerateName:"coredns-5dd5756b68-", Namespace:"kube-system", SelfLink:"", UID:"68728d04-1b22-4a01-b400-f233f97ddf7a", ResourceVersion:"852", Generation:0, CreationTimestamp:time.Date(2024, time.February, 9, 12, 32, 40, 0, time.Local), DeletionTimestamp:, DeletionGracePeriodSeconds:(*int64)(nil), Labels:map[string]string{"k8s-app":"kube-dns", "pod-template-hash":"5dd5756b68", "projectcalico.org/namespace":"kube-system", "projectcalico.org/orchestrator":"k8s", "projectcalico.org/serviceaccount":"coredns"}, Annotations:map[string]string(nil), OwnerReferences:[]v1.OwnerReference(nil), Finalizers:[]string(nil), ManagedFields:[]v1.ManagedFieldsEntry(nil)}, Spec:v3.WorkloadEndpointSpec{Orchestrator:"k8s", Workload:"", Node:"ci-3510.3.2-a-260490bd8e", ContainerID:"8863ea6fc6b359029d118a66f090402dd5bb9f707e9e7194b70af71fcd4cf923", Pod:"coredns-5dd5756b68-hcnbs", Endpoint:"eth0", ServiceAccountName:"coredns", IPNetworks:[]string{"192.168.29.196/32"}, IPNATs:[]v3.IPNAT(nil), IPv4Gateway:"", IPv6Gateway:"", Profiles:[]string{"kns.kube-system", "ksa.kube-system.coredns"}, InterfaceName:"cali2cdfa806cf9", MAC:"", Ports:[]v3.WorkloadEndpointPort{v3.WorkloadEndpointPort{Name:"dns", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"UDP"}, Port:0x35, HostPort:0x0, HostIP:""}, v3.WorkloadEndpointPort{Name:"dns-tcp", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"TCP"}, Port:0x35, HostPort:0x0, HostIP:""}, v3.WorkloadEndpointPort{Name:"metrics", Protocol:numorstring.Protocol{Type:1, NumVal:0x0, StrVal:"TCP"}, Port:0x23c1, HostPort:0x0, HostIP:""}}, AllowSpoofedSourcePrefixes:[]string(nil)}} Feb 9 12:34:27.626862 env[1477]: 2024-02-09 12:34:27.597 [INFO][5441] k8s.go 578: Cleaning up netns ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Feb 9 12:34:27.626862 env[1477]: 2024-02-09 12:34:27.597 [INFO][5441] dataplane_linux.go 526: CleanUpNamespace called with no netns name, ignoring. ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" iface="eth0" netns="" Feb 9 12:34:27.626862 env[1477]: 2024-02-09 12:34:27.597 [INFO][5441] k8s.go 585: Releasing IP address(es) ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Feb 9 12:34:27.626862 env[1477]: 2024-02-09 12:34:27.597 [INFO][5441] utils.go 188: Calico CNI releasing IP address ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Feb 9 12:34:27.626862 env[1477]: 2024-02-09 12:34:27.616 [INFO][5457] ipam_plugin.go 415: Releasing address using handleID ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" HandleID="k8s-pod-network.cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0" Feb 9 12:34:27.626862 env[1477]: 2024-02-09 12:34:27.616 [INFO][5457] ipam_plugin.go 356: About to acquire host-wide IPAM lock. Feb 9 12:34:27.626862 env[1477]: 2024-02-09 12:34:27.616 [INFO][5457] ipam_plugin.go 371: Acquired host-wide IPAM lock. Feb 9 12:34:27.626862 env[1477]: 2024-02-09 12:34:27.623 [WARNING][5457] ipam_plugin.go 432: Asked to release address but it doesn't exist. Ignoring ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" HandleID="k8s-pod-network.cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0" Feb 9 12:34:27.626862 env[1477]: 2024-02-09 12:34:27.623 [INFO][5457] ipam_plugin.go 443: Releasing address using workloadID ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" HandleID="k8s-pod-network.cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Workload="ci--3510.3.2--a--260490bd8e-k8s-coredns--5dd5756b68--hcnbs-eth0" Feb 9 12:34:27.626862 env[1477]: 2024-02-09 12:34:27.624 [INFO][5457] ipam_plugin.go 377: Released host-wide IPAM lock. Feb 9 12:34:27.626862 env[1477]: 2024-02-09 12:34:27.625 [INFO][5441] k8s.go 591: Teardown processing complete. ContainerID="cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995" Feb 9 12:34:27.627348 env[1477]: time="2024-02-09T12:34:27.626883901Z" level=info msg="TearDown network for sandbox \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\" successfully" Feb 9 12:34:27.628522 env[1477]: time="2024-02-09T12:34:27.628501560Z" level=info msg="RemovePodSandbox \"cdac377e15bdfc0b4b53248da17085edff5866a0131ae29e9cd445dc07752995\" returns successfully" Feb 9 12:34:31.290541 systemd[1]: Started sshd@30-86.109.11.101:22-43.153.64.49:59688.service. Feb 9 12:34:31.289000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@30-86.109.11.101:22-43.153.64.49:59688 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:31.382234 kernel: audit: type=1130 audit(1707482071.289:1379): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@30-86.109.11.101:22-43.153.64.49:59688 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:31.442369 sshd[5471]: Invalid user hamidsm from 43.153.64.49 port 59688 Feb 9 12:34:31.443983 sshd[5471]: pam_faillock(sshd:auth): User unknown Feb 9 12:34:31.444264 sshd[5471]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:34:31.444287 sshd[5471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.153.64.49 Feb 9 12:34:31.444536 sshd[5471]: pam_faillock(sshd:auth): User unknown Feb 9 12:34:31.443000 audit[5471]: USER_AUTH pid=5471 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="hamidsm" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:34:31.535309 kernel: audit: type=1100 audit(1707482071.443:1380): pid=5471 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="hamidsm" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:34:33.806454 sshd[5471]: Failed password for invalid user hamidsm from 43.153.64.49 port 59688 ssh2 Feb 9 12:34:34.668988 sshd[5471]: Received disconnect from 43.153.64.49 port 59688:11: Bye Bye [preauth] Feb 9 12:34:34.668988 sshd[5471]: Disconnected from invalid user hamidsm 43.153.64.49 port 59688 [preauth] Feb 9 12:34:34.671494 systemd[1]: sshd@30-86.109.11.101:22-43.153.64.49:59688.service: Deactivated successfully. Feb 9 12:34:34.670000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@30-86.109.11.101:22-43.153.64.49:59688 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:34.764430 kernel: audit: type=1131 audit(1707482074.670:1381): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@30-86.109.11.101:22-43.153.64.49:59688 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:39.217000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:34:39.217000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001f16920 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:34:39.432778 kernel: audit: type=1400 audit(1707482079.217:1382): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:34:39.432821 kernel: audit: type=1300 audit(1707482079.217:1382): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001f16920 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:34:39.432841 kernel: audit: type=1327 audit(1707482079.217:1382): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:34:39.217000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:34:39.219000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:34:39.616898 kernel: audit: type=1400 audit(1707482079.219:1383): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:34:39.616933 kernel: audit: type=1300 audit(1707482079.219:1383): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0012b5a60 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:34:39.219000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0012b5a60 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:34:39.737594 kernel: audit: type=1327 audit(1707482079.219:1383): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:34:39.219000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:34:39.831128 kernel: audit: type=1400 audit(1707482079.220:1384): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:34:39.220000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:34:39.921428 kernel: audit: type=1300 audit(1707482079.220:1384): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c002f9cb00 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:34:39.220000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c002f9cb00 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:34:40.041994 kernel: audit: type=1327 audit(1707482079.220:1384): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:34:39.220000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:34:39.221000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:34:40.226064 kernel: audit: type=1400 audit(1707482079.221:1385): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:34:39.221000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c002f9cb20 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:34:39.221000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:34:40.643308 systemd[1]: Started sshd@31-86.109.11.101:22-163.228.248.90:57950.service. Feb 9 12:34:40.642000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@31-86.109.11.101:22-163.228.248.90:57950 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:41.631889 sshd[2971]: Timeout before authentication for 106.54.212.205 port 45484 Feb 9 12:34:41.633219 systemd[1]: sshd@12-86.109.11.101:22-106.54.212.205:45484.service: Deactivated successfully. Feb 9 12:34:41.632000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@12-86.109.11.101:22-106.54.212.205:45484 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:41.729134 sshd[5491]: Invalid user mamadsdgh from 163.228.248.90 port 57950 Feb 9 12:34:41.734662 sshd[5491]: pam_faillock(sshd:auth): User unknown Feb 9 12:34:41.735641 sshd[5491]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:34:41.735725 sshd[5491]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.228.248.90 Feb 9 12:34:41.736640 sshd[5491]: pam_faillock(sshd:auth): User unknown Feb 9 12:34:41.735000 audit[5491]: USER_AUTH pid=5491 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="mamadsdgh" exe="/usr/sbin/sshd" hostname=163.228.248.90 addr=163.228.248.90 terminal=ssh res=failed' Feb 9 12:34:43.135575 sshd[5491]: Failed password for invalid user mamadsdgh from 163.228.248.90 port 57950 ssh2 Feb 9 12:34:43.401496 systemd[1]: Started sshd@32-86.109.11.101:22-101.35.54.203:47908.service. Feb 9 12:34:43.400000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@32-86.109.11.101:22-101.35.54.203:47908 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:44.148030 sshd[5497]: Invalid user aiqiku from 101.35.54.203 port 47908 Feb 9 12:34:44.154193 sshd[5497]: pam_faillock(sshd:auth): User unknown Feb 9 12:34:44.155150 sshd[5497]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:34:44.155265 sshd[5497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.35.54.203 Feb 9 12:34:44.156211 sshd[5497]: pam_faillock(sshd:auth): User unknown Feb 9 12:34:44.155000 audit[5497]: USER_AUTH pid=5497 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="aiqiku" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:34:44.731018 sshd[5491]: Received disconnect from 163.228.248.90 port 57950:11: Bye Bye [preauth] Feb 9 12:34:44.731018 sshd[5491]: Disconnected from invalid user mamadsdgh 163.228.248.90 port 57950 [preauth] Feb 9 12:34:44.733278 systemd[1]: sshd@31-86.109.11.101:22-163.228.248.90:57950.service: Deactivated successfully. Feb 9 12:34:44.732000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@31-86.109.11.101:22-163.228.248.90:57950 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:44.761133 kernel: kauditd_printk_skb: 7 callbacks suppressed Feb 9 12:34:44.761444 kernel: audit: type=1131 audit(1707482084.732:1391): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@31-86.109.11.101:22-163.228.248.90:57950 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:46.303563 sshd[5497]: Failed password for invalid user aiqiku from 101.35.54.203 port 47908 ssh2 Feb 9 12:34:48.056502 sshd[5497]: Received disconnect from 101.35.54.203 port 47908:11: Bye Bye [preauth] Feb 9 12:34:48.056502 sshd[5497]: Disconnected from invalid user aiqiku 101.35.54.203 port 47908 [preauth] Feb 9 12:34:48.058113 systemd[1]: sshd@32-86.109.11.101:22-101.35.54.203:47908.service: Deactivated successfully. Feb 9 12:34:48.057000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@32-86.109.11.101:22-101.35.54.203:47908 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:48.149288 kernel: audit: type=1131 audit(1707482088.057:1392): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@32-86.109.11.101:22-101.35.54.203:47908 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:57.563863 systemd[1]: Started sshd@33-86.109.11.101:22-38.7.207.12:59890.service. Feb 9 12:34:57.562000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@33-86.109.11.101:22-38.7.207.12:59890 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:57.655235 kernel: audit: type=1130 audit(1707482097.562:1393): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@33-86.109.11.101:22-38.7.207.12:59890 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:34:58.488825 sshd[5532]: Invalid user ink from 38.7.207.12 port 59890 Feb 9 12:34:58.495013 sshd[5532]: pam_faillock(sshd:auth): User unknown Feb 9 12:34:58.496111 sshd[5532]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:34:58.496204 sshd[5532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.7.207.12 Feb 9 12:34:58.497142 sshd[5532]: pam_faillock(sshd:auth): User unknown Feb 9 12:34:58.496000 audit[5532]: USER_AUTH pid=5532 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="ink" exe="/usr/sbin/sshd" hostname=38.7.207.12 addr=38.7.207.12 terminal=ssh res=failed' Feb 9 12:34:58.587437 kernel: audit: type=1100 audit(1707482098.496:1394): pid=5532 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="ink" exe="/usr/sbin/sshd" hostname=38.7.207.12 addr=38.7.207.12 terminal=ssh res=failed' Feb 9 12:35:00.437011 systemd[1]: Started sshd@34-86.109.11.101:22-43.156.225.133:33944.service. Feb 9 12:35:00.435000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@34-86.109.11.101:22-43.156.225.133:33944 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:00.529309 kernel: audit: type=1130 audit(1707482100.435:1395): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@34-86.109.11.101:22-43.156.225.133:33944 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:00.899478 sshd[5532]: Failed password for invalid user ink from 38.7.207.12 port 59890 ssh2 Feb 9 12:35:01.209223 sshd[5532]: Received disconnect from 38.7.207.12 port 59890:11: Bye Bye [preauth] Feb 9 12:35:01.209223 sshd[5532]: Disconnected from invalid user ink 38.7.207.12 port 59890 [preauth] Feb 9 12:35:01.211781 systemd[1]: sshd@33-86.109.11.101:22-38.7.207.12:59890.service: Deactivated successfully. Feb 9 12:35:01.212000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@33-86.109.11.101:22-38.7.207.12:59890 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:01.304428 kernel: audit: type=1131 audit(1707482101.212:1396): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@33-86.109.11.101:22-38.7.207.12:59890 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:01.487134 sshd[5536]: Invalid user casangjo from 43.156.225.133 port 33944 Feb 9 12:35:01.493291 sshd[5536]: pam_faillock(sshd:auth): User unknown Feb 9 12:35:01.494301 sshd[5536]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:35:01.494389 sshd[5536]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.156.225.133 Feb 9 12:35:01.495505 sshd[5536]: pam_faillock(sshd:auth): User unknown Feb 9 12:35:01.495000 audit[5536]: USER_AUTH pid=5536 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="casangjo" exe="/usr/sbin/sshd" hostname=43.156.225.133 addr=43.156.225.133 terminal=ssh res=failed' Feb 9 12:35:01.591275 kernel: audit: type=1100 audit(1707482101.495:1397): pid=5536 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="casangjo" exe="/usr/sbin/sshd" hostname=43.156.225.133 addr=43.156.225.133 terminal=ssh res=failed' Feb 9 12:35:03.642760 sshd[5536]: Failed password for invalid user casangjo from 43.156.225.133 port 33944 ssh2 Feb 9 12:35:05.928906 sshd[5536]: Received disconnect from 43.156.225.133 port 33944:11: Bye Bye [preauth] Feb 9 12:35:05.928906 sshd[5536]: Disconnected from invalid user casangjo 43.156.225.133 port 33944 [preauth] Feb 9 12:35:05.931500 systemd[1]: sshd@34-86.109.11.101:22-43.156.225.133:33944.service: Deactivated successfully. Feb 9 12:35:05.931000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@34-86.109.11.101:22-43.156.225.133:33944 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:06.024427 kernel: audit: type=1131 audit(1707482105.931:1398): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@34-86.109.11.101:22-43.156.225.133:33944 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:10.711739 systemd[1]: Started sshd@35-86.109.11.101:22-163.228.248.90:9941.service. Feb 9 12:35:10.711000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@35-86.109.11.101:22-163.228.248.90:9941 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:10.804235 kernel: audit: type=1130 audit(1707482110.711:1399): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@35-86.109.11.101:22-163.228.248.90:9941 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:11.586459 sshd[5542]: Invalid user ssmech from 163.228.248.90 port 9941 Feb 9 12:35:11.592462 sshd[5542]: pam_faillock(sshd:auth): User unknown Feb 9 12:35:11.593641 sshd[5542]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:35:11.593733 sshd[5542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.228.248.90 Feb 9 12:35:11.594649 sshd[5542]: pam_faillock(sshd:auth): User unknown Feb 9 12:35:11.594000 audit[5542]: USER_AUTH pid=5542 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="ssmech" exe="/usr/sbin/sshd" hostname=163.228.248.90 addr=163.228.248.90 terminal=ssh res=failed' Feb 9 12:35:11.687406 kernel: audit: type=1100 audit(1707482111.594:1400): pid=5542 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="ssmech" exe="/usr/sbin/sshd" hostname=163.228.248.90 addr=163.228.248.90 terminal=ssh res=failed' Feb 9 12:35:13.114501 sshd[5542]: Failed password for invalid user ssmech from 163.228.248.90 port 9941 ssh2 Feb 9 12:35:14.540439 sshd[5542]: Received disconnect from 163.228.248.90 port 9941:11: Bye Bye [preauth] Feb 9 12:35:14.540439 sshd[5542]: Disconnected from invalid user ssmech 163.228.248.90 port 9941 [preauth] Feb 9 12:35:14.543080 systemd[1]: sshd@35-86.109.11.101:22-163.228.248.90:9941.service: Deactivated successfully. Feb 9 12:35:14.543000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@35-86.109.11.101:22-163.228.248.90:9941 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:14.636320 kernel: audit: type=1131 audit(1707482114.543:1401): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@35-86.109.11.101:22-163.228.248.90:9941 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:14.998128 systemd[1]: Started sshd@36-86.109.11.101:22-135.125.161.64:59282.service. Feb 9 12:35:14.998000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@36-86.109.11.101:22-135.125.161.64:59282 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:15.091433 kernel: audit: type=1130 audit(1707482114.998:1402): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@36-86.109.11.101:22-135.125.161.64:59282 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:15.902703 sshd[5554]: Invalid user exportjf from 135.125.161.64 port 59282 Feb 9 12:35:15.909006 sshd[5554]: pam_faillock(sshd:auth): User unknown Feb 9 12:35:15.910202 sshd[5554]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:35:15.910331 sshd[5554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=135.125.161.64 Feb 9 12:35:15.911211 sshd[5554]: pam_faillock(sshd:auth): User unknown Feb 9 12:35:15.911000 audit[5554]: USER_AUTH pid=5554 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="exportjf" exe="/usr/sbin/sshd" hostname=135.125.161.64 addr=135.125.161.64 terminal=ssh res=failed' Feb 9 12:35:16.004305 kernel: audit: type=1100 audit(1707482115.911:1403): pid=5554 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="exportjf" exe="/usr/sbin/sshd" hostname=135.125.161.64 addr=135.125.161.64 terminal=ssh res=failed' Feb 9 12:35:18.314282 sshd[5554]: Failed password for invalid user exportjf from 135.125.161.64 port 59282 ssh2 Feb 9 12:35:18.694726 sshd[5554]: Received disconnect from 135.125.161.64 port 59282:11: Bye Bye [preauth] Feb 9 12:35:18.694726 sshd[5554]: Disconnected from invalid user exportjf 135.125.161.64 port 59282 [preauth] Feb 9 12:35:18.697112 systemd[1]: sshd@36-86.109.11.101:22-135.125.161.64:59282.service: Deactivated successfully. Feb 9 12:35:18.697000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@36-86.109.11.101:22-135.125.161.64:59282 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:18.790284 kernel: audit: type=1131 audit(1707482118.697:1404): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@36-86.109.11.101:22-135.125.161.64:59282 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:20.455930 systemd[1]: Started sshd@37-86.109.11.101:22-101.35.54.203:57000.service. Feb 9 12:35:20.455000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@37-86.109.11.101:22-101.35.54.203:57000 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:20.547286 kernel: audit: type=1130 audit(1707482120.455:1405): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@37-86.109.11.101:22-101.35.54.203:57000 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:21.268172 sshd[5561]: Invalid user asadmin from 101.35.54.203 port 57000 Feb 9 12:35:21.271165 sshd[5561]: pam_faillock(sshd:auth): User unknown Feb 9 12:35:21.271618 sshd[5561]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:35:21.271658 sshd[5561]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.35.54.203 Feb 9 12:35:21.272047 sshd[5561]: pam_faillock(sshd:auth): User unknown Feb 9 12:35:21.271000 audit[5561]: USER_AUTH pid=5561 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="asadmin" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:35:21.363265 kernel: audit: type=1100 audit(1707482121.271:1406): pid=5561 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="asadmin" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:35:23.324000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:35:23.324000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0029e9e90 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:35:23.547314 kernel: audit: type=1400 audit(1707482123.324:1407): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:35:23.547385 kernel: audit: type=1300 audit(1707482123.324:1407): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0029e9e90 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:35:23.547405 kernel: audit: type=1327 audit(1707482123.324:1407): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:35:23.324000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:35:23.643306 kernel: audit: type=1400 audit(1707482123.324:1408): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:35:23.324000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:35:23.734847 kernel: audit: type=1300 audit(1707482123.324:1408): arch=c000003e syscall=254 success=no exit=-13 a0=b a1=c000ff85c0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:35:23.324000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=b a1=c000ff85c0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:35:23.830368 sshd[5561]: Failed password for invalid user asadmin from 101.35.54.203 port 57000 ssh2 Feb 9 12:35:23.857019 kernel: audit: type=1327 audit(1707482123.324:1408): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:35:23.324000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:35:23.951548 kernel: audit: type=1400 audit(1707482123.458:1409): avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="sda9" ino=521013 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:35:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="sda9" ino=521013 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:35:24.044358 kernel: audit: type=1400 audit(1707482123.458:1410): avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:35:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:35:24.135710 kernel: audit: type=1300 audit(1707482123.458:1410): arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c0120d89a0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:35:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c0120d89a0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:35:24.235236 kernel: audit: type=1300 audit(1707482123.458:1409): arch=c000003e syscall=254 success=no exit=-13 a0=5f a1=c007d6f710 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:35:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5f a1=c007d6f710 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:35:24.334814 kernel: audit: type=1327 audit(1707482123.458:1410): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:35:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:35:24.429306 kernel: audit: type=1327 audit(1707482123.458:1409): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:35:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:35:24.523897 kernel: audit: type=1400 audit(1707482123.458:1411): avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="sda9" ino=521007 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:35:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="sda9" ino=521007 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:35:24.617488 kernel: audit: type=1300 audit(1707482123.458:1411): arch=c000003e syscall=254 success=no exit=-13 a0=5f a1=c007d6f740 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:35:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5f a1=c007d6f740 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:35:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:35:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:35:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c008a10480 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:35:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:35:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:35:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c0078af5e0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:35:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:35:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:35:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5f a1=c00a010ab0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:35:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:35:25.026065 sshd[5561]: Received disconnect from 101.35.54.203 port 57000:11: Bye Bye [preauth] Feb 9 12:35:25.026065 sshd[5561]: Disconnected from invalid user asadmin 101.35.54.203 port 57000 [preauth] Feb 9 12:35:25.028569 systemd[1]: sshd@37-86.109.11.101:22-101.35.54.203:57000.service: Deactivated successfully. Feb 9 12:35:25.028000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@37-86.109.11.101:22-101.35.54.203:57000 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:25.945284 systemd[1]: Started sshd@38-86.109.11.101:22-104.248.145.46:48414.service. Feb 9 12:35:25.945000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@38-86.109.11.101:22-104.248.145.46:48414 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:26.948728 sshd[5592]: Invalid user zhangxiaoy from 104.248.145.46 port 48414 Feb 9 12:35:26.954325 sshd[5592]: pam_faillock(sshd:auth): User unknown Feb 9 12:35:26.955301 sshd[5592]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:35:26.955346 sshd[5592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.145.46 Feb 9 12:35:26.955560 sshd[5592]: pam_faillock(sshd:auth): User unknown Feb 9 12:35:26.955000 audit[5592]: USER_AUTH pid=5592 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="zhangxiaoy" exe="/usr/sbin/sshd" hostname=104.248.145.46 addr=104.248.145.46 terminal=ssh res=failed' Feb 9 12:35:28.755442 systemd[1]: Started sshd@39-86.109.11.101:22-43.153.64.49:50128.service. Feb 9 12:35:28.754000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@39-86.109.11.101:22-43.153.64.49:50128 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:28.783069 kernel: kauditd_printk_skb: 13 callbacks suppressed Feb 9 12:35:28.783103 kernel: audit: type=1130 audit(1707482128.754:1418): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@39-86.109.11.101:22-43.153.64.49:50128 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:28.931127 sshd[5598]: Invalid user teamspeak from 43.153.64.49 port 50128 Feb 9 12:35:28.932626 sshd[5598]: pam_faillock(sshd:auth): User unknown Feb 9 12:35:28.932891 sshd[5598]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:35:28.932914 sshd[5598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.153.64.49 Feb 9 12:35:28.933127 sshd[5598]: pam_faillock(sshd:auth): User unknown Feb 9 12:35:28.932000 audit[5598]: USER_AUTH pid=5598 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="teamspeak" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:35:29.025234 kernel: audit: type=1100 audit(1707482128.932:1419): pid=5598 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="teamspeak" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:35:29.202748 sshd[5592]: Failed password for invalid user zhangxiaoy from 104.248.145.46 port 48414 ssh2 Feb 9 12:35:29.455149 sshd[5592]: Received disconnect from 104.248.145.46 port 48414:11: Bye Bye [preauth] Feb 9 12:35:29.455149 sshd[5592]: Disconnected from invalid user zhangxiaoy 104.248.145.46 port 48414 [preauth] Feb 9 12:35:29.457601 systemd[1]: sshd@38-86.109.11.101:22-104.248.145.46:48414.service: Deactivated successfully. Feb 9 12:35:29.457000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@38-86.109.11.101:22-104.248.145.46:48414 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:29.550316 kernel: audit: type=1131 audit(1707482129.457:1420): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@38-86.109.11.101:22-104.248.145.46:48414 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:31.119491 sshd[5598]: Failed password for invalid user teamspeak from 43.153.64.49 port 50128 ssh2 Feb 9 12:35:31.258341 sshd[5598]: Received disconnect from 43.153.64.49 port 50128:11: Bye Bye [preauth] Feb 9 12:35:31.258341 sshd[5598]: Disconnected from invalid user teamspeak 43.153.64.49 port 50128 [preauth] Feb 9 12:35:31.260903 systemd[1]: sshd@39-86.109.11.101:22-43.153.64.49:50128.service: Deactivated successfully. Feb 9 12:35:31.260000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@39-86.109.11.101:22-43.153.64.49:50128 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:31.354419 kernel: audit: type=1131 audit(1707482131.260:1421): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@39-86.109.11.101:22-43.153.64.49:50128 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:39.218000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:35:39.218000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0011eda00 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:35:39.436633 kernel: audit: type=1400 audit(1707482139.218:1422): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:35:39.436684 kernel: audit: type=1300 audit(1707482139.218:1422): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0011eda00 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:35:39.436703 kernel: audit: type=1327 audit(1707482139.218:1422): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:35:39.218000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:35:39.530889 kernel: audit: type=1400 audit(1707482139.219:1423): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:35:39.219000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:35:39.219000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001279d80 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:35:39.745944 kernel: audit: type=1300 audit(1707482139.219:1423): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001279d80 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:35:39.745977 kernel: audit: type=1327 audit(1707482139.219:1423): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:35:39.219000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:35:39.840241 kernel: audit: type=1400 audit(1707482139.221:1424): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:35:39.221000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:35:39.221000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c00130e000 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:35:40.052920 kernel: audit: type=1300 audit(1707482139.221:1424): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c00130e000 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:35:40.052968 kernel: audit: type=1327 audit(1707482139.221:1424): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:35:39.221000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:35:40.147234 kernel: audit: type=1400 audit(1707482139.222:1425): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:35:39.222000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:35:39.222000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c00130e040 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:35:39.222000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:35:42.154767 systemd[1]: Started sshd@40-86.109.11.101:22-163.228.248.90:10806.service. Feb 9 12:35:42.153000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@40-86.109.11.101:22-163.228.248.90:10806 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:43.223644 sshd[5624]: Invalid user sstent from 163.228.248.90 port 10806 Feb 9 12:35:43.229803 sshd[5624]: pam_faillock(sshd:auth): User unknown Feb 9 12:35:43.230932 sshd[5624]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:35:43.231023 sshd[5624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.228.248.90 Feb 9 12:35:43.231957 sshd[5624]: pam_faillock(sshd:auth): User unknown Feb 9 12:35:43.230000 audit[5624]: USER_AUTH pid=5624 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="sstent" exe="/usr/sbin/sshd" hostname=163.228.248.90 addr=163.228.248.90 terminal=ssh res=failed' Feb 9 12:35:45.478442 sshd[5624]: Failed password for invalid user sstent from 163.228.248.90 port 10806 ssh2 Feb 9 12:35:45.674497 sshd[5624]: Received disconnect from 163.228.248.90 port 10806:11: Bye Bye [preauth] Feb 9 12:35:45.674497 sshd[5624]: Disconnected from invalid user sstent 163.228.248.90 port 10806 [preauth] Feb 9 12:35:45.676963 systemd[1]: sshd@40-86.109.11.101:22-163.228.248.90:10806.service: Deactivated successfully. Feb 9 12:35:45.676000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@40-86.109.11.101:22-163.228.248.90:10806 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:45.704293 kernel: kauditd_printk_skb: 4 callbacks suppressed Feb 9 12:35:45.704330 kernel: audit: type=1131 audit(1707482145.676:1428): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@40-86.109.11.101:22-163.228.248.90:10806 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:49.184679 systemd[1]: Started sshd@41-86.109.11.101:22-85.209.11.27:10844.service. Feb 9 12:35:49.183000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@41-86.109.11.101:22-85.209.11.27:10844 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:49.280324 kernel: audit: type=1130 audit(1707482149.183:1429): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@41-86.109.11.101:22-85.209.11.27:10844 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:52.032339 sshd[5629]: Invalid user 12345 from 85.209.11.27 port 10844 Feb 9 12:35:52.607404 sshd[5629]: pam_faillock(sshd:auth): User unknown Feb 9 12:35:52.606000 audit[5629]: USER_AUTH pid=5629 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="12345" exe="/usr/sbin/sshd" hostname=85.209.11.27 addr=85.209.11.27 terminal=ssh res=failed' Feb 9 12:35:52.607489 sshd[5629]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:35:52.607515 sshd[5629]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.209.11.27 Feb 9 12:35:52.607575 sshd[5629]: pam_faillock(sshd:auth): User unknown Feb 9 12:35:52.698298 kernel: audit: type=1100 audit(1707482152.606:1430): pid=5629 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="12345" exe="/usr/sbin/sshd" hostname=85.209.11.27 addr=85.209.11.27 terminal=ssh res=failed' Feb 9 12:35:54.883058 systemd[1]: Started sshd@42-86.109.11.101:22-106.54.212.205:50258.service. Feb 9 12:35:54.881000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@42-86.109.11.101:22-106.54.212.205:50258 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:54.975424 kernel: audit: type=1130 audit(1707482154.881:1431): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@42-86.109.11.101:22-106.54.212.205:50258 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:55.090644 sshd[5629]: Failed password for invalid user 12345 from 85.209.11.27 port 10844 ssh2 Feb 9 12:35:55.701273 sshd[5629]: Connection closed by invalid user 12345 85.209.11.27 port 10844 [preauth] Feb 9 12:35:55.701992 sshd[5658]: Invalid user johnli from 106.54.212.205 port 50258 Feb 9 12:35:55.703798 systemd[1]: sshd@41-86.109.11.101:22-85.209.11.27:10844.service: Deactivated successfully. Feb 9 12:35:55.703000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@41-86.109.11.101:22-85.209.11.27:10844 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:55.708669 sshd[5658]: pam_faillock(sshd:auth): User unknown Feb 9 12:35:55.709130 sshd[5658]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:35:55.709161 sshd[5658]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.212.205 Feb 9 12:35:55.709412 sshd[5658]: pam_faillock(sshd:auth): User unknown Feb 9 12:35:55.708000 audit[5658]: USER_AUTH pid=5658 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="johnli" exe="/usr/sbin/sshd" hostname=106.54.212.205 addr=106.54.212.205 terminal=ssh res=failed' Feb 9 12:35:55.885136 kernel: audit: type=1131 audit(1707482155.703:1432): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@41-86.109.11.101:22-85.209.11.27:10844 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:55.885168 kernel: audit: type=1100 audit(1707482155.708:1433): pid=5658 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="johnli" exe="/usr/sbin/sshd" hostname=106.54.212.205 addr=106.54.212.205 terminal=ssh res=failed' Feb 9 12:35:57.936651 sshd[5658]: Failed password for invalid user johnli from 106.54.212.205 port 50258 ssh2 Feb 9 12:35:59.144399 sshd[5658]: Received disconnect from 106.54.212.205 port 50258:11: Bye Bye [preauth] Feb 9 12:35:59.144399 sshd[5658]: Disconnected from invalid user johnli 106.54.212.205 port 50258 [preauth] Feb 9 12:35:59.146876 systemd[1]: sshd@42-86.109.11.101:22-106.54.212.205:50258.service: Deactivated successfully. Feb 9 12:35:59.146000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@42-86.109.11.101:22-106.54.212.205:50258 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:59.239412 kernel: audit: type=1131 audit(1707482159.146:1434): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@42-86.109.11.101:22-106.54.212.205:50258 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:59.444443 systemd[1]: Started sshd@43-86.109.11.101:22-101.35.54.203:37846.service. Feb 9 12:35:59.443000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@43-86.109.11.101:22-101.35.54.203:37846 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:35:59.536234 kernel: audit: type=1130 audit(1707482159.443:1435): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@43-86.109.11.101:22-101.35.54.203:37846 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:00.226440 sshd[5665]: Invalid user weicaie from 101.35.54.203 port 37846 Feb 9 12:36:00.232643 sshd[5665]: pam_faillock(sshd:auth): User unknown Feb 9 12:36:00.233647 sshd[5665]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:36:00.233739 sshd[5665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.35.54.203 Feb 9 12:36:00.234662 sshd[5665]: pam_faillock(sshd:auth): User unknown Feb 9 12:36:00.233000 audit[5665]: USER_AUTH pid=5665 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="weicaie" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:36:00.330441 kernel: audit: type=1100 audit(1707482160.233:1436): pid=5665 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="weicaie" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:36:02.482140 sshd[5665]: Failed password for invalid user weicaie from 101.35.54.203 port 37846 ssh2 Feb 9 12:36:03.011822 sshd[5665]: Received disconnect from 101.35.54.203 port 37846:11: Bye Bye [preauth] Feb 9 12:36:03.011822 sshd[5665]: Disconnected from invalid user weicaie 101.35.54.203 port 37846 [preauth] Feb 9 12:36:03.014411 systemd[1]: sshd@43-86.109.11.101:22-101.35.54.203:37846.service: Deactivated successfully. Feb 9 12:36:03.013000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@43-86.109.11.101:22-101.35.54.203:37846 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:03.107300 kernel: audit: type=1131 audit(1707482163.013:1437): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@43-86.109.11.101:22-101.35.54.203:37846 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:06.182440 systemd[1]: Started sshd@44-86.109.11.101:22-38.7.207.12:50604.service. Feb 9 12:36:06.181000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@44-86.109.11.101:22-38.7.207.12:50604 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:06.274334 kernel: audit: type=1130 audit(1707482166.181:1438): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@44-86.109.11.101:22-38.7.207.12:50604 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:06.873138 systemd[1]: Started sshd@45-86.109.11.101:22-43.156.225.133:52746.service. Feb 9 12:36:06.872000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@45-86.109.11.101:22-43.156.225.133:52746 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:06.965234 kernel: audit: type=1130 audit(1707482166.872:1439): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@45-86.109.11.101:22-43.156.225.133:52746 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:07.104381 sshd[5669]: Invalid user narae from 38.7.207.12 port 50604 Feb 9 12:36:07.106424 sshd[5669]: pam_faillock(sshd:auth): User unknown Feb 9 12:36:07.106841 sshd[5669]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:36:07.106872 sshd[5669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.7.207.12 Feb 9 12:36:07.107156 sshd[5669]: pam_faillock(sshd:auth): User unknown Feb 9 12:36:07.106000 audit[5669]: USER_AUTH pid=5669 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="narae" exe="/usr/sbin/sshd" hostname=38.7.207.12 addr=38.7.207.12 terminal=ssh res=failed' Feb 9 12:36:07.199271 kernel: audit: type=1100 audit(1707482167.106:1440): pid=5669 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="narae" exe="/usr/sbin/sshd" hostname=38.7.207.12 addr=38.7.207.12 terminal=ssh res=failed' Feb 9 12:36:07.948252 sshd[5672]: Invalid user bisma from 43.156.225.133 port 52746 Feb 9 12:36:07.950435 sshd[5672]: pam_faillock(sshd:auth): User unknown Feb 9 12:36:07.950806 sshd[5672]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:36:07.950843 sshd[5672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.156.225.133 Feb 9 12:36:07.951169 sshd[5672]: pam_faillock(sshd:auth): User unknown Feb 9 12:36:07.950000 audit[5672]: USER_AUTH pid=5672 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="bisma" exe="/usr/sbin/sshd" hostname=43.156.225.133 addr=43.156.225.133 terminal=ssh res=failed' Feb 9 12:36:08.042304 kernel: audit: type=1100 audit(1707482167.950:1441): pid=5672 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="bisma" exe="/usr/sbin/sshd" hostname=43.156.225.133 addr=43.156.225.133 terminal=ssh res=failed' Feb 9 12:36:09.314468 sshd[5669]: Failed password for invalid user narae from 38.7.207.12 port 50604 ssh2 Feb 9 12:36:10.158465 sshd[5672]: Failed password for invalid user bisma from 43.156.225.133 port 52746 ssh2 Feb 9 12:36:11.130643 sshd[5672]: Received disconnect from 43.156.225.133 port 52746:11: Bye Bye [preauth] Feb 9 12:36:11.130643 sshd[5672]: Disconnected from invalid user bisma 43.156.225.133 port 52746 [preauth] Feb 9 12:36:11.133148 systemd[1]: sshd@45-86.109.11.101:22-43.156.225.133:52746.service: Deactivated successfully. Feb 9 12:36:11.132000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@45-86.109.11.101:22-43.156.225.133:52746 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:11.225427 kernel: audit: type=1131 audit(1707482171.132:1442): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@45-86.109.11.101:22-43.156.225.133:52746 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:11.366759 sshd[5669]: Received disconnect from 38.7.207.12 port 50604:11: Bye Bye [preauth] Feb 9 12:36:11.366759 sshd[5669]: Disconnected from invalid user narae 38.7.207.12 port 50604 [preauth] Feb 9 12:36:11.369338 systemd[1]: sshd@44-86.109.11.101:22-38.7.207.12:50604.service: Deactivated successfully. Feb 9 12:36:11.368000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@44-86.109.11.101:22-38.7.207.12:50604 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:11.466317 kernel: audit: type=1131 audit(1707482171.368:1443): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@44-86.109.11.101:22-38.7.207.12:50604 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:11.717506 systemd[1]: Started sshd@46-86.109.11.101:22-135.125.161.64:49672.service. Feb 9 12:36:11.716000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@46-86.109.11.101:22-135.125.161.64:49672 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:11.816286 kernel: audit: type=1130 audit(1707482171.716:1444): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@46-86.109.11.101:22-135.125.161.64:49672 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:12.612293 sshd[5680]: Invalid user missel from 135.125.161.64 port 49672 Feb 9 12:36:12.618392 sshd[5680]: pam_faillock(sshd:auth): User unknown Feb 9 12:36:12.619412 sshd[5680]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:36:12.619498 sshd[5680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=135.125.161.64 Feb 9 12:36:12.620388 sshd[5680]: pam_faillock(sshd:auth): User unknown Feb 9 12:36:12.619000 audit[5680]: USER_AUTH pid=5680 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="missel" exe="/usr/sbin/sshd" hostname=135.125.161.64 addr=135.125.161.64 terminal=ssh res=failed' Feb 9 12:36:12.715315 kernel: audit: type=1100 audit(1707482172.619:1445): pid=5680 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="missel" exe="/usr/sbin/sshd" hostname=135.125.161.64 addr=135.125.161.64 terminal=ssh res=failed' Feb 9 12:36:14.848032 sshd[5680]: Failed password for invalid user missel from 135.125.161.64 port 49672 ssh2 Feb 9 12:36:16.302918 sshd[5680]: Received disconnect from 135.125.161.64 port 49672:11: Bye Bye [preauth] Feb 9 12:36:16.302918 sshd[5680]: Disconnected from invalid user missel 135.125.161.64 port 49672 [preauth] Feb 9 12:36:16.305396 systemd[1]: sshd@46-86.109.11.101:22-135.125.161.64:49672.service: Deactivated successfully. Feb 9 12:36:16.305000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@46-86.109.11.101:22-135.125.161.64:49672 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:16.399427 kernel: audit: type=1131 audit(1707482176.305:1446): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@46-86.109.11.101:22-135.125.161.64:49672 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:16.580060 sshd[5051]: Timeout before authentication for 106.54.212.205 port 33760 Feb 9 12:36:16.580861 systemd[1]: sshd@27-86.109.11.101:22-106.54.212.205:33760.service: Deactivated successfully. Feb 9 12:36:16.580000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@27-86.109.11.101:22-106.54.212.205:33760 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:16.673289 kernel: audit: type=1131 audit(1707482176.580:1447): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@27-86.109.11.101:22-106.54.212.205:33760 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:18.909501 systemd[1]: Started sshd@47-86.109.11.101:22-163.228.248.90:21515.service. Feb 9 12:36:18.909000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@47-86.109.11.101:22-163.228.248.90:21515 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:19.005256 kernel: audit: type=1130 audit(1707482178.909:1448): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@47-86.109.11.101:22-163.228.248.90:21515 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:19.947653 sshd[5686]: Invalid user sauce from 163.228.248.90 port 21515 Feb 9 12:36:19.948899 sshd[5686]: pam_faillock(sshd:auth): User unknown Feb 9 12:36:19.949092 sshd[5686]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:36:19.949109 sshd[5686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.228.248.90 Feb 9 12:36:19.949388 sshd[5686]: pam_faillock(sshd:auth): User unknown Feb 9 12:36:19.949000 audit[5686]: USER_AUTH pid=5686 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="sauce" exe="/usr/sbin/sshd" hostname=163.228.248.90 addr=163.228.248.90 terminal=ssh res=failed' Feb 9 12:36:20.042329 kernel: audit: type=1100 audit(1707482179.949:1449): pid=5686 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="sauce" exe="/usr/sbin/sshd" hostname=163.228.248.90 addr=163.228.248.90 terminal=ssh res=failed' Feb 9 12:36:22.136789 sshd[5686]: Failed password for invalid user sauce from 163.228.248.90 port 21515 ssh2 Feb 9 12:36:23.325000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:36:23.325000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0011edf00 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:36:23.547172 kernel: audit: type=1400 audit(1707482183.325:1450): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:36:23.547244 kernel: audit: type=1300 audit(1707482183.325:1450): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0011edf00 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:36:23.547274 kernel: audit: type=1327 audit(1707482183.325:1450): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:36:23.325000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:36:23.325000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:36:23.735707 kernel: audit: type=1400 audit(1707482183.325:1451): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:36:23.735747 kernel: audit: type=1300 audit(1707482183.325:1451): arch=c000003e syscall=254 success=no exit=-13 a0=b a1=c00241b2c0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:36:23.325000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=b a1=c00241b2c0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:36:23.325000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:36:23.952313 kernel: audit: type=1327 audit(1707482183.325:1451): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:36:23.952364 kernel: audit: type=1400 audit(1707482183.458:1452): avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:36:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:36:24.017857 systemd[1]: Started sshd@48-86.109.11.101:22-43.153.64.49:40566.service. Feb 9 12:36:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c009e75dd0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:36:24.144057 kernel: audit: type=1300 audit(1707482183.458:1452): arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c009e75dd0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:36:24.144107 kernel: audit: type=1327 audit(1707482183.458:1452): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:36:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:36:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="sda9" ino=521013 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:36:24.245987 sshd[5718]: Invalid user arvinff from 43.153.64.49 port 40566 Feb 9 12:36:24.247148 sshd[5718]: pam_faillock(sshd:auth): User unknown Feb 9 12:36:24.247349 sshd[5718]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:36:24.247367 sshd[5718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.153.64.49 Feb 9 12:36:24.247529 sshd[5718]: pam_faillock(sshd:auth): User unknown Feb 9 12:36:24.330852 kernel: audit: type=1400 audit(1707482183.458:1453): avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="sda9" ino=521013 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:36:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:36:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5f a1=c00f955f20 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:36:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=60 a1=c0078af340 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:36:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:36:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:36:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="sda9" ino=521007 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:36:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c007f023c0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:36:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:36:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:36:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c0078af460 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:36:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:36:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:36:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c0070e9890 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:36:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:36:24.017000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@48-86.109.11.101:22-43.153.64.49:40566 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:24.247000 audit[5718]: USER_AUTH pid=5718 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="arvinff" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:36:24.386561 sshd[5686]: Received disconnect from 163.228.248.90 port 21515:11: Bye Bye [preauth] Feb 9 12:36:24.386561 sshd[5686]: Disconnected from invalid user sauce 163.228.248.90 port 21515 [preauth] Feb 9 12:36:24.388734 systemd[1]: sshd@47-86.109.11.101:22-163.228.248.90:21515.service: Deactivated successfully. Feb 9 12:36:24.388000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@47-86.109.11.101:22-163.228.248.90:21515 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:26.122519 sshd[5718]: Failed password for invalid user arvinff from 43.153.64.49 port 40566 ssh2 Feb 9 12:36:27.373435 sshd[5718]: Received disconnect from 43.153.64.49 port 40566:11: Bye Bye [preauth] Feb 9 12:36:27.373435 sshd[5718]: Disconnected from invalid user arvinff 43.153.64.49 port 40566 [preauth] Feb 9 12:36:27.376024 systemd[1]: sshd@48-86.109.11.101:22-43.153.64.49:40566.service: Deactivated successfully. Feb 9 12:36:27.376000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@48-86.109.11.101:22-43.153.64.49:40566 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:31.757739 systemd[1]: Started sshd@49-86.109.11.101:22-104.248.145.46:54942.service. Feb 9 12:36:31.756000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@49-86.109.11.101:22-104.248.145.46:54942 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:31.785271 kernel: kauditd_printk_skb: 18 callbacks suppressed Feb 9 12:36:31.785328 kernel: audit: type=1130 audit(1707482191.756:1462): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@49-86.109.11.101:22-104.248.145.46:54942 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:32.778255 sshd[5726]: Invalid user anwar from 104.248.145.46 port 54942 Feb 9 12:36:32.784386 sshd[5726]: pam_faillock(sshd:auth): User unknown Feb 9 12:36:32.785404 sshd[5726]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:36:32.785495 sshd[5726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.145.46 Feb 9 12:36:32.786494 sshd[5726]: pam_faillock(sshd:auth): User unknown Feb 9 12:36:32.785000 audit[5726]: USER_AUTH pid=5726 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="anwar" exe="/usr/sbin/sshd" hostname=104.248.145.46 addr=104.248.145.46 terminal=ssh res=failed' Feb 9 12:36:32.877411 kernel: audit: type=1100 audit(1707482192.785:1463): pid=5726 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="anwar" exe="/usr/sbin/sshd" hostname=104.248.145.46 addr=104.248.145.46 terminal=ssh res=failed' Feb 9 12:36:34.426796 sshd[5726]: Failed password for invalid user anwar from 104.248.145.46 port 54942 ssh2 Feb 9 12:36:35.607902 sshd[5726]: Received disconnect from 104.248.145.46 port 54942:11: Bye Bye [preauth] Feb 9 12:36:35.607902 sshd[5726]: Disconnected from invalid user anwar 104.248.145.46 port 54942 [preauth] Feb 9 12:36:35.610464 systemd[1]: sshd@49-86.109.11.101:22-104.248.145.46:54942.service: Deactivated successfully. Feb 9 12:36:35.609000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@49-86.109.11.101:22-104.248.145.46:54942 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:35.704406 kernel: audit: type=1131 audit(1707482195.609:1464): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@49-86.109.11.101:22-104.248.145.46:54942 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:36.039732 systemd[1]: Started sshd@50-86.109.11.101:22-101.35.54.203:46936.service. Feb 9 12:36:36.038000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@50-86.109.11.101:22-101.35.54.203:46936 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:36.131409 kernel: audit: type=1130 audit(1707482196.038:1465): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@50-86.109.11.101:22-101.35.54.203:46936 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:36.806577 sshd[5736]: Invalid user zayer from 101.35.54.203 port 46936 Feb 9 12:36:36.812708 sshd[5736]: pam_faillock(sshd:auth): User unknown Feb 9 12:36:36.813819 sshd[5736]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:36:36.813913 sshd[5736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.35.54.203 Feb 9 12:36:36.814966 sshd[5736]: pam_faillock(sshd:auth): User unknown Feb 9 12:36:36.813000 audit[5736]: USER_AUTH pid=5736 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="zayer" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:36:36.907310 kernel: audit: type=1100 audit(1707482196.813:1466): pid=5736 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="zayer" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:36:38.670510 sshd[5736]: Failed password for invalid user zayer from 101.35.54.203 port 46936 ssh2 Feb 9 12:36:39.037368 sshd[5736]: Received disconnect from 101.35.54.203 port 46936:11: Bye Bye [preauth] Feb 9 12:36:39.037368 sshd[5736]: Disconnected from invalid user zayer 101.35.54.203 port 46936 [preauth] Feb 9 12:36:39.039765 systemd[1]: sshd@50-86.109.11.101:22-101.35.54.203:46936.service: Deactivated successfully. Feb 9 12:36:39.039000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@50-86.109.11.101:22-101.35.54.203:46936 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:39.132429 kernel: audit: type=1131 audit(1707482199.039:1467): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@50-86.109.11.101:22-101.35.54.203:46936 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:39.219000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:36:39.219000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c000ff9dc0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:36:39.435610 kernel: audit: type=1400 audit(1707482199.219:1468): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:36:39.435643 kernel: audit: type=1300 audit(1707482199.219:1468): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c000ff9dc0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:36:39.435666 kernel: audit: type=1327 audit(1707482199.219:1468): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:36:39.219000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:36:39.529057 kernel: audit: type=1400 audit(1707482199.220:1469): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:36:39.220000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:36:39.619255 kernel: audit: type=1300 audit(1707482199.220:1469): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0030ecd40 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:36:39.220000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0030ecd40 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:36:39.739826 kernel: audit: type=1327 audit(1707482199.220:1469): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:36:39.220000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:36:39.833313 kernel: audit: type=1400 audit(1707482199.221:1470): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:36:39.221000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:36:39.923580 kernel: audit: type=1300 audit(1707482199.221:1470): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0030ecd60 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:36:39.221000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0030ecd60 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:36:39.221000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:36:39.223000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:36:39.223000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0030ecd80 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:36:39.223000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:36:48.363703 systemd[1]: Started sshd@51-86.109.11.101:22-163.228.248.90:26095.service. Feb 9 12:36:48.362000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@51-86.109.11.101:22-163.228.248.90:26095 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:48.403660 kernel: kauditd_printk_skb: 4 callbacks suppressed Feb 9 12:36:48.403760 kernel: audit: type=1130 audit(1707482208.362:1472): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@51-86.109.11.101:22-163.228.248.90:26095 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:49.530826 sshd[5746]: Invalid user zohrehhn from 163.228.248.90 port 26095 Feb 9 12:36:49.536303 sshd[5746]: pam_faillock(sshd:auth): User unknown Feb 9 12:36:49.537471 sshd[5746]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:36:49.537556 sshd[5746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.228.248.90 Feb 9 12:36:49.538463 sshd[5746]: pam_faillock(sshd:auth): User unknown Feb 9 12:36:49.537000 audit[5746]: USER_AUTH pid=5746 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="zohrehhn" exe="/usr/sbin/sshd" hostname=163.228.248.90 addr=163.228.248.90 terminal=ssh res=failed' Feb 9 12:36:49.633280 kernel: audit: type=1100 audit(1707482209.537:1473): pid=5746 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="zohrehhn" exe="/usr/sbin/sshd" hostname=163.228.248.90 addr=163.228.248.90 terminal=ssh res=failed' Feb 9 12:36:51.845294 sshd[5746]: Failed password for invalid user zohrehhn from 163.228.248.90 port 26095 ssh2 Feb 9 12:36:53.451799 sshd[5746]: Received disconnect from 163.228.248.90 port 26095:11: Bye Bye [preauth] Feb 9 12:36:53.451799 sshd[5746]: Disconnected from invalid user zohrehhn 163.228.248.90 port 26095 [preauth] Feb 9 12:36:53.454542 systemd[1]: sshd@51-86.109.11.101:22-163.228.248.90:26095.service: Deactivated successfully. Feb 9 12:36:53.453000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@51-86.109.11.101:22-163.228.248.90:26095 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:36:53.546235 kernel: audit: type=1131 audit(1707482213.453:1474): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@51-86.109.11.101:22-163.228.248.90:26095 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:13.070416 systemd[1]: Started sshd@52-86.109.11.101:22-43.156.225.133:43320.service. Feb 9 12:37:13.069000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@52-86.109.11.101:22-43.156.225.133:43320 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:13.162235 kernel: audit: type=1130 audit(1707482233.069:1475): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@52-86.109.11.101:22-43.156.225.133:43320 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:14.110309 sshd[5794]: Invalid user sunwoo from 43.156.225.133 port 43320 Feb 9 12:37:14.116368 sshd[5794]: pam_faillock(sshd:auth): User unknown Feb 9 12:37:14.117358 sshd[5794]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:37:14.117443 sshd[5794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.156.225.133 Feb 9 12:37:14.118300 sshd[5794]: pam_faillock(sshd:auth): User unknown Feb 9 12:37:14.117000 audit[5794]: USER_AUTH pid=5794 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="sunwoo" exe="/usr/sbin/sshd" hostname=43.156.225.133 addr=43.156.225.133 terminal=ssh res=failed' Feb 9 12:37:14.209234 kernel: audit: type=1100 audit(1707482234.117:1476): pid=5794 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="sunwoo" exe="/usr/sbin/sshd" hostname=43.156.225.133 addr=43.156.225.133 terminal=ssh res=failed' Feb 9 12:37:14.387862 systemd[1]: Started sshd@53-86.109.11.101:22-38.7.207.12:41290.service. Feb 9 12:37:14.387000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@53-86.109.11.101:22-38.7.207.12:41290 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:14.479235 kernel: audit: type=1130 audit(1707482234.387:1477): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@53-86.109.11.101:22-38.7.207.12:41290 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:15.318632 sshd[5797]: Invalid user zhongwen from 38.7.207.12 port 41290 Feb 9 12:37:15.324807 sshd[5797]: pam_faillock(sshd:auth): User unknown Feb 9 12:37:15.325809 sshd[5797]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:37:15.325900 sshd[5797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.7.207.12 Feb 9 12:37:15.326918 sshd[5797]: pam_faillock(sshd:auth): User unknown Feb 9 12:37:15.325000 audit[5797]: USER_AUTH pid=5797 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="zhongwen" exe="/usr/sbin/sshd" hostname=38.7.207.12 addr=38.7.207.12 terminal=ssh res=failed' Feb 9 12:37:15.398121 systemd[1]: Started sshd@54-86.109.11.101:22-101.35.54.203:56020.service. Feb 9 12:37:15.397000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@54-86.109.11.101:22-101.35.54.203:56020 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:15.508552 kernel: audit: type=1100 audit(1707482235.325:1478): pid=5797 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="zhongwen" exe="/usr/sbin/sshd" hostname=38.7.207.12 addr=38.7.207.12 terminal=ssh res=failed' Feb 9 12:37:15.508588 kernel: audit: type=1130 audit(1707482235.397:1479): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@54-86.109.11.101:22-101.35.54.203:56020 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:16.186730 sshd[5800]: Invalid user amirmo from 101.35.54.203 port 56020 Feb 9 12:37:16.189477 sshd[5794]: Failed password for invalid user sunwoo from 43.156.225.133 port 43320 ssh2 Feb 9 12:37:16.192976 sshd[5800]: pam_faillock(sshd:auth): User unknown Feb 9 12:37:16.194014 sshd[5800]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:37:16.194107 sshd[5800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.35.54.203 Feb 9 12:37:16.195089 sshd[5800]: pam_faillock(sshd:auth): User unknown Feb 9 12:37:16.194000 audit[5800]: USER_AUTH pid=5800 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="amirmo" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:37:16.292417 kernel: audit: type=1100 audit(1707482236.194:1480): pid=5800 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="amirmo" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:37:17.338702 sshd[5794]: Received disconnect from 43.156.225.133 port 43320:11: Bye Bye [preauth] Feb 9 12:37:17.338702 sshd[5794]: Disconnected from invalid user sunwoo 43.156.225.133 port 43320 [preauth] Feb 9 12:37:17.341322 systemd[1]: sshd@52-86.109.11.101:22-43.156.225.133:43320.service: Deactivated successfully. Feb 9 12:37:17.340000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@52-86.109.11.101:22-43.156.225.133:43320 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:17.433277 kernel: audit: type=1131 audit(1707482237.340:1481): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@52-86.109.11.101:22-43.156.225.133:43320 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:17.534636 sshd[5797]: Failed password for invalid user zhongwen from 38.7.207.12 port 41290 ssh2 Feb 9 12:37:17.604036 systemd[1]: Started sshd@55-86.109.11.101:22-163.228.248.90:52346.service. Feb 9 12:37:17.603000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@55-86.109.11.101:22-163.228.248.90:52346 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:17.697314 kernel: audit: type=1130 audit(1707482237.603:1482): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@55-86.109.11.101:22-163.228.248.90:52346 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:18.493304 sshd[5805]: Invalid user ygyy from 163.228.248.90 port 52346 Feb 9 12:37:18.497014 systemd[1]: Started sshd@56-86.109.11.101:22-43.153.64.49:59250.service. Feb 9 12:37:18.496000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@56-86.109.11.101:22-43.153.64.49:59250 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:18.500382 sshd[5805]: pam_faillock(sshd:auth): User unknown Feb 9 12:37:18.501413 sshd[5805]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:37:18.501501 sshd[5805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.228.248.90 Feb 9 12:37:18.502330 sshd[5805]: pam_faillock(sshd:auth): User unknown Feb 9 12:37:18.542302 sshd[5800]: Failed password for invalid user amirmo from 101.35.54.203 port 56020 ssh2 Feb 9 12:37:18.501000 audit[5805]: USER_AUTH pid=5805 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="ygyy" exe="/usr/sbin/sshd" hostname=163.228.248.90 addr=163.228.248.90 terminal=ssh res=failed' Feb 9 12:37:18.678009 kernel: audit: type=1130 audit(1707482238.496:1483): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@56-86.109.11.101:22-43.153.64.49:59250 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:18.678074 kernel: audit: type=1100 audit(1707482238.501:1484): pid=5805 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="ygyy" exe="/usr/sbin/sshd" hostname=163.228.248.90 addr=163.228.248.90 terminal=ssh res=failed' Feb 9 12:37:18.740750 sshd[5808]: Invalid user erzaran from 43.153.64.49 port 59250 Feb 9 12:37:18.742433 sshd[5808]: pam_faillock(sshd:auth): User unknown Feb 9 12:37:18.742748 sshd[5808]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:37:18.742775 sshd[5808]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.153.64.49 Feb 9 12:37:18.743040 sshd[5808]: pam_faillock(sshd:auth): User unknown Feb 9 12:37:18.741000 audit[5808]: USER_AUTH pid=5808 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="erzaran" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:37:18.833278 kernel: audit: type=1100 audit(1707482238.741:1485): pid=5808 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="erzaran" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:37:19.790477 sshd[5805]: Failed password for invalid user ygyy from 163.228.248.90 port 52346 ssh2 Feb 9 12:37:19.862358 sshd[5797]: Received disconnect from 38.7.207.12 port 41290:11: Bye Bye [preauth] Feb 9 12:37:19.862358 sshd[5797]: Disconnected from invalid user zhongwen 38.7.207.12 port 41290 [preauth] Feb 9 12:37:19.864685 systemd[1]: sshd@53-86.109.11.101:22-38.7.207.12:41290.service: Deactivated successfully. Feb 9 12:37:19.863000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@53-86.109.11.101:22-38.7.207.12:41290 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:19.959234 kernel: audit: type=1131 audit(1707482239.863:1486): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@53-86.109.11.101:22-38.7.207.12:41290 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:20.031296 sshd[5808]: Failed password for invalid user erzaran from 43.153.64.49 port 59250 ssh2 Feb 9 12:37:20.053567 sshd[5808]: Received disconnect from 43.153.64.49 port 59250:11: Bye Bye [preauth] Feb 9 12:37:20.053567 sshd[5808]: Disconnected from invalid user erzaran 43.153.64.49 port 59250 [preauth] Feb 9 12:37:20.055681 systemd[1]: sshd@56-86.109.11.101:22-43.153.64.49:59250.service: Deactivated successfully. Feb 9 12:37:20.054000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@56-86.109.11.101:22-43.153.64.49:59250 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:20.136213 sshd[5800]: Received disconnect from 101.35.54.203 port 56020:11: Bye Bye [preauth] Feb 9 12:37:20.136213 sshd[5800]: Disconnected from invalid user amirmo 101.35.54.203 port 56020 [preauth] Feb 9 12:37:20.136848 systemd[1]: sshd@54-86.109.11.101:22-101.35.54.203:56020.service: Deactivated successfully. Feb 9 12:37:20.135000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@54-86.109.11.101:22-101.35.54.203:56020 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:20.237366 kernel: audit: type=1131 audit(1707482240.054:1487): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@56-86.109.11.101:22-43.153.64.49:59250 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:20.237403 kernel: audit: type=1131 audit(1707482240.135:1488): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@54-86.109.11.101:22-101.35.54.203:56020 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:20.697137 sshd[5805]: Received disconnect from 163.228.248.90 port 52346:11: Bye Bye [preauth] Feb 9 12:37:20.697137 sshd[5805]: Disconnected from invalid user ygyy 163.228.248.90 port 52346 [preauth] Feb 9 12:37:20.699740 systemd[1]: sshd@55-86.109.11.101:22-163.228.248.90:52346.service: Deactivated successfully. Feb 9 12:37:20.699000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@55-86.109.11.101:22-163.228.248.90:52346 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:20.796236 kernel: audit: type=1131 audit(1707482240.699:1489): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@55-86.109.11.101:22-163.228.248.90:52346 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:23.326000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:37:23.326000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c000f08900 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:37:23.544101 kernel: audit: type=1400 audit(1707482243.326:1490): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:37:23.544192 kernel: audit: type=1300 audit(1707482243.326:1490): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c000f08900 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:37:23.544215 kernel: audit: type=1327 audit(1707482243.326:1490): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:37:23.326000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:37:23.638808 kernel: audit: type=1400 audit(1707482243.326:1491): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:37:23.326000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:37:23.730309 kernel: audit: type=1300 audit(1707482243.326:1491): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0008d9600 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:37:23.326000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0008d9600 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:37:23.326000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:37:23.946978 kernel: audit: type=1327 audit(1707482243.326:1491): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:37:23.947006 kernel: audit: type=1400 audit(1707482243.458:1492): avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:37:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:37:24.038313 kernel: audit: type=1300 audit(1707482243.458:1492): arch=c000003e syscall=254 success=no exit=-13 a0=5f a1=c00773cfe0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:37:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5f a1=c00773cfe0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:37:24.137747 kernel: audit: type=1327 audit(1707482243.458:1492): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:37:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:37:24.232040 kernel: audit: type=1400 audit(1707482243.458:1493): avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="sda9" ino=521013 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:37:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="sda9" ino=521013 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:37:24.324602 kernel: audit: type=1300 audit(1707482243.458:1493): arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c014c3a4b0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:37:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c014c3a4b0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:37:24.423982 kernel: audit: type=1327 audit(1707482243.458:1493): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:37:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:37:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:37:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c01229f350 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:37:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:37:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="sda9" ino=521007 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:37:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c01229f3e0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:37:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:37:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:37:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c0081ffb80 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:37:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:37:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:37:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c0152ce8d0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:37:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:37:33.071104 systemd[1]: Started sshd@57-86.109.11.101:22-104.248.145.46:34262.service. Feb 9 12:37:33.071000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@57-86.109.11.101:22-104.248.145.46:34262 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:33.098518 kernel: kauditd_printk_skb: 12 callbacks suppressed Feb 9 12:37:33.098593 kernel: audit: type=1130 audit(1707482253.071:1498): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@57-86.109.11.101:22-104.248.145.46:34262 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:34.089437 sshd[5846]: Invalid user esmat from 104.248.145.46 port 34262 Feb 9 12:37:34.090877 sshd[5846]: pam_faillock(sshd:auth): User unknown Feb 9 12:37:34.091123 sshd[5846]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:37:34.091144 sshd[5846]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.145.46 Feb 9 12:37:34.091395 sshd[5846]: pam_faillock(sshd:auth): User unknown Feb 9 12:37:34.091000 audit[5846]: USER_AUTH pid=5846 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="esmat" exe="/usr/sbin/sshd" hostname=104.248.145.46 addr=104.248.145.46 terminal=ssh res=failed' Feb 9 12:37:34.183304 kernel: audit: type=1100 audit(1707482254.091:1499): pid=5846 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="esmat" exe="/usr/sbin/sshd" hostname=104.248.145.46 addr=104.248.145.46 terminal=ssh res=failed' Feb 9 12:37:35.839430 systemd[1]: Started sshd@58-86.109.11.101:22-106.54.212.205:38526.service. Feb 9 12:37:35.839000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@58-86.109.11.101:22-106.54.212.205:38526 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:35.931359 kernel: audit: type=1130 audit(1707482255.839:1500): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@58-86.109.11.101:22-106.54.212.205:38526 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:36.910612 sshd[5846]: Failed password for invalid user esmat from 104.248.145.46 port 34262 ssh2 Feb 9 12:37:38.997899 sshd[5846]: Received disconnect from 104.248.145.46 port 34262:11: Bye Bye [preauth] Feb 9 12:37:38.997899 sshd[5846]: Disconnected from invalid user esmat 104.248.145.46 port 34262 [preauth] Feb 9 12:37:39.000434 systemd[1]: sshd@57-86.109.11.101:22-104.248.145.46:34262.service: Deactivated successfully. Feb 9 12:37:39.000000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@57-86.109.11.101:22-104.248.145.46:34262 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:39.093310 kernel: audit: type=1131 audit(1707482259.000:1501): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@57-86.109.11.101:22-104.248.145.46:34262 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:39.220000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:37:39.220000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001f161e0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:37:39.441050 kernel: audit: type=1400 audit(1707482259.220:1502): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:37:39.441081 kernel: audit: type=1300 audit(1707482259.220:1502): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001f161e0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:37:39.441099 kernel: audit: type=1327 audit(1707482259.220:1502): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:37:39.220000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:37:39.534586 kernel: audit: type=1400 audit(1707482259.222:1503): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:37:39.222000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:37:39.624893 kernel: audit: type=1300 audit(1707482259.222:1503): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0008d9d80 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:37:39.222000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0008d9d80 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:37:39.745685 kernel: audit: type=1327 audit(1707482259.222:1503): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:37:39.222000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:37:39.839258 kernel: audit: type=1400 audit(1707482259.223:1504): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:37:39.223000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:37:39.929678 kernel: audit: type=1300 audit(1707482259.223:1504): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0007c15c0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:37:39.223000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0007c15c0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:37:40.050570 kernel: audit: type=1327 audit(1707482259.223:1504): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:37:39.223000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:37:39.224000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:37:39.224000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0007c15e0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:37:39.224000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:37:46.487832 systemd[1]: Started sshd@59-86.109.11.101:22-163.228.248.90:51497.service. Feb 9 12:37:46.487000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@59-86.109.11.101:22-163.228.248.90:51497 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:46.515309 kernel: kauditd_printk_skb: 3 callbacks suppressed Feb 9 12:37:46.515364 kernel: audit: type=1130 audit(1707482266.487:1506): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@59-86.109.11.101:22-163.228.248.90:51497 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:47.395303 sshd[5855]: Invalid user pkletow from 163.228.248.90 port 51497 Feb 9 12:37:47.401324 sshd[5855]: pam_faillock(sshd:auth): User unknown Feb 9 12:37:47.402319 sshd[5855]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:37:47.402404 sshd[5855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.228.248.90 Feb 9 12:37:47.403258 sshd[5855]: pam_faillock(sshd:auth): User unknown Feb 9 12:37:47.402000 audit[5855]: USER_AUTH pid=5855 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="pkletow" exe="/usr/sbin/sshd" hostname=163.228.248.90 addr=163.228.248.90 terminal=ssh res=failed' Feb 9 12:37:47.497311 kernel: audit: type=1100 audit(1707482267.402:1507): pid=5855 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="pkletow" exe="/usr/sbin/sshd" hostname=163.228.248.90 addr=163.228.248.90 terminal=ssh res=failed' Feb 9 12:37:49.670472 sshd[5855]: Failed password for invalid user pkletow from 163.228.248.90 port 51497 ssh2 Feb 9 12:37:51.279330 sshd[5855]: Received disconnect from 163.228.248.90 port 51497:11: Bye Bye [preauth] Feb 9 12:37:51.279330 sshd[5855]: Disconnected from invalid user pkletow 163.228.248.90 port 51497 [preauth] Feb 9 12:37:51.281926 systemd[1]: sshd@59-86.109.11.101:22-163.228.248.90:51497.service: Deactivated successfully. Feb 9 12:37:51.281000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@59-86.109.11.101:22-163.228.248.90:51497 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:51.373288 kernel: audit: type=1131 audit(1707482271.281:1508): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@59-86.109.11.101:22-163.228.248.90:51497 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:54.162147 systemd[1]: Started sshd@60-86.109.11.101:22-101.35.54.203:36876.service. Feb 9 12:37:54.161000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@60-86.109.11.101:22-101.35.54.203:36876 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:54.254422 kernel: audit: type=1130 audit(1707482274.161:1509): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@60-86.109.11.101:22-101.35.54.203:36876 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:54.965397 sshd[5887]: Invalid user gyh from 101.35.54.203 port 36876 Feb 9 12:37:54.971613 sshd[5887]: pam_faillock(sshd:auth): User unknown Feb 9 12:37:54.972653 sshd[5887]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:37:54.972747 sshd[5887]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.35.54.203 Feb 9 12:37:54.973676 sshd[5887]: pam_faillock(sshd:auth): User unknown Feb 9 12:37:54.972000 audit[5887]: USER_AUTH pid=5887 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="gyh" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:37:55.066426 kernel: audit: type=1100 audit(1707482274.972:1510): pid=5887 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="gyh" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:37:56.202508 sshd[5887]: Failed password for invalid user gyh from 101.35.54.203 port 36876 ssh2 Feb 9 12:37:56.752963 sshd[5887]: Received disconnect from 101.35.54.203 port 36876:11: Bye Bye [preauth] Feb 9 12:37:56.752963 sshd[5887]: Disconnected from invalid user gyh 101.35.54.203 port 36876 [preauth] Feb 9 12:37:56.755553 systemd[1]: sshd@60-86.109.11.101:22-101.35.54.203:36876.service: Deactivated successfully. Feb 9 12:37:56.754000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@60-86.109.11.101:22-101.35.54.203:36876 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:37:56.848416 kernel: audit: type=1131 audit(1707482276.754:1511): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@60-86.109.11.101:22-101.35.54.203:36876 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:38:12.144797 systemd[1]: Started sshd@61-86.109.11.101:22-43.153.64.49:49690.service. Feb 9 12:38:12.143000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@61-86.109.11.101:22-43.153.64.49:49690 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:38:12.237235 kernel: audit: type=1130 audit(1707482292.143:1512): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@61-86.109.11.101:22-43.153.64.49:49690 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:38:12.307926 sshd[5895]: Invalid user johnli from 43.153.64.49 port 49690 Feb 9 12:38:12.314123 sshd[5895]: pam_faillock(sshd:auth): User unknown Feb 9 12:38:12.315329 sshd[5895]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:38:12.315417 sshd[5895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.153.64.49 Feb 9 12:38:12.316411 sshd[5895]: pam_faillock(sshd:auth): User unknown Feb 9 12:38:12.315000 audit[5895]: USER_AUTH pid=5895 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="johnli" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:38:12.413233 kernel: audit: type=1100 audit(1707482292.315:1513): pid=5895 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="johnli" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:38:13.685507 sshd[5895]: Failed password for invalid user johnli from 43.153.64.49 port 49690 ssh2 Feb 9 12:38:13.959755 sshd[5895]: Received disconnect from 43.153.64.49 port 49690:11: Bye Bye [preauth] Feb 9 12:38:13.959755 sshd[5895]: Disconnected from invalid user johnli 43.153.64.49 port 49690 [preauth] Feb 9 12:38:13.962207 systemd[1]: sshd@61-86.109.11.101:22-43.153.64.49:49690.service: Deactivated successfully. Feb 9 12:38:13.961000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@61-86.109.11.101:22-43.153.64.49:49690 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:38:14.055422 kernel: audit: type=1131 audit(1707482293.961:1514): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@61-86.109.11.101:22-43.153.64.49:49690 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:38:15.739484 systemd[1]: Started sshd@62-86.109.11.101:22-43.156.225.133:33886.service. Feb 9 12:38:15.738000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@62-86.109.11.101:22-43.156.225.133:33886 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:38:15.832425 kernel: audit: type=1130 audit(1707482295.738:1515): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@62-86.109.11.101:22-43.156.225.133:33886 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:38:16.780899 sshd[5900]: Invalid user sanagoblin from 43.156.225.133 port 33886 Feb 9 12:38:16.787000 sshd[5900]: pam_faillock(sshd:auth): User unknown Feb 9 12:38:16.788018 sshd[5900]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:38:16.788109 sshd[5900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.156.225.133 Feb 9 12:38:16.789081 sshd[5900]: pam_faillock(sshd:auth): User unknown Feb 9 12:38:16.788000 audit[5900]: USER_AUTH pid=5900 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="sanagoblin" exe="/usr/sbin/sshd" hostname=43.156.225.133 addr=43.156.225.133 terminal=ssh res=failed' Feb 9 12:38:16.882296 kernel: audit: type=1100 audit(1707482296.788:1516): pid=5900 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="sanagoblin" exe="/usr/sbin/sshd" hostname=43.156.225.133 addr=43.156.225.133 terminal=ssh res=failed' Feb 9 12:38:18.705588 sshd[5900]: Failed password for invalid user sanagoblin from 43.156.225.133 port 33886 ssh2 Feb 9 12:38:19.862540 sshd[5900]: Received disconnect from 43.156.225.133 port 33886:11: Bye Bye [preauth] Feb 9 12:38:19.862540 sshd[5900]: Disconnected from invalid user sanagoblin 43.156.225.133 port 33886 [preauth] Feb 9 12:38:19.865192 systemd[1]: sshd@62-86.109.11.101:22-43.156.225.133:33886.service: Deactivated successfully. Feb 9 12:38:19.864000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@62-86.109.11.101:22-43.156.225.133:33886 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:38:19.960245 kernel: audit: type=1131 audit(1707482299.864:1517): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@62-86.109.11.101:22-43.156.225.133:33886 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:38:21.428904 systemd[1]: Started sshd@63-86.109.11.101:22-38.7.207.12:60216.service. Feb 9 12:38:21.428000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@63-86.109.11.101:22-38.7.207.12:60216 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:38:21.525305 kernel: audit: type=1130 audit(1707482301.428:1518): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@63-86.109.11.101:22-38.7.207.12:60216 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:38:22.334035 sshd[5905]: Invalid user sunwoo from 38.7.207.12 port 60216 Feb 9 12:38:22.335205 sshd[5905]: pam_faillock(sshd:auth): User unknown Feb 9 12:38:22.335532 sshd[5905]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:38:22.335578 sshd[5905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.7.207.12 Feb 9 12:38:22.335774 sshd[5905]: pam_faillock(sshd:auth): User unknown Feb 9 12:38:22.334000 audit[5905]: USER_AUTH pid=5905 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="sunwoo" exe="/usr/sbin/sshd" hostname=38.7.207.12 addr=38.7.207.12 terminal=ssh res=failed' Feb 9 12:38:22.429292 kernel: audit: type=1100 audit(1707482302.334:1519): pid=5905 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="sunwoo" exe="/usr/sbin/sshd" hostname=38.7.207.12 addr=38.7.207.12 terminal=ssh res=failed' Feb 9 12:38:23.326000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:38:23.326000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c000fcc780 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:38:23.550309 kernel: audit: type=1400 audit(1707482303.326:1520): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:38:23.550378 kernel: audit: type=1300 audit(1707482303.326:1520): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c000fcc780 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:38:23.550398 kernel: audit: type=1327 audit(1707482303.326:1520): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:38:23.326000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:38:23.646388 kernel: audit: type=1400 audit(1707482303.326:1521): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:38:23.326000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:38:23.739630 kernel: audit: type=1300 audit(1707482303.326:1521): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c002631650 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:38:23.326000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c002631650 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:38:23.862704 kernel: audit: type=1327 audit(1707482303.326:1521): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:38:23.326000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:38:23.957207 kernel: audit: type=1400 audit(1707482303.458:1522): avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:38:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:38:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c012312480 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:38:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:38:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="sda9" ino=521007 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:38:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c00445ec60 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:38:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:38:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:38:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5f a1=c008525ca0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:38:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:38:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="sda9" ino=521013 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:38:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=60 a1=c014724e70 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:38:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:38:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:38:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5f a1=c013c74d20 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:38:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:38:23.458000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:38:23.458000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5f a1=c00d8b1410 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:38:23.458000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:38:24.743468 sshd[5905]: Failed password for invalid user sunwoo from 38.7.207.12 port 60216 ssh2 Feb 9 12:38:25.535162 sshd[5905]: Received disconnect from 38.7.207.12 port 60216:11: Bye Bye [preauth] Feb 9 12:38:25.535162 sshd[5905]: Disconnected from invalid user sunwoo 38.7.207.12 port 60216 [preauth] Feb 9 12:38:25.537610 systemd[1]: sshd@63-86.109.11.101:22-38.7.207.12:60216.service: Deactivated successfully. Feb 9 12:38:25.536000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@63-86.109.11.101:22-38.7.207.12:60216 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:38:25.565189 kernel: kauditd_printk_skb: 17 callbacks suppressed Feb 9 12:38:25.565223 kernel: audit: type=1131 audit(1707482305.536:1528): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@63-86.109.11.101:22-38.7.207.12:60216 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:38:31.909130 systemd[1]: Started sshd@64-86.109.11.101:22-101.35.54.203:45966.service. Feb 9 12:38:31.907000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@64-86.109.11.101:22-101.35.54.203:45966 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:38:32.001311 kernel: audit: type=1130 audit(1707482311.907:1529): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@64-86.109.11.101:22-101.35.54.203:45966 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:38:32.693980 sshd[5938]: Invalid user manooch from 101.35.54.203 port 45966 Feb 9 12:38:32.700115 sshd[5938]: pam_faillock(sshd:auth): User unknown Feb 9 12:38:32.701169 sshd[5938]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:38:32.701297 sshd[5938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.35.54.203 Feb 9 12:38:32.702177 sshd[5938]: pam_faillock(sshd:auth): User unknown Feb 9 12:38:32.701000 audit[5938]: USER_AUTH pid=5938 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="manooch" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:38:32.795425 kernel: audit: type=1100 audit(1707482312.701:1530): pid=5938 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="manooch" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:38:33.988576 systemd[1]: Started sshd@65-86.109.11.101:22-104.248.145.46:52366.service. Feb 9 12:38:33.987000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@65-86.109.11.101:22-104.248.145.46:52366 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:38:34.081347 kernel: audit: type=1130 audit(1707482313.987:1531): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@65-86.109.11.101:22-104.248.145.46:52366 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:38:34.814383 sshd[5938]: Failed password for invalid user manooch from 101.35.54.203 port 45966 ssh2 Feb 9 12:38:34.966831 sshd[5941]: Invalid user alfa from 104.248.145.46 port 52366 Feb 9 12:38:34.972894 sshd[5941]: pam_faillock(sshd:auth): User unknown Feb 9 12:38:34.974099 sshd[5941]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:38:34.974190 sshd[5941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.145.46 Feb 9 12:38:34.975115 sshd[5941]: pam_faillock(sshd:auth): User unknown Feb 9 12:38:34.974000 audit[5941]: USER_AUTH pid=5941 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="alfa" exe="/usr/sbin/sshd" hostname=104.248.145.46 addr=104.248.145.46 terminal=ssh res=failed' Feb 9 12:38:35.067235 kernel: audit: type=1100 audit(1707482314.974:1532): pid=5941 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="alfa" exe="/usr/sbin/sshd" hostname=104.248.145.46 addr=104.248.145.46 terminal=ssh res=failed' Feb 9 12:38:36.921536 sshd[5938]: Received disconnect from 101.35.54.203 port 45966:11: Bye Bye [preauth] Feb 9 12:38:36.921536 sshd[5938]: Disconnected from invalid user manooch 101.35.54.203 port 45966 [preauth] Feb 9 12:38:36.924006 systemd[1]: sshd@64-86.109.11.101:22-101.35.54.203:45966.service: Deactivated successfully. Feb 9 12:38:36.923000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@64-86.109.11.101:22-101.35.54.203:45966 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:38:37.017321 kernel: audit: type=1131 audit(1707482316.923:1533): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@64-86.109.11.101:22-101.35.54.203:45966 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:38:37.031507 sshd[5941]: Failed password for invalid user alfa from 104.248.145.46 port 52366 ssh2 Feb 9 12:38:39.154399 sshd[5941]: Received disconnect from 104.248.145.46 port 52366:11: Bye Bye [preauth] Feb 9 12:38:39.154399 sshd[5941]: Disconnected from invalid user alfa 104.248.145.46 port 52366 [preauth] Feb 9 12:38:39.155188 systemd[1]: sshd@65-86.109.11.101:22-104.248.145.46:52366.service: Deactivated successfully. Feb 9 12:38:39.154000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@65-86.109.11.101:22-104.248.145.46:52366 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:38:39.220000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:38:39.338568 kernel: audit: type=1131 audit(1707482319.154:1534): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@65-86.109.11.101:22-104.248.145.46:52366 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:38:39.338606 kernel: audit: type=1400 audit(1707482319.220:1535): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:38:39.338622 kernel: audit: type=1300 audit(1707482319.220:1535): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c00130eac0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:38:39.220000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c00130eac0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:38:39.459265 kernel: audit: type=1327 audit(1707482319.220:1535): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:38:39.220000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:38:39.552609 kernel: audit: type=1400 audit(1707482319.221:1536): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:38:39.221000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:38:39.643010 kernel: audit: type=1300 audit(1707482319.221:1536): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0001b5c40 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:38:39.221000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0001b5c40 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:38:39.763763 kernel: audit: type=1327 audit(1707482319.221:1536): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:38:39.221000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:38:39.857524 kernel: audit: type=1400 audit(1707482319.223:1537): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:38:39.223000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:38:39.950091 kernel: audit: type=1300 audit(1707482319.223:1537): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c002f9daa0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:38:39.223000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c002f9daa0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:38:39.223000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:38:39.224000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:38:39.224000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0001b5e80 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:38:39.224000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:39:07.960909 systemd[1]: Started sshd@66-86.109.11.101:22-101.35.54.203:55042.service. Feb 9 12:39:07.960000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@66-86.109.11.101:22-101.35.54.203:55042 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:07.988712 kernel: kauditd_printk_skb: 4 callbacks suppressed Feb 9 12:39:07.988815 kernel: audit: type=1130 audit(1707482347.960:1539): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@66-86.109.11.101:22-101.35.54.203:55042 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:08.757033 sshd[5992]: Invalid user fangjunzhang from 101.35.54.203 port 55042 Feb 9 12:39:08.763090 sshd[5992]: pam_faillock(sshd:auth): User unknown Feb 9 12:39:08.764152 sshd[5992]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:39:08.764285 sshd[5992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.35.54.203 Feb 9 12:39:08.765173 sshd[5992]: pam_faillock(sshd:auth): User unknown Feb 9 12:39:08.765000 audit[5992]: USER_AUTH pid=5992 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="fangjunzhang" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:39:08.858435 kernel: audit: type=1100 audit(1707482348.765:1540): pid=5992 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="fangjunzhang" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:39:09.532817 systemd[1]: Started sshd@67-86.109.11.101:22-43.153.64.49:40124.service. Feb 9 12:39:09.532000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@67-86.109.11.101:22-43.153.64.49:40124 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:09.625300 kernel: audit: type=1130 audit(1707482349.532:1541): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@67-86.109.11.101:22-43.153.64.49:40124 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:09.692882 sshd[5995]: Invalid user ryo from 43.153.64.49 port 40124 Feb 9 12:39:09.694838 sshd[5995]: pam_faillock(sshd:auth): User unknown Feb 9 12:39:09.695199 sshd[5995]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:39:09.695236 sshd[5995]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.153.64.49 Feb 9 12:39:09.695518 sshd[5995]: pam_faillock(sshd:auth): User unknown Feb 9 12:39:09.695000 audit[5995]: USER_AUTH pid=5995 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="ryo" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:39:09.786318 kernel: audit: type=1100 audit(1707482349.695:1542): pid=5995 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="ryo" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:39:10.821484 sshd[5992]: Failed password for invalid user fangjunzhang from 101.35.54.203 port 55042 ssh2 Feb 9 12:39:11.556422 sshd[5995]: Failed password for invalid user ryo from 43.153.64.49 port 40124 ssh2 Feb 9 12:39:11.895116 sshd[5992]: Received disconnect from 101.35.54.203 port 55042:11: Bye Bye [preauth] Feb 9 12:39:11.895116 sshd[5992]: Disconnected from invalid user fangjunzhang 101.35.54.203 port 55042 [preauth] Feb 9 12:39:11.897546 systemd[1]: sshd@66-86.109.11.101:22-101.35.54.203:55042.service: Deactivated successfully. Feb 9 12:39:11.897000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@66-86.109.11.101:22-101.35.54.203:55042 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:11.989740 sshd[5995]: Received disconnect from 43.153.64.49 port 40124:11: Bye Bye [preauth] Feb 9 12:39:11.989740 sshd[5995]: Disconnected from invalid user ryo 43.153.64.49 port 40124 [preauth] Feb 9 12:39:11.990153 systemd[1]: sshd@67-86.109.11.101:22-43.153.64.49:40124.service: Deactivated successfully. Feb 9 12:39:11.990289 kernel: audit: type=1131 audit(1707482351.897:1543): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@66-86.109.11.101:22-101.35.54.203:55042 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:11.990325 kernel: audit: type=1131 audit(1707482351.990:1544): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@67-86.109.11.101:22-43.153.64.49:40124 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:11.990000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@67-86.109.11.101:22-43.153.64.49:40124 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:16.596777 systemd[1]: Started sshd@68-86.109.11.101:22-106.54.212.205:55040.service. Feb 9 12:39:16.596000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@68-86.109.11.101:22-106.54.212.205:55040 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:16.689400 kernel: audit: type=1130 audit(1707482356.596:1545): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@68-86.109.11.101:22-106.54.212.205:55040 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:17.369270 systemd[1]: Started sshd@69-86.109.11.101:22-43.156.225.133:52686.service. Feb 9 12:39:17.369000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@69-86.109.11.101:22-43.156.225.133:52686 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:17.462312 kernel: audit: type=1130 audit(1707482357.369:1546): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@69-86.109.11.101:22-43.156.225.133:52686 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:18.116450 sshd[6008]: Invalid user djcamper from 106.54.212.205 port 55040 Feb 9 12:39:18.122909 sshd[6008]: pam_faillock(sshd:auth): User unknown Feb 9 12:39:18.124066 sshd[6008]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:39:18.124159 sshd[6008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.212.205 Feb 9 12:39:18.125132 sshd[6008]: pam_faillock(sshd:auth): User unknown Feb 9 12:39:18.125000 audit[6008]: USER_AUTH pid=6008 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="djcamper" exe="/usr/sbin/sshd" hostname=106.54.212.205 addr=106.54.212.205 terminal=ssh res=failed' Feb 9 12:39:18.223431 kernel: audit: type=1100 audit(1707482358.125:1547): pid=6008 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="djcamper" exe="/usr/sbin/sshd" hostname=106.54.212.205 addr=106.54.212.205 terminal=ssh res=failed' Feb 9 12:39:18.401729 sshd[6010]: Invalid user hombie from 43.156.225.133 port 52686 Feb 9 12:39:18.407319 sshd[6010]: pam_faillock(sshd:auth): User unknown Feb 9 12:39:18.408357 sshd[6010]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:39:18.408460 sshd[6010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.156.225.133 Feb 9 12:39:18.409396 sshd[6010]: pam_faillock(sshd:auth): User unknown Feb 9 12:39:18.409000 audit[6010]: USER_AUTH pid=6010 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="hombie" exe="/usr/sbin/sshd" hostname=43.156.225.133 addr=43.156.225.133 terminal=ssh res=failed' Feb 9 12:39:18.502313 kernel: audit: type=1100 audit(1707482358.409:1548): pid=6010 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="hombie" exe="/usr/sbin/sshd" hostname=43.156.225.133 addr=43.156.225.133 terminal=ssh res=failed' Feb 9 12:39:20.221937 sshd[6008]: Failed password for invalid user djcamper from 106.54.212.205 port 55040 ssh2 Feb 9 12:39:20.381356 sshd[6008]: Received disconnect from 106.54.212.205 port 55040:11: Bye Bye [preauth] Feb 9 12:39:20.381356 sshd[6008]: Disconnected from invalid user djcamper 106.54.212.205 port 55040 [preauth] Feb 9 12:39:20.384373 systemd[1]: sshd@68-86.109.11.101:22-106.54.212.205:55040.service: Deactivated successfully. Feb 9 12:39:20.384000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@68-86.109.11.101:22-106.54.212.205:55040 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:20.477239 kernel: audit: type=1131 audit(1707482360.384:1549): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@68-86.109.11.101:22-106.54.212.205:55040 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:20.506009 sshd[6010]: Failed password for invalid user hombie from 43.156.225.133 port 52686 ssh2 Feb 9 12:39:21.601026 systemd[1]: Started sshd@70-86.109.11.101:22-180.101.88.196:21626.service. Feb 9 12:39:21.601000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@70-86.109.11.101:22-180.101.88.196:21626 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:21.696239 kernel: audit: type=1130 audit(1707482361.601:1550): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@70-86.109.11.101:22-180.101.88.196:21626 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:21.879788 sshd[6010]: Received disconnect from 43.156.225.133 port 52686:11: Bye Bye [preauth] Feb 9 12:39:21.879788 sshd[6010]: Disconnected from invalid user hombie 43.156.225.133 port 52686 [preauth] Feb 9 12:39:21.882179 systemd[1]: sshd@69-86.109.11.101:22-43.156.225.133:52686.service: Deactivated successfully. Feb 9 12:39:21.882000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@69-86.109.11.101:22-43.156.225.133:52686 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:21.977273 kernel: audit: type=1131 audit(1707482361.882:1551): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@69-86.109.11.101:22-43.156.225.133:52686 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:22.710348 sshd[6018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.101.88.196 user=root Feb 9 12:39:22.709000 audit[6018]: USER_AUTH pid=6018 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=180.101.88.196 addr=180.101.88.196 terminal=ssh res=failed' Feb 9 12:39:22.801423 kernel: audit: type=1100 audit(1707482362.709:1552): pid=6018 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=180.101.88.196 addr=180.101.88.196 terminal=ssh res=failed' Feb 9 12:39:23.328000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:39:23.328000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001f49230 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:39:23.546452 kernel: audit: type=1400 audit(1707482363.328:1553): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:39:23.546539 kernel: audit: type=1300 audit(1707482363.328:1553): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001f49230 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:39:23.546574 kernel: audit: type=1327 audit(1707482363.328:1553): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:39:23.328000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:39:23.641766 kernel: audit: type=1400 audit(1707482363.328:1554): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:39:23.328000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:39:23.735045 kernel: audit: type=1300 audit(1707482363.328:1554): arch=c000003e syscall=254 success=no exit=-13 a0=b a1=c001f909a0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:39:23.328000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=b a1=c001f909a0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:39:23.857595 kernel: audit: type=1327 audit(1707482363.328:1554): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:39:23.328000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:39:23.954048 kernel: audit: type=1400 audit(1707482363.459:1555): avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:39:23.459000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:39:23.459000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c009aafbc0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:39:23.459000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:39:23.459000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:39:23.459000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c00a6ea5c0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:39:23.459000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:39:23.459000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="sda9" ino=521007 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:39:23.459000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5f a1=c009e75d70 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:39:23.459000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:39:23.459000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:39:23.459000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=5e a1=c0099c2960 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:39:23.459000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:39:23.459000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="sda9" ino=521013 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:39:23.459000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=60 a1=c0080ae480 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:39:23.459000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:39:23.459000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:39:23.459000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=60 a1=c00dbfd5f0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:39:23.459000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:39:24.686542 sshd[6018]: Failed password for root from 180.101.88.196 port 21626 ssh2 Feb 9 12:39:25.700538 systemd[1]: Started sshd@71-86.109.11.101:22-147.75.109.163:33434.service. Feb 9 12:39:25.699000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@71-86.109.11.101:22-147.75.109.163:33434 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:25.738105 sshd[6050]: Accepted publickey for core from 147.75.109.163 port 33434 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:39:25.737000 audit[6050]: USER_ACCT pid=6050 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:25.737000 audit[6050]: CRED_ACQ pid=6050 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:25.737000 audit[6050]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff993ee520 a2=3 a3=0 items=0 ppid=1 pid=6050 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=10 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:39:25.737000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:39:25.738938 sshd[6050]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:39:25.741808 systemd-logind[1465]: New session 10 of user core. Feb 9 12:39:25.742314 systemd[1]: Started session-10.scope. Feb 9 12:39:25.743000 audit[6050]: USER_START pid=6050 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:25.744000 audit[6052]: CRED_ACQ pid=6052 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:25.869428 sshd[6050]: pam_unix(sshd:session): session closed for user core Feb 9 12:39:25.869000 audit[6050]: USER_END pid=6050 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:25.869000 audit[6050]: CRED_DISP pid=6050 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:25.870911 systemd[1]: sshd@71-86.109.11.101:22-147.75.109.163:33434.service: Deactivated successfully. Feb 9 12:39:25.869000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@71-86.109.11.101:22-147.75.109.163:33434 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:25.871355 systemd[1]: session-10.scope: Deactivated successfully. Feb 9 12:39:25.871756 systemd-logind[1465]: Session 10 logged out. Waiting for processes to exit. Feb 9 12:39:25.872185 systemd-logind[1465]: Removed session 10. Feb 9 12:39:25.925491 systemd[1]: Started sshd@72-86.109.11.101:22-38.7.207.12:50906.service. Feb 9 12:39:25.924000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@72-86.109.11.101:22-38.7.207.12:50906 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:26.665000 audit[6018]: USER_AUTH pid=6018 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=180.101.88.196 addr=180.101.88.196 terminal=ssh res=failed' Feb 9 12:39:26.694921 kernel: kauditd_printk_skb: 29 callbacks suppressed Feb 9 12:39:26.694953 kernel: audit: type=1100 audit(1707482366.665:1571): pid=6018 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=180.101.88.196 addr=180.101.88.196 terminal=ssh res=failed' Feb 9 12:39:26.836174 sshd[6076]: Invalid user sanagoblin from 38.7.207.12 port 50906 Feb 9 12:39:26.837635 sshd[6076]: pam_faillock(sshd:auth): User unknown Feb 9 12:39:26.837922 sshd[6076]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:39:26.837943 sshd[6076]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.7.207.12 Feb 9 12:39:26.838145 sshd[6076]: pam_faillock(sshd:auth): User unknown Feb 9 12:39:26.837000 audit[6076]: USER_AUTH pid=6076 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="sanagoblin" exe="/usr/sbin/sshd" hostname=38.7.207.12 addr=38.7.207.12 terminal=ssh res=failed' Feb 9 12:39:26.929342 kernel: audit: type=1100 audit(1707482366.837:1572): pid=6076 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="sanagoblin" exe="/usr/sbin/sshd" hostname=38.7.207.12 addr=38.7.207.12 terminal=ssh res=failed' Feb 9 12:39:28.192273 sshd[6018]: Failed password for root from 180.101.88.196 port 21626 ssh2 Feb 9 12:39:28.363183 sshd[6076]: Failed password for invalid user sanagoblin from 38.7.207.12 port 50906 ssh2 Feb 9 12:39:29.798000 audit[6018]: USER_AUTH pid=6018 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=180.101.88.196 addr=180.101.88.196 terminal=ssh res=failed' Feb 9 12:39:29.888514 sshd[6076]: Received disconnect from 38.7.207.12 port 50906:11: Bye Bye [preauth] Feb 9 12:39:29.888514 sshd[6076]: Disconnected from invalid user sanagoblin 38.7.207.12 port 50906 [preauth] Feb 9 12:39:29.889187 systemd[1]: sshd@72-86.109.11.101:22-38.7.207.12:50906.service: Deactivated successfully. Feb 9 12:39:29.888000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@72-86.109.11.101:22-38.7.207.12:50906 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:29.981497 kernel: audit: type=1100 audit(1707482369.798:1573): pid=6018 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=180.101.88.196 addr=180.101.88.196 terminal=ssh res=failed' Feb 9 12:39:29.981533 kernel: audit: type=1131 audit(1707482369.888:1574): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@72-86.109.11.101:22-38.7.207.12:50906 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:30.881167 systemd[1]: Started sshd@73-86.109.11.101:22-147.75.109.163:33438.service. Feb 9 12:39:30.880000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@73-86.109.11.101:22-147.75.109.163:33438 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:30.974287 kernel: audit: type=1130 audit(1707482370.880:1575): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@73-86.109.11.101:22-147.75.109.163:33438 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:31.002000 audit[6084]: USER_ACCT pid=6084 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:31.003624 sshd[6084]: Accepted publickey for core from 147.75.109.163 port 33438 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:39:31.006904 sshd[6084]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:39:31.017147 systemd-logind[1465]: New session 11 of user core. Feb 9 12:39:31.019574 systemd[1]: Started session-11.scope. Feb 9 12:39:31.004000 audit[6084]: CRED_ACQ pid=6084 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:31.189881 kernel: audit: type=1101 audit(1707482371.002:1576): pid=6084 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:31.189915 kernel: audit: type=1103 audit(1707482371.004:1577): pid=6084 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:31.189928 kernel: audit: type=1006 audit(1707482371.004:1578): pid=6084 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=11 res=1 Feb 9 12:39:31.249126 kernel: audit: type=1300 audit(1707482371.004:1578): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffefb06b10 a2=3 a3=0 items=0 ppid=1 pid=6084 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=11 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:39:31.004000 audit[6084]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffefb06b10 a2=3 a3=0 items=0 ppid=1 pid=6084 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=11 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:39:31.342414 kernel: audit: type=1327 audit(1707482371.004:1578): proctitle=737368643A20636F7265205B707269765D Feb 9 12:39:31.004000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:39:31.342649 sshd[6084]: pam_unix(sshd:session): session closed for user core Feb 9 12:39:31.344007 systemd[1]: sshd@73-86.109.11.101:22-147.75.109.163:33438.service: Deactivated successfully. Feb 9 12:39:31.344443 systemd[1]: session-11.scope: Deactivated successfully. Feb 9 12:39:31.344863 systemd-logind[1465]: Session 11 logged out. Waiting for processes to exit. Feb 9 12:39:31.345426 systemd-logind[1465]: Removed session 11. Feb 9 12:39:31.030000 audit[6084]: USER_START pid=6084 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:31.032000 audit[6086]: CRED_ACQ pid=6086 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:31.342000 audit[6084]: USER_END pid=6084 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:31.342000 audit[6084]: CRED_DISP pid=6084 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:31.342000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@73-86.109.11.101:22-147.75.109.163:33438 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:31.403484 sshd[6018]: Failed password for root from 180.101.88.196 port 21626 ssh2 Feb 9 12:39:32.185319 systemd[1]: Started sshd@74-86.109.11.101:22-104.248.145.46:32936.service. Feb 9 12:39:32.184000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@74-86.109.11.101:22-104.248.145.46:32936 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:32.213221 kernel: kauditd_printk_skb: 5 callbacks suppressed Feb 9 12:39:32.213256 kernel: audit: type=1130 audit(1707482372.184:1584): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@74-86.109.11.101:22-104.248.145.46:32936 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:32.924862 sshd[6018]: Received disconnect from 180.101.88.196 port 21626:11: [preauth] Feb 9 12:39:32.924862 sshd[6018]: Disconnected from authenticating user root 180.101.88.196 port 21626 [preauth] Feb 9 12:39:32.925384 sshd[6018]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.101.88.196 user=root Feb 9 12:39:32.927399 systemd[1]: sshd@70-86.109.11.101:22-180.101.88.196:21626.service: Deactivated successfully. Feb 9 12:39:32.926000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@70-86.109.11.101:22-180.101.88.196:21626 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:33.020286 kernel: audit: type=1131 audit(1707482372.926:1585): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@70-86.109.11.101:22-180.101.88.196:21626 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:33.095355 systemd[1]: Started sshd@75-86.109.11.101:22-180.101.88.196:29589.service. Feb 9 12:39:33.094000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@75-86.109.11.101:22-180.101.88.196:29589 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:33.187234 kernel: audit: type=1130 audit(1707482373.094:1586): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@75-86.109.11.101:22-180.101.88.196:29589 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:33.590636 sshd[6110]: Invalid user daniel from 104.248.145.46 port 32936 Feb 9 12:39:33.596939 sshd[6110]: pam_faillock(sshd:auth): User unknown Feb 9 12:39:33.598027 sshd[6110]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:39:33.598118 sshd[6110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.145.46 Feb 9 12:39:33.599112 sshd[6110]: pam_faillock(sshd:auth): User unknown Feb 9 12:39:33.598000 audit[6110]: USER_AUTH pid=6110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="daniel" exe="/usr/sbin/sshd" hostname=104.248.145.46 addr=104.248.145.46 terminal=ssh res=failed' Feb 9 12:39:33.696336 kernel: audit: type=1100 audit(1707482373.598:1587): pid=6110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="daniel" exe="/usr/sbin/sshd" hostname=104.248.145.46 addr=104.248.145.46 terminal=ssh res=failed' Feb 9 12:39:34.200850 sshd[6115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.101.88.196 user=root Feb 9 12:39:34.199000 audit[6115]: USER_AUTH pid=6115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=180.101.88.196 addr=180.101.88.196 terminal=ssh res=failed' Feb 9 12:39:34.292295 kernel: audit: type=1100 audit(1707482374.199:1588): pid=6115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=180.101.88.196 addr=180.101.88.196 terminal=ssh res=failed' Feb 9 12:39:35.420156 sshd[6110]: Failed password for invalid user daniel from 104.248.145.46 port 32936 ssh2 Feb 9 12:39:35.844499 sshd[5849]: Timeout before authentication for 106.54.212.205 port 38526 Feb 9 12:39:35.845915 systemd[1]: sshd@58-86.109.11.101:22-106.54.212.205:38526.service: Deactivated successfully. Feb 9 12:39:35.845000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@58-86.109.11.101:22-106.54.212.205:38526 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:35.850762 sshd[6110]: Received disconnect from 104.248.145.46 port 32936:11: Bye Bye [preauth] Feb 9 12:39:35.850762 sshd[6110]: Disconnected from invalid user daniel 104.248.145.46 port 32936 [preauth] Feb 9 12:39:35.852004 systemd[1]: sshd@74-86.109.11.101:22-104.248.145.46:32936.service: Deactivated successfully. Feb 9 12:39:35.850000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@74-86.109.11.101:22-104.248.145.46:32936 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:36.030676 kernel: audit: type=1131 audit(1707482375.845:1589): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@58-86.109.11.101:22-106.54.212.205:38526 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:36.030704 kernel: audit: type=1131 audit(1707482375.850:1590): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@74-86.109.11.101:22-104.248.145.46:32936 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:36.296251 systemd[1]: Started sshd@76-86.109.11.101:22-147.75.109.163:43128.service. Feb 9 12:39:36.295000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@76-86.109.11.101:22-147.75.109.163:43128 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:36.390257 kernel: audit: type=1130 audit(1707482376.295:1591): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@76-86.109.11.101:22-147.75.109.163:43128 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:36.442000 audit[6120]: USER_ACCT pid=6120 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:36.443752 sshd[6120]: Accepted publickey for core from 147.75.109.163 port 43128 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:39:36.447226 sshd[6120]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:39:36.451560 systemd-logind[1465]: New session 12 of user core. Feb 9 12:39:36.452139 systemd[1]: Started session-12.scope. Feb 9 12:39:36.493425 sshd[6115]: Failed password for root from 180.101.88.196 port 29589 ssh2 Feb 9 12:39:36.531439 sshd[6120]: pam_unix(sshd:session): session closed for user core Feb 9 12:39:36.532978 systemd[1]: sshd@76-86.109.11.101:22-147.75.109.163:43128.service: Deactivated successfully. Feb 9 12:39:36.533409 systemd[1]: session-12.scope: Deactivated successfully. Feb 9 12:39:36.533901 systemd-logind[1465]: Session 12 logged out. Waiting for processes to exit. Feb 9 12:39:36.534537 systemd-logind[1465]: Removed session 12. Feb 9 12:39:36.445000 audit[6120]: CRED_ACQ pid=6120 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:36.629412 kernel: audit: type=1101 audit(1707482376.442:1592): pid=6120 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:36.629447 kernel: audit: type=1103 audit(1707482376.445:1593): pid=6120 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:36.445000 audit[6120]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc5aca9730 a2=3 a3=0 items=0 ppid=1 pid=6120 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=12 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:39:36.445000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:39:36.453000 audit[6120]: USER_START pid=6120 uid=0 auid=500 ses=12 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:36.454000 audit[6122]: CRED_ACQ pid=6122 uid=0 auid=500 ses=12 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:36.531000 audit[6120]: USER_END pid=6120 uid=0 auid=500 ses=12 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:36.531000 audit[6120]: CRED_DISP pid=6120 uid=0 auid=500 ses=12 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:36.531000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@76-86.109.11.101:22-147.75.109.163:43128 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:37.325000 audit[6115]: ANOM_LOGIN_FAILURES pid=6115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='pam_faillock uid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:37.327295 sshd[6115]: pam_faillock(sshd:auth): Consecutive login failures for user root account temporarily locked Feb 9 12:39:37.354602 kernel: kauditd_printk_skb: 8 callbacks suppressed Feb 9 12:39:37.354665 kernel: audit: type=2100 audit(1707482377.325:1600): pid=6115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='pam_faillock uid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:37.326000 audit[6115]: USER_AUTH pid=6115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=180.101.88.196 addr=180.101.88.196 terminal=ssh res=failed' Feb 9 12:39:37.508079 kernel: audit: type=1100 audit(1707482377.326:1601): pid=6115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=180.101.88.196 addr=180.101.88.196 terminal=ssh res=failed' Feb 9 12:39:39.221000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:39:39.221000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001383e60 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:39:39.363902 sshd[6115]: Failed password for root from 180.101.88.196 port 29589 ssh2 Feb 9 12:39:39.438092 kernel: audit: type=1400 audit(1707482379.221:1602): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:39:39.438131 kernel: audit: type=1300 audit(1707482379.221:1602): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001383e60 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:39:39.438148 kernel: audit: type=1327 audit(1707482379.221:1602): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:39:39.221000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:39:39.531551 kernel: audit: type=1400 audit(1707482379.222:1603): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:39:39.222000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:39:39.622561 kernel: audit: type=1300 audit(1707482379.222:1603): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0001b2200 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:39:39.222000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0001b2200 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:39:39.743796 kernel: audit: type=1327 audit(1707482379.222:1603): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:39:39.222000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:39:39.837656 kernel: audit: type=1400 audit(1707482379.223:1604): avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:39:39.223000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:39:39.928306 kernel: audit: type=1300 audit(1707482379.223:1604): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0001b2240 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:39:39.223000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0001b2240 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:39:39.223000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:39:39.225000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:39:39.225000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c00046c360 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:39:39.225000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:39:40.455000 audit[6115]: USER_AUTH pid=6115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=180.101.88.196 addr=180.101.88.196 terminal=ssh res=failed' Feb 9 12:39:41.541342 systemd[1]: Started sshd@77-86.109.11.101:22-147.75.109.163:43138.service. Feb 9 12:39:41.540000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@77-86.109.11.101:22-147.75.109.163:43138 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:41.575000 audit[6151]: USER_ACCT pid=6151 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:41.576394 sshd[6151]: Accepted publickey for core from 147.75.109.163 port 43138 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:39:41.575000 audit[6151]: CRED_ACQ pid=6151 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:41.575000 audit[6151]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffce533a8a0 a2=3 a3=0 items=0 ppid=1 pid=6151 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=13 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:39:41.575000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:39:41.577290 sshd[6151]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:39:41.580551 systemd-logind[1465]: New session 13 of user core. Feb 9 12:39:41.581267 systemd[1]: Started session-13.scope. Feb 9 12:39:41.583000 audit[6151]: USER_START pid=6151 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:41.584000 audit[6153]: CRED_ACQ pid=6153 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:41.671456 sshd[6151]: pam_unix(sshd:session): session closed for user core Feb 9 12:39:41.671000 audit[6151]: USER_END pid=6151 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:41.671000 audit[6151]: CRED_DISP pid=6151 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:41.673084 systemd[1]: sshd@77-86.109.11.101:22-147.75.109.163:43138.service: Deactivated successfully. Feb 9 12:39:41.671000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@77-86.109.11.101:22-147.75.109.163:43138 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:41.673593 systemd[1]: session-13.scope: Deactivated successfully. Feb 9 12:39:41.674018 systemd-logind[1465]: Session 13 logged out. Waiting for processes to exit. Feb 9 12:39:41.674624 systemd-logind[1465]: Removed session 13. Feb 9 12:39:42.573223 sshd[6115]: Failed password for root from 180.101.88.196 port 29589 ssh2 Feb 9 12:39:43.582910 sshd[6115]: Received disconnect from 180.101.88.196 port 29589:11: [preauth] Feb 9 12:39:43.582910 sshd[6115]: Disconnected from authenticating user root 180.101.88.196 port 29589 [preauth] Feb 9 12:39:43.583693 sshd[6115]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.101.88.196 user=root Feb 9 12:39:43.585744 systemd[1]: sshd@75-86.109.11.101:22-180.101.88.196:29589.service: Deactivated successfully. Feb 9 12:39:43.585000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@75-86.109.11.101:22-180.101.88.196:29589 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:43.613195 kernel: kauditd_printk_skb: 16 callbacks suppressed Feb 9 12:39:43.613263 kernel: audit: type=1131 audit(1707482383.585:1616): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@75-86.109.11.101:22-180.101.88.196:29589 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:43.813057 systemd[1]: Started sshd@78-86.109.11.101:22-180.101.88.196:33468.service. Feb 9 12:39:43.812000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@78-86.109.11.101:22-180.101.88.196:33468 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:43.906409 kernel: audit: type=1130 audit(1707482383.812:1617): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@78-86.109.11.101:22-180.101.88.196:33468 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:43.915082 systemd[1]: Started sshd@79-86.109.11.101:22-101.35.54.203:35900.service. Feb 9 12:39:43.913000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@79-86.109.11.101:22-101.35.54.203:35900 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:44.004284 kernel: audit: type=1130 audit(1707482383.913:1618): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@79-86.109.11.101:22-101.35.54.203:35900 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:44.696434 sshd[6181]: Invalid user cigroup from 101.35.54.203 port 35900 Feb 9 12:39:44.702436 sshd[6181]: pam_faillock(sshd:auth): User unknown Feb 9 12:39:44.703507 sshd[6181]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:39:44.703599 sshd[6181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.35.54.203 Feb 9 12:39:44.704636 sshd[6181]: pam_faillock(sshd:auth): User unknown Feb 9 12:39:44.703000 audit[6181]: USER_AUTH pid=6181 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="cigroup" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:39:44.796313 kernel: audit: type=1100 audit(1707482384.703:1619): pid=6181 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="cigroup" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:39:45.068937 sshd[6178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.101.88.196 user=root Feb 9 12:39:45.067000 audit[6178]: USER_AUTH pid=6178 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=180.101.88.196 addr=180.101.88.196 terminal=ssh res=failed' Feb 9 12:39:45.160419 kernel: audit: type=1100 audit(1707482385.067:1620): pid=6178 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=180.101.88.196 addr=180.101.88.196 terminal=ssh res=failed' Feb 9 12:39:46.369932 sshd[6181]: Failed password for invalid user cigroup from 101.35.54.203 port 35900 ssh2 Feb 9 12:39:46.681213 systemd[1]: Started sshd@80-86.109.11.101:22-147.75.109.163:54208.service. Feb 9 12:39:46.680000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@80-86.109.11.101:22-147.75.109.163:54208 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:46.773276 kernel: audit: type=1130 audit(1707482386.680:1621): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@80-86.109.11.101:22-147.75.109.163:54208 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:46.800000 audit[6184]: USER_ACCT pid=6184 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:46.802288 sshd[6184]: Accepted publickey for core from 147.75.109.163 port 54208 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:39:46.803559 sshd[6184]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:39:46.805942 systemd-logind[1465]: New session 14 of user core. Feb 9 12:39:46.806453 systemd[1]: Started session-14.scope. Feb 9 12:39:46.869386 sshd[6178]: Failed password for root from 180.101.88.196 port 33468 ssh2 Feb 9 12:39:46.886568 sshd[6184]: pam_unix(sshd:session): session closed for user core Feb 9 12:39:46.887969 systemd[1]: sshd@80-86.109.11.101:22-147.75.109.163:54208.service: Deactivated successfully. Feb 9 12:39:46.888434 systemd[1]: session-14.scope: Deactivated successfully. Feb 9 12:39:46.888850 systemd-logind[1465]: Session 14 logged out. Waiting for processes to exit. Feb 9 12:39:46.889325 systemd-logind[1465]: Removed session 14. Feb 9 12:39:46.802000 audit[6184]: CRED_ACQ pid=6184 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:46.989049 kernel: audit: type=1101 audit(1707482386.800:1622): pid=6184 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:46.989082 kernel: audit: type=1103 audit(1707482386.802:1623): pid=6184 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:46.989103 kernel: audit: type=1006 audit(1707482386.802:1624): pid=6184 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=14 res=1 Feb 9 12:39:46.802000 audit[6184]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff0fda2390 a2=3 a3=0 items=0 ppid=1 pid=6184 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:39:47.141531 kernel: audit: type=1300 audit(1707482386.802:1624): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff0fda2390 a2=3 a3=0 items=0 ppid=1 pid=6184 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:39:46.802000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:39:46.807000 audit[6184]: USER_START pid=6184 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:46.808000 audit[6186]: CRED_ACQ pid=6186 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:46.885000 audit[6184]: USER_END pid=6184 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:46.886000 audit[6184]: CRED_DISP pid=6184 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:46.886000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@80-86.109.11.101:22-147.75.109.163:54208 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:47.715728 sshd[6181]: Received disconnect from 101.35.54.203 port 35900:11: Bye Bye [preauth] Feb 9 12:39:47.715728 sshd[6181]: Disconnected from invalid user cigroup 101.35.54.203 port 35900 [preauth] Feb 9 12:39:47.717989 systemd[1]: sshd@79-86.109.11.101:22-101.35.54.203:35900.service: Deactivated successfully. Feb 9 12:39:47.717000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@79-86.109.11.101:22-101.35.54.203:35900 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:48.224000 audit[6178]: USER_AUTH pid=6178 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=180.101.88.196 addr=180.101.88.196 terminal=ssh res=failed' Feb 9 12:39:49.770574 sshd[6178]: Failed password for root from 180.101.88.196 port 33468 ssh2 Feb 9 12:39:51.183507 update_engine[1467]: I0209 12:39:51.183442 1467 prefs.cc:52] certificate-report-to-send-update not present in /var/lib/update_engine/prefs Feb 9 12:39:51.183507 update_engine[1467]: I0209 12:39:51.183511 1467 prefs.cc:52] certificate-report-to-send-download not present in /var/lib/update_engine/prefs Feb 9 12:39:51.185308 update_engine[1467]: I0209 12:39:51.185240 1467 prefs.cc:52] aleph-version not present in /var/lib/update_engine/prefs Feb 9 12:39:51.186085 update_engine[1467]: I0209 12:39:51.186012 1467 omaha_request_params.cc:62] Current group set to lts Feb 9 12:39:51.186326 update_engine[1467]: I0209 12:39:51.186290 1467 update_attempter.cc:499] Already updated boot flags. Skipping. Feb 9 12:39:51.186326 update_engine[1467]: I0209 12:39:51.186317 1467 update_attempter.cc:643] Scheduling an action processor start. Feb 9 12:39:51.186574 update_engine[1467]: I0209 12:39:51.186348 1467 action_processor.cc:36] ActionProcessor::StartProcessing: OmahaRequestAction Feb 9 12:39:51.186574 update_engine[1467]: I0209 12:39:51.186409 1467 prefs.cc:52] previous-version not present in /var/lib/update_engine/prefs Feb 9 12:39:51.186574 update_engine[1467]: I0209 12:39:51.186538 1467 omaha_request_action.cc:270] Posting an Omaha request to disabled Feb 9 12:39:51.186574 update_engine[1467]: I0209 12:39:51.186553 1467 omaha_request_action.cc:271] Request: Feb 9 12:39:51.186574 update_engine[1467]: Feb 9 12:39:51.186574 update_engine[1467]: Feb 9 12:39:51.186574 update_engine[1467]: Feb 9 12:39:51.186574 update_engine[1467]: Feb 9 12:39:51.186574 update_engine[1467]: Feb 9 12:39:51.186574 update_engine[1467]: Feb 9 12:39:51.186574 update_engine[1467]: Feb 9 12:39:51.186574 update_engine[1467]: Feb 9 12:39:51.186574 update_engine[1467]: I0209 12:39:51.186563 1467 libcurl_http_fetcher.cc:47] Starting/Resuming transfer Feb 9 12:39:51.187648 locksmithd[1512]: LastCheckedTime=0 Progress=0 CurrentOperation="UPDATE_STATUS_CHECKING_FOR_UPDATE" NewVersion=0.0.0 NewSize=0 Feb 9 12:39:51.189322 update_engine[1467]: I0209 12:39:51.189265 1467 libcurl_http_fetcher.cc:151] Setting up curl options for HTTP Feb 9 12:39:51.189511 update_engine[1467]: E0209 12:39:51.189476 1467 libcurl_http_fetcher.cc:266] Unable to get http response code: Could not resolve host: disabled Feb 9 12:39:51.189698 update_engine[1467]: I0209 12:39:51.189627 1467 libcurl_http_fetcher.cc:283] No HTTP response, retry 1 Feb 9 12:39:51.376000 audit[6178]: USER_AUTH pid=6178 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=180.101.88.196 addr=180.101.88.196 terminal=ssh res=failed' Feb 9 12:39:51.416984 kernel: kauditd_printk_skb: 8 callbacks suppressed Feb 9 12:39:51.417059 kernel: audit: type=1100 audit(1707482391.376:1632): pid=6178 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=180.101.88.196 addr=180.101.88.196 terminal=ssh res=failed' Feb 9 12:39:51.898017 systemd[1]: Started sshd@81-86.109.11.101:22-147.75.109.163:54214.service. Feb 9 12:39:51.897000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@81-86.109.11.101:22-147.75.109.163:54214 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:51.988238 kernel: audit: type=1130 audit(1707482391.897:1633): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@81-86.109.11.101:22-147.75.109.163:54214 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:52.016542 sshd[6212]: Accepted publickey for core from 147.75.109.163 port 54214 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:39:52.015000 audit[6212]: USER_ACCT pid=6212 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:52.017525 sshd[6212]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:39:52.020140 systemd-logind[1465]: New session 15 of user core. Feb 9 12:39:52.020628 systemd[1]: Started session-15.scope. Feb 9 12:39:52.104867 sshd[6212]: pam_unix(sshd:session): session closed for user core Feb 9 12:39:52.106511 systemd[1]: sshd@81-86.109.11.101:22-147.75.109.163:54214.service: Deactivated successfully. Feb 9 12:39:52.106934 systemd[1]: session-15.scope: Deactivated successfully. Feb 9 12:39:52.107444 systemd-logind[1465]: Session 15 logged out. Waiting for processes to exit. Feb 9 12:39:52.108068 systemd-logind[1465]: Removed session 15. Feb 9 12:39:52.016000 audit[6212]: CRED_ACQ pid=6212 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:52.200388 kernel: audit: type=1101 audit(1707482392.015:1634): pid=6212 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:52.200464 kernel: audit: type=1103 audit(1707482392.016:1635): pid=6212 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:52.200480 kernel: audit: type=1006 audit(1707482392.016:1636): pid=6212 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=15 res=1 Feb 9 12:39:52.259495 kernel: audit: type=1300 audit(1707482392.016:1636): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc613ac2c0 a2=3 a3=0 items=0 ppid=1 pid=6212 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=15 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:39:52.016000 audit[6212]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc613ac2c0 a2=3 a3=0 items=0 ppid=1 pid=6212 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=15 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:39:52.352437 kernel: audit: type=1327 audit(1707482392.016:1636): proctitle=737368643A20636F7265205B707269765D Feb 9 12:39:52.016000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:39:52.383509 kernel: audit: type=1105 audit(1707482392.022:1637): pid=6212 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:52.022000 audit[6212]: USER_START pid=6212 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:52.479830 kernel: audit: type=1103 audit(1707482392.022:1638): pid=6214 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:52.022000 audit[6214]: CRED_ACQ pid=6214 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:52.569822 kernel: audit: type=1106 audit(1707482392.104:1639): pid=6212 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:52.104000 audit[6212]: USER_END pid=6212 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:52.104000 audit[6212]: CRED_DISP pid=6212 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:52.105000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@81-86.109.11.101:22-147.75.109.163:54214 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:53.669502 sshd[6178]: Failed password for root from 180.101.88.196 port 33468 ssh2 Feb 9 12:39:54.529779 sshd[6178]: Received disconnect from 180.101.88.196 port 33468:11: [preauth] Feb 9 12:39:54.529779 sshd[6178]: Disconnected from authenticating user root 180.101.88.196 port 33468 [preauth] Feb 9 12:39:54.530319 sshd[6178]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.101.88.196 user=root Feb 9 12:39:54.532273 systemd[1]: sshd@78-86.109.11.101:22-180.101.88.196:33468.service: Deactivated successfully. Feb 9 12:39:54.531000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@78-86.109.11.101:22-180.101.88.196:33468 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:57.109304 systemd[1]: Started sshd@82-86.109.11.101:22-147.75.109.163:48040.service. Feb 9 12:39:57.108000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@82-86.109.11.101:22-147.75.109.163:48040 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:57.136844 kernel: kauditd_printk_skb: 3 callbacks suppressed Feb 9 12:39:57.136919 kernel: audit: type=1130 audit(1707482397.108:1643): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@82-86.109.11.101:22-147.75.109.163:48040 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:57.280000 audit[6267]: USER_ACCT pid=6267 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:57.282253 sshd[6267]: Accepted publickey for core from 147.75.109.163 port 48040 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:39:57.286321 sshd[6267]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:39:57.296180 systemd-logind[1465]: New session 16 of user core. Feb 9 12:39:57.298587 systemd[1]: Started session-16.scope. Feb 9 12:39:57.284000 audit[6267]: CRED_ACQ pid=6267 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:57.387541 sshd[6267]: pam_unix(sshd:session): session closed for user core Feb 9 12:39:57.389337 systemd[1]: sshd@82-86.109.11.101:22-147.75.109.163:48040.service: Deactivated successfully. Feb 9 12:39:57.389670 systemd[1]: session-16.scope: Deactivated successfully. Feb 9 12:39:57.390029 systemd-logind[1465]: Session 16 logged out. Waiting for processes to exit. Feb 9 12:39:57.390591 systemd[1]: Started sshd@83-86.109.11.101:22-147.75.109.163:48044.service. Feb 9 12:39:57.391128 systemd-logind[1465]: Removed session 16. Feb 9 12:39:57.466081 kernel: audit: type=1101 audit(1707482397.280:1644): pid=6267 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:57.466115 kernel: audit: type=1103 audit(1707482397.284:1645): pid=6267 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:57.466146 kernel: audit: type=1006 audit(1707482397.284:1646): pid=6267 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=16 res=1 Feb 9 12:39:57.525046 kernel: audit: type=1300 audit(1707482397.284:1646): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc9c53da10 a2=3 a3=0 items=0 ppid=1 pid=6267 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=16 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:39:57.284000 audit[6267]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc9c53da10 a2=3 a3=0 items=0 ppid=1 pid=6267 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=16 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:39:57.553618 sshd[6293]: Accepted publickey for core from 147.75.109.163 port 48044 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:39:57.555990 sshd[6293]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:39:57.558724 systemd-logind[1465]: New session 17 of user core. Feb 9 12:39:57.559136 systemd[1]: Started session-17.scope. Feb 9 12:39:57.617497 kernel: audit: type=1327 audit(1707482397.284:1646): proctitle=737368643A20636F7265205B707269765D Feb 9 12:39:57.284000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:39:57.648163 kernel: audit: type=1105 audit(1707482397.308:1647): pid=6267 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:57.308000 audit[6267]: USER_START pid=6267 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:57.736448 sshd[6293]: pam_unix(sshd:session): session closed for user core Feb 9 12:39:57.739629 systemd[1]: sshd@83-86.109.11.101:22-147.75.109.163:48044.service: Deactivated successfully. Feb 9 12:39:57.740366 systemd[1]: session-17.scope: Deactivated successfully. Feb 9 12:39:57.741051 systemd-logind[1465]: Session 17 logged out. Waiting for processes to exit. Feb 9 12:39:57.742475 systemd[1]: Started sshd@84-86.109.11.101:22-147.75.109.163:48050.service. Feb 9 12:39:57.743389 systemd-logind[1465]: Removed session 17. Feb 9 12:39:57.309000 audit[6269]: CRED_ACQ pid=6269 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:57.833137 kernel: audit: type=1103 audit(1707482397.309:1648): pid=6269 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:57.833218 kernel: audit: type=1106 audit(1707482397.387:1649): pid=6267 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:57.387000 audit[6267]: USER_END pid=6267 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:57.929157 kernel: audit: type=1104 audit(1707482397.387:1650): pid=6267 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:57.387000 audit[6267]: CRED_DISP pid=6267 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:57.957910 sshd[6316]: Accepted publickey for core from 147.75.109.163 port 48050 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:39:57.959646 sshd[6316]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:39:57.962774 systemd-logind[1465]: New session 18 of user core. Feb 9 12:39:57.964112 systemd[1]: Started session-18.scope. Feb 9 12:39:57.388000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@82-86.109.11.101:22-147.75.109.163:48040 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:57.389000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@83-86.109.11.101:22-147.75.109.163:48044 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:57.552000 audit[6293]: USER_ACCT pid=6293 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:57.554000 audit[6293]: CRED_ACQ pid=6293 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:57.554000 audit[6293]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffdec9826d0 a2=3 a3=0 items=0 ppid=1 pid=6293 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=17 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:39:57.554000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:39:57.561000 audit[6293]: USER_START pid=6293 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:57.562000 audit[6295]: CRED_ACQ pid=6295 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:57.736000 audit[6293]: USER_END pid=6293 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:57.736000 audit[6293]: CRED_DISP pid=6293 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:57.738000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@83-86.109.11.101:22-147.75.109.163:48044 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:57.741000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@84-86.109.11.101:22-147.75.109.163:48050 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:57.956000 audit[6316]: USER_ACCT pid=6316 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:57.958000 audit[6316]: CRED_ACQ pid=6316 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:57.958000 audit[6316]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffdbf08d4b0 a2=3 a3=0 items=0 ppid=1 pid=6316 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=18 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:39:57.958000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:39:57.965000 audit[6316]: USER_START pid=6316 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:57.966000 audit[6318]: CRED_ACQ pid=6318 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:58.043432 sshd[6316]: pam_unix(sshd:session): session closed for user core Feb 9 12:39:58.042000 audit[6316]: USER_END pid=6316 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:58.042000 audit[6316]: CRED_DISP pid=6316 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:39:58.044868 systemd[1]: sshd@84-86.109.11.101:22-147.75.109.163:48050.service: Deactivated successfully. Feb 9 12:39:58.043000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@84-86.109.11.101:22-147.75.109.163:48050 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:39:58.045313 systemd[1]: session-18.scope: Deactivated successfully. Feb 9 12:39:58.045676 systemd-logind[1465]: Session 18 logged out. Waiting for processes to exit. Feb 9 12:39:58.046077 systemd-logind[1465]: Removed session 18. Feb 9 12:40:01.182494 update_engine[1467]: I0209 12:40:01.182376 1467 libcurl_http_fetcher.cc:47] Starting/Resuming transfer Feb 9 12:40:01.183315 update_engine[1467]: I0209 12:40:01.182858 1467 libcurl_http_fetcher.cc:151] Setting up curl options for HTTP Feb 9 12:40:01.183315 update_engine[1467]: E0209 12:40:01.183066 1467 libcurl_http_fetcher.cc:266] Unable to get http response code: Could not resolve host: disabled Feb 9 12:40:01.183315 update_engine[1467]: I0209 12:40:01.183269 1467 libcurl_http_fetcher.cc:283] No HTTP response, retry 2 Feb 9 12:40:01.937626 systemd[1]: Started sshd@85-86.109.11.101:22-43.153.64.49:58776.service. Feb 9 12:40:01.936000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@85-86.109.11.101:22-43.153.64.49:58776 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:02.062937 sshd[6344]: Invalid user zhongy from 43.153.64.49 port 58776 Feb 9 12:40:02.067818 sshd[6344]: pam_faillock(sshd:auth): User unknown Feb 9 12:40:02.068025 sshd[6344]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:40:02.068041 sshd[6344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.153.64.49 Feb 9 12:40:02.068201 sshd[6344]: pam_faillock(sshd:auth): User unknown Feb 9 12:40:02.067000 audit[6344]: USER_AUTH pid=6344 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="zhongy" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:40:03.053219 systemd[1]: Started sshd@86-86.109.11.101:22-147.75.109.163:48062.service. Feb 9 12:40:03.052000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@86-86.109.11.101:22-147.75.109.163:48062 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:03.080703 kernel: kauditd_printk_skb: 25 callbacks suppressed Feb 9 12:40:03.080756 kernel: audit: type=1130 audit(1707482403.052:1672): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@86-86.109.11.101:22-147.75.109.163:48062 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:03.199000 audit[6347]: USER_ACCT pid=6347 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:03.200535 sshd[6347]: Accepted publickey for core from 147.75.109.163 port 48062 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:40:03.201826 sshd[6347]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:40:03.204697 systemd-logind[1465]: New session 19 of user core. Feb 9 12:40:03.205688 systemd[1]: Started session-19.scope. Feb 9 12:40:03.292231 kernel: audit: type=1101 audit(1707482403.199:1673): pid=6347 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:03.292272 kernel: audit: type=1103 audit(1707482403.200:1674): pid=6347 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:03.200000 audit[6347]: CRED_ACQ pid=6347 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:03.441568 kernel: audit: type=1006 audit(1707482403.200:1675): pid=6347 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=19 res=1 Feb 9 12:40:03.441601 kernel: audit: type=1300 audit(1707482403.200:1675): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff8a32bfb0 a2=3 a3=0 items=0 ppid=1 pid=6347 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=19 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:03.200000 audit[6347]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff8a32bfb0 a2=3 a3=0 items=0 ppid=1 pid=6347 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=19 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:03.200000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:03.534330 sshd[6347]: pam_unix(sshd:session): session closed for user core Feb 9 12:40:03.535976 systemd[1]: sshd@86-86.109.11.101:22-147.75.109.163:48062.service: Deactivated successfully. Feb 9 12:40:03.536661 systemd[1]: session-19.scope: Deactivated successfully. Feb 9 12:40:03.537103 systemd-logind[1465]: Session 19 logged out. Waiting for processes to exit. Feb 9 12:40:03.537703 systemd-logind[1465]: Removed session 19. Feb 9 12:40:03.564823 kernel: audit: type=1327 audit(1707482403.200:1675): proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:03.564854 kernel: audit: type=1105 audit(1707482403.206:1676): pid=6347 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:03.206000 audit[6347]: USER_START pid=6347 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:03.659891 kernel: audit: type=1103 audit(1707482403.207:1677): pid=6349 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:03.207000 audit[6349]: CRED_ACQ pid=6349 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:03.749314 kernel: audit: type=1106 audit(1707482403.533:1678): pid=6347 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:03.533000 audit[6347]: USER_END pid=6347 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:03.844984 kernel: audit: type=1104 audit(1707482403.533:1679): pid=6347 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:03.533000 audit[6347]: CRED_DISP pid=6347 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:03.534000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@86-86.109.11.101:22-147.75.109.163:48062 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:04.204207 sshd[6344]: Failed password for invalid user zhongy from 43.153.64.49 port 58776 ssh2 Feb 9 12:40:05.256878 sshd[6344]: Received disconnect from 43.153.64.49 port 58776:11: Bye Bye [preauth] Feb 9 12:40:05.256878 sshd[6344]: Disconnected from invalid user zhongy 43.153.64.49 port 58776 [preauth] Feb 9 12:40:05.259222 systemd[1]: sshd@85-86.109.11.101:22-43.153.64.49:58776.service: Deactivated successfully. Feb 9 12:40:05.258000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@85-86.109.11.101:22-43.153.64.49:58776 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:08.485097 systemd[1]: Started sshd@87-86.109.11.101:22-147.75.109.163:48992.service. Feb 9 12:40:08.483000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@87-86.109.11.101:22-147.75.109.163:48992 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:08.511990 kernel: kauditd_printk_skb: 2 callbacks suppressed Feb 9 12:40:08.512044 kernel: audit: type=1130 audit(1707482408.483:1682): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@87-86.109.11.101:22-147.75.109.163:48992 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:08.629000 audit[6374]: USER_ACCT pid=6374 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:08.630779 sshd[6374]: Accepted publickey for core from 147.75.109.163 port 48992 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:40:08.632878 sshd[6374]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:40:08.635653 systemd-logind[1465]: New session 20 of user core. Feb 9 12:40:08.636825 systemd[1]: Started session-20.scope. Feb 9 12:40:08.719151 sshd[6374]: pam_unix(sshd:session): session closed for user core Feb 9 12:40:08.720824 systemd[1]: sshd@87-86.109.11.101:22-147.75.109.163:48992.service: Deactivated successfully. Feb 9 12:40:08.721633 systemd[1]: session-20.scope: Deactivated successfully. Feb 9 12:40:08.722151 systemd-logind[1465]: Session 20 logged out. Waiting for processes to exit. Feb 9 12:40:08.722663 systemd-logind[1465]: Removed session 20. Feb 9 12:40:08.631000 audit[6374]: CRED_ACQ pid=6374 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:08.814732 kernel: audit: type=1101 audit(1707482408.629:1683): pid=6374 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:08.814764 kernel: audit: type=1103 audit(1707482408.631:1684): pid=6374 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:08.814782 kernel: audit: type=1006 audit(1707482408.631:1685): pid=6374 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=20 res=1 Feb 9 12:40:08.873309 kernel: audit: type=1300 audit(1707482408.631:1685): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff56b29730 a2=3 a3=0 items=0 ppid=1 pid=6374 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=20 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:08.631000 audit[6374]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff56b29730 a2=3 a3=0 items=0 ppid=1 pid=6374 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=20 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:08.965317 kernel: audit: type=1327 audit(1707482408.631:1685): proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:08.631000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:08.995763 kernel: audit: type=1105 audit(1707482408.638:1686): pid=6374 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:08.638000 audit[6374]: USER_START pid=6374 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:09.090190 kernel: audit: type=1103 audit(1707482408.638:1687): pid=6379 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:08.638000 audit[6379]: CRED_ACQ pid=6379 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:08.718000 audit[6374]: USER_END pid=6374 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:09.274812 kernel: audit: type=1106 audit(1707482408.718:1688): pid=6374 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:09.274839 kernel: audit: type=1104 audit(1707482408.718:1689): pid=6374 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:08.718000 audit[6374]: CRED_DISP pid=6374 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:08.719000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@87-86.109.11.101:22-147.75.109.163:48992 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:11.181500 update_engine[1467]: I0209 12:40:11.181378 1467 libcurl_http_fetcher.cc:47] Starting/Resuming transfer Feb 9 12:40:11.182395 update_engine[1467]: I0209 12:40:11.181828 1467 libcurl_http_fetcher.cc:151] Setting up curl options for HTTP Feb 9 12:40:11.182395 update_engine[1467]: E0209 12:40:11.182019 1467 libcurl_http_fetcher.cc:266] Unable to get http response code: Could not resolve host: disabled Feb 9 12:40:11.182395 update_engine[1467]: I0209 12:40:11.182178 1467 libcurl_http_fetcher.cc:283] No HTTP response, retry 3 Feb 9 12:40:13.729189 systemd[1]: Started sshd@88-86.109.11.101:22-147.75.109.163:49008.service. Feb 9 12:40:13.728000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@88-86.109.11.101:22-147.75.109.163:49008 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:13.755595 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:40:13.755688 kernel: audit: type=1130 audit(1707482413.728:1691): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@88-86.109.11.101:22-147.75.109.163:49008 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:13.880000 audit[6408]: USER_ACCT pid=6408 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:13.882434 sshd[6408]: Accepted publickey for core from 147.75.109.163 port 49008 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:40:13.883130 sshd[6408]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:40:13.885979 systemd-logind[1465]: New session 21 of user core. Feb 9 12:40:13.887082 systemd[1]: Started session-21.scope. Feb 9 12:40:13.881000 audit[6408]: CRED_ACQ pid=6408 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:13.977699 sshd[6408]: pam_unix(sshd:session): session closed for user core Feb 9 12:40:13.979201 systemd[1]: sshd@88-86.109.11.101:22-147.75.109.163:49008.service: Deactivated successfully. Feb 9 12:40:13.979626 systemd[1]: session-21.scope: Deactivated successfully. Feb 9 12:40:13.980019 systemd-logind[1465]: Session 21 logged out. Waiting for processes to exit. Feb 9 12:40:13.980529 systemd-logind[1465]: Removed session 21. Feb 9 12:40:14.064213 kernel: audit: type=1101 audit(1707482413.880:1692): pid=6408 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:14.064257 kernel: audit: type=1103 audit(1707482413.881:1693): pid=6408 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:14.064275 kernel: audit: type=1006 audit(1707482413.881:1694): pid=6408 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=21 res=1 Feb 9 12:40:13.881000 audit[6408]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffef0a9a130 a2=3 a3=0 items=0 ppid=1 pid=6408 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=21 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:14.214715 kernel: audit: type=1300 audit(1707482413.881:1694): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffef0a9a130 a2=3 a3=0 items=0 ppid=1 pid=6408 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=21 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:14.214779 kernel: audit: type=1327 audit(1707482413.881:1694): proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:13.881000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:14.245249 kernel: audit: type=1105 audit(1707482413.888:1695): pid=6408 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:13.888000 audit[6408]: USER_START pid=6408 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:14.339696 kernel: audit: type=1103 audit(1707482413.889:1696): pid=6410 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:13.889000 audit[6410]: CRED_ACQ pid=6410 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:13.977000 audit[6408]: USER_END pid=6408 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:14.524266 kernel: audit: type=1106 audit(1707482413.977:1697): pid=6408 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:14.524307 kernel: audit: type=1104 audit(1707482413.977:1698): pid=6408 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:13.977000 audit[6408]: CRED_DISP pid=6408 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:13.978000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@88-86.109.11.101:22-147.75.109.163:49008 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:18.981430 systemd[1]: Started sshd@89-86.109.11.101:22-147.75.109.163:35252.service. Feb 9 12:40:18.980000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@89-86.109.11.101:22-147.75.109.163:35252 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:19.007992 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:40:19.008060 kernel: audit: type=1130 audit(1707482418.980:1700): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@89-86.109.11.101:22-147.75.109.163:35252 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:19.096391 systemd[1]: Started sshd@90-86.109.11.101:22-43.156.225.133:43250.service. Feb 9 12:40:19.095000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@90-86.109.11.101:22-43.156.225.133:43250 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:19.124485 sshd[6448]: Accepted publickey for core from 147.75.109.163 port 35252 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:40:19.126369 sshd[6448]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:40:19.128522 systemd-logind[1465]: New session 22 of user core. Feb 9 12:40:19.128965 systemd[1]: Started session-22.scope. Feb 9 12:40:19.123000 audit[6448]: USER_ACCT pid=6448 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:19.206268 sshd[6448]: pam_unix(sshd:session): session closed for user core Feb 9 12:40:19.207595 systemd[1]: sshd@89-86.109.11.101:22-147.75.109.163:35252.service: Deactivated successfully. Feb 9 12:40:19.208024 systemd[1]: session-22.scope: Deactivated successfully. Feb 9 12:40:19.208420 systemd-logind[1465]: Session 22 logged out. Waiting for processes to exit. Feb 9 12:40:19.208985 systemd-logind[1465]: Removed session 22. Feb 9 12:40:19.276358 kernel: audit: type=1130 audit(1707482419.095:1701): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@90-86.109.11.101:22-43.156.225.133:43250 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:19.276399 kernel: audit: type=1101 audit(1707482419.123:1702): pid=6448 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:19.276415 kernel: audit: type=1103 audit(1707482419.124:1703): pid=6448 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:19.124000 audit[6448]: CRED_ACQ pid=6448 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:19.367235 kernel: audit: type=1006 audit(1707482419.124:1704): pid=6448 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=22 res=1 Feb 9 12:40:19.124000 audit[6448]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc6bc436d0 a2=3 a3=0 items=0 ppid=1 pid=6448 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=22 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:19.517187 kernel: audit: type=1300 audit(1707482419.124:1704): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc6bc436d0 a2=3 a3=0 items=0 ppid=1 pid=6448 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=22 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:19.517224 kernel: audit: type=1327 audit(1707482419.124:1704): proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:19.124000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:19.547687 kernel: audit: type=1105 audit(1707482419.129:1705): pid=6448 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:19.129000 audit[6448]: USER_START pid=6448 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:19.642950 kernel: audit: type=1103 audit(1707482419.130:1706): pid=6453 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:19.130000 audit[6453]: CRED_ACQ pid=6453 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:19.205000 audit[6448]: USER_END pid=6448 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:19.827576 kernel: audit: type=1106 audit(1707482419.205:1707): pid=6448 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:19.205000 audit[6448]: CRED_DISP pid=6448 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:19.206000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@89-86.109.11.101:22-147.75.109.163:35252 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:20.211848 sshd[6451]: Invalid user iamsiiitttaaa from 43.156.225.133 port 43250 Feb 9 12:40:20.216361 sshd[6451]: pam_faillock(sshd:auth): User unknown Feb 9 12:40:20.217315 sshd[6451]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:40:20.217391 sshd[6451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.156.225.133 Feb 9 12:40:20.218157 sshd[6451]: pam_faillock(sshd:auth): User unknown Feb 9 12:40:20.217000 audit[6451]: USER_AUTH pid=6451 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="iamsiiitttaaa" exe="/usr/sbin/sshd" hostname=43.156.225.133 addr=43.156.225.133 terminal=ssh res=failed' Feb 9 12:40:21.180345 update_engine[1467]: I0209 12:40:21.180281 1467 libcurl_http_fetcher.cc:47] Starting/Resuming transfer Feb 9 12:40:21.181039 update_engine[1467]: I0209 12:40:21.180680 1467 libcurl_http_fetcher.cc:151] Setting up curl options for HTTP Feb 9 12:40:21.181039 update_engine[1467]: E0209 12:40:21.180862 1467 libcurl_http_fetcher.cc:266] Unable to get http response code: Could not resolve host: disabled Feb 9 12:40:21.181039 update_engine[1467]: I0209 12:40:21.181010 1467 libcurl_http_fetcher.cc:297] Transfer resulted in an error (0), 0 bytes downloaded Feb 9 12:40:21.181039 update_engine[1467]: I0209 12:40:21.181025 1467 omaha_request_action.cc:621] Omaha request response: Feb 9 12:40:21.181499 update_engine[1467]: E0209 12:40:21.181156 1467 omaha_request_action.cc:640] Omaha request network transfer failed. Feb 9 12:40:21.181499 update_engine[1467]: I0209 12:40:21.181182 1467 action_processor.cc:68] ActionProcessor::ActionComplete: OmahaRequestAction action failed. Aborting processing. Feb 9 12:40:21.181499 update_engine[1467]: I0209 12:40:21.181190 1467 action_processor.cc:73] ActionProcessor::ActionComplete: finished last action of type OmahaRequestAction Feb 9 12:40:21.181499 update_engine[1467]: I0209 12:40:21.181198 1467 update_attempter.cc:306] Processing Done. Feb 9 12:40:21.181499 update_engine[1467]: E0209 12:40:21.181221 1467 update_attempter.cc:619] Update failed. Feb 9 12:40:21.181499 update_engine[1467]: I0209 12:40:21.181311 1467 utils.cc:600] Converting error code 2000 to kActionCodeOmahaErrorInHTTPResponse Feb 9 12:40:21.181499 update_engine[1467]: I0209 12:40:21.181322 1467 payload_state.cc:97] Updating payload state for error code: 37 (kActionCodeOmahaErrorInHTTPResponse) Feb 9 12:40:21.181499 update_engine[1467]: I0209 12:40:21.181331 1467 payload_state.cc:103] Ignoring failures until we get a valid Omaha response. Feb 9 12:40:21.181499 update_engine[1467]: I0209 12:40:21.181474 1467 action_processor.cc:36] ActionProcessor::StartProcessing: OmahaRequestAction Feb 9 12:40:21.182260 update_engine[1467]: I0209 12:40:21.181535 1467 omaha_request_action.cc:270] Posting an Omaha request to disabled Feb 9 12:40:21.182260 update_engine[1467]: I0209 12:40:21.181551 1467 omaha_request_action.cc:271] Request: Feb 9 12:40:21.182260 update_engine[1467]: Feb 9 12:40:21.182260 update_engine[1467]: Feb 9 12:40:21.182260 update_engine[1467]: Feb 9 12:40:21.182260 update_engine[1467]: Feb 9 12:40:21.182260 update_engine[1467]: Feb 9 12:40:21.182260 update_engine[1467]: Feb 9 12:40:21.182260 update_engine[1467]: I0209 12:40:21.181565 1467 libcurl_http_fetcher.cc:47] Starting/Resuming transfer Feb 9 12:40:21.182260 update_engine[1467]: I0209 12:40:21.181905 1467 libcurl_http_fetcher.cc:151] Setting up curl options for HTTP Feb 9 12:40:21.182260 update_engine[1467]: E0209 12:40:21.182068 1467 libcurl_http_fetcher.cc:266] Unable to get http response code: Could not resolve host: disabled Feb 9 12:40:21.182260 update_engine[1467]: I0209 12:40:21.182190 1467 libcurl_http_fetcher.cc:297] Transfer resulted in an error (0), 0 bytes downloaded Feb 9 12:40:21.182260 update_engine[1467]: I0209 12:40:21.182204 1467 omaha_request_action.cc:621] Omaha request response: Feb 9 12:40:21.182260 update_engine[1467]: I0209 12:40:21.182214 1467 action_processor.cc:65] ActionProcessor::ActionComplete: finished last action of type OmahaRequestAction Feb 9 12:40:21.182260 update_engine[1467]: I0209 12:40:21.182220 1467 action_processor.cc:73] ActionProcessor::ActionComplete: finished last action of type OmahaRequestAction Feb 9 12:40:21.182260 update_engine[1467]: I0209 12:40:21.182252 1467 update_attempter.cc:306] Processing Done. Feb 9 12:40:21.182260 update_engine[1467]: I0209 12:40:21.182266 1467 update_attempter.cc:310] Error event sent. Feb 9 12:40:21.183636 locksmithd[1512]: LastCheckedTime=0 Progress=0 CurrentOperation="UPDATE_STATUS_REPORTING_ERROR_EVENT" NewVersion=0.0.0 NewSize=0 Feb 9 12:40:21.183636 locksmithd[1512]: LastCheckedTime=0 Progress=0 CurrentOperation="UPDATE_STATUS_IDLE" NewVersion=0.0.0 NewSize=0 Feb 9 12:40:21.184225 update_engine[1467]: I0209 12:40:21.182294 1467 update_check_scheduler.cc:74] Next update check in 47m36s Feb 9 12:40:21.537719 systemd[1]: Started sshd@91-86.109.11.101:22-101.35.54.203:44994.service. Feb 9 12:40:21.536000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@91-86.109.11.101:22-101.35.54.203:44994 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:21.823410 sshd[6451]: Failed password for invalid user iamsiiitttaaa from 43.156.225.133 port 43250 ssh2 Feb 9 12:40:22.305056 sshd[6451]: Received disconnect from 43.156.225.133 port 43250:11: Bye Bye [preauth] Feb 9 12:40:22.305056 sshd[6451]: Disconnected from invalid user iamsiiitttaaa 43.156.225.133 port 43250 [preauth] Feb 9 12:40:22.307427 systemd[1]: sshd@90-86.109.11.101:22-43.156.225.133:43250.service: Deactivated successfully. Feb 9 12:40:22.306000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@90-86.109.11.101:22-43.156.225.133:43250 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:22.372848 sshd[6476]: Invalid user wcy from 101.35.54.203 port 44994 Feb 9 12:40:22.379305 sshd[6476]: pam_faillock(sshd:auth): User unknown Feb 9 12:40:22.380314 sshd[6476]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:40:22.380402 sshd[6476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.35.54.203 Feb 9 12:40:22.381542 sshd[6476]: pam_faillock(sshd:auth): User unknown Feb 9 12:40:22.380000 audit[6476]: USER_AUTH pid=6476 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="wcy" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:40:23.328000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:40:23.328000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001bb15c0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:40:23.328000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:40:23.328000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:40:23.328000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001f174e0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:40:23.328000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:40:23.460000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:40:23.460000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=69 a1=c0097ce240 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:40:23.460000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:40:23.460000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:40:23.460000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=6a a1=c0074171a0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:40:23.460000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:40:23.460000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="sda9" ino=521007 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:40:23.460000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:40:23.460000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=69 a1=c00a17bc50 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:40:23.460000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=6b a1=c0085e85c0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:40:23.460000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:40:23.460000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:40:23.460000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:40:23.460000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=69 a1=c0075468d0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:40:23.460000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:40:23.460000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="sda9" ino=521013 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:40:23.460000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=6b a1=c01156ba10 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:40:23.460000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:40:23.986495 systemd[1]: Started sshd@92-86.109.11.101:22-61.177.172.179:15465.service. Feb 9 12:40:23.985000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@92-86.109.11.101:22-61.177.172.179:15465 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:24.013680 kernel: kauditd_printk_skb: 30 callbacks suppressed Feb 9 12:40:24.013737 kernel: audit: type=1130 audit(1707482423.985:1722): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@92-86.109.11.101:22-61.177.172.179:15465 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:24.218047 systemd[1]: Started sshd@93-86.109.11.101:22-147.75.109.163:35262.service. Feb 9 12:40:24.217000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@93-86.109.11.101:22-147.75.109.163:35262 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:24.262640 sshd[6476]: Failed password for invalid user wcy from 101.35.54.203 port 44994 ssh2 Feb 9 12:40:24.310289 kernel: audit: type=1130 audit(1707482424.217:1723): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@93-86.109.11.101:22-147.75.109.163:35262 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:24.354000 audit[6509]: USER_ACCT pid=6509 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:24.355754 sshd[6509]: Accepted publickey for core from 147.75.109.163 port 35262 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:40:24.360173 sshd[6509]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:40:24.369854 systemd-logind[1465]: New session 23 of user core. Feb 9 12:40:24.372653 systemd[1]: Started session-23.scope. Feb 9 12:40:24.358000 audit[6509]: CRED_ACQ pid=6509 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:24.469387 sshd[6509]: pam_unix(sshd:session): session closed for user core Feb 9 12:40:24.470618 systemd[1]: sshd@93-86.109.11.101:22-147.75.109.163:35262.service: Deactivated successfully. Feb 9 12:40:24.471046 systemd[1]: session-23.scope: Deactivated successfully. Feb 9 12:40:24.471391 systemd-logind[1465]: Session 23 logged out. Waiting for processes to exit. Feb 9 12:40:24.471799 systemd-logind[1465]: Removed session 23. Feb 9 12:40:24.539293 kernel: audit: type=1101 audit(1707482424.354:1724): pid=6509 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:24.539330 kernel: audit: type=1103 audit(1707482424.358:1725): pid=6509 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:24.539347 kernel: audit: type=1006 audit(1707482424.358:1726): pid=6509 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=23 res=1 Feb 9 12:40:24.598185 kernel: audit: type=1300 audit(1707482424.358:1726): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc50e5b060 a2=3 a3=0 items=0 ppid=1 pid=6509 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=23 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:24.358000 audit[6509]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc50e5b060 a2=3 a3=0 items=0 ppid=1 pid=6509 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=23 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:24.358000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:24.721261 kernel: audit: type=1327 audit(1707482424.358:1726): proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:24.721290 kernel: audit: type=1105 audit(1707482424.380:1727): pid=6509 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:24.380000 audit[6509]: USER_START pid=6509 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:24.817171 kernel: audit: type=1103 audit(1707482424.382:1728): pid=6511 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:24.382000 audit[6511]: CRED_ACQ pid=6511 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:24.906923 kernel: audit: type=1106 audit(1707482424.468:1729): pid=6509 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:24.468000 audit[6509]: USER_END pid=6509 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:24.986193 sshd[6506]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.179 user=root Feb 9 12:40:24.468000 audit[6509]: CRED_DISP pid=6509 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:24.469000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@93-86.109.11.101:22-147.75.109.163:35262 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:24.985000 audit[6506]: USER_AUTH pid=6506 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=61.177.172.179 addr=61.177.172.179 terminal=ssh res=failed' Feb 9 12:40:25.427307 sshd[6476]: Received disconnect from 101.35.54.203 port 44994:11: Bye Bye [preauth] Feb 9 12:40:25.427307 sshd[6476]: Disconnected from invalid user wcy 101.35.54.203 port 44994 [preauth] Feb 9 12:40:25.429850 systemd[1]: sshd@91-86.109.11.101:22-101.35.54.203:44994.service: Deactivated successfully. Feb 9 12:40:25.429000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@91-86.109.11.101:22-101.35.54.203:44994 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:27.143123 sshd[6506]: Failed password for root from 61.177.172.179 port 15465 ssh2 Feb 9 12:40:28.091000 audit[6506]: USER_AUTH pid=6506 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=61.177.172.179 addr=61.177.172.179 terminal=ssh res=failed' Feb 9 12:40:29.121096 systemd[1]: Started sshd@94-86.109.11.101:22-38.7.207.12:41600.service. Feb 9 12:40:29.120000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@94-86.109.11.101:22-38.7.207.12:41600 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:29.148628 kernel: kauditd_printk_skb: 5 callbacks suppressed Feb 9 12:40:29.148694 kernel: audit: type=1130 audit(1707482429.120:1735): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@94-86.109.11.101:22-38.7.207.12:41600 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:29.478792 systemd[1]: Started sshd@95-86.109.11.101:22-147.75.109.163:49242.service. Feb 9 12:40:29.477000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@95-86.109.11.101:22-147.75.109.163:49242 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:29.569235 kernel: audit: type=1130 audit(1707482429.477:1736): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@95-86.109.11.101:22-147.75.109.163:49242 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:29.597000 audit[6542]: USER_ACCT pid=6542 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:29.598458 sshd[6542]: Accepted publickey for core from 147.75.109.163 port 49242 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:40:29.600473 sshd[6542]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:40:29.602877 systemd-logind[1465]: New session 24 of user core. Feb 9 12:40:29.603396 systemd[1]: Started session-24.scope. Feb 9 12:40:29.681931 sshd[6542]: pam_unix(sshd:session): session closed for user core Feb 9 12:40:29.683362 systemd[1]: sshd@95-86.109.11.101:22-147.75.109.163:49242.service: Deactivated successfully. Feb 9 12:40:29.683796 systemd[1]: session-24.scope: Deactivated successfully. Feb 9 12:40:29.684104 systemd-logind[1465]: Session 24 logged out. Waiting for processes to exit. Feb 9 12:40:29.684559 systemd-logind[1465]: Removed session 24. Feb 9 12:40:29.599000 audit[6542]: CRED_ACQ pid=6542 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:29.782084 kernel: audit: type=1101 audit(1707482429.597:1737): pid=6542 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:29.782118 kernel: audit: type=1103 audit(1707482429.599:1738): pid=6542 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:29.782132 kernel: audit: type=1006 audit(1707482429.599:1739): pid=6542 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=24 res=1 Feb 9 12:40:29.841261 kernel: audit: type=1300 audit(1707482429.599:1739): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd3e9c5c10 a2=3 a3=0 items=0 ppid=1 pid=6542 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=24 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:29.599000 audit[6542]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd3e9c5c10 a2=3 a3=0 items=0 ppid=1 pid=6542 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=24 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:29.599000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:29.964961 kernel: audit: type=1327 audit(1707482429.599:1739): proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:29.965155 kernel: audit: type=1105 audit(1707482429.604:1740): pid=6542 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:29.604000 audit[6542]: USER_START pid=6542 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:30.060780 kernel: audit: type=1103 audit(1707482429.604:1741): pid=6544 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:29.604000 audit[6544]: CRED_ACQ pid=6544 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:30.108132 sshd[6539]: Invalid user isabina from 38.7.207.12 port 41600 Feb 9 12:40:30.109351 sshd[6539]: pam_faillock(sshd:auth): User unknown Feb 9 12:40:30.109555 sshd[6539]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:40:30.109574 sshd[6539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.7.207.12 Feb 9 12:40:30.109733 sshd[6539]: pam_faillock(sshd:auth): User unknown Feb 9 12:40:29.681000 audit[6542]: USER_END pid=6542 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:30.151316 kernel: audit: type=1106 audit(1707482429.681:1742): pid=6542 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:29.681000 audit[6542]: CRED_DISP pid=6542 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:29.682000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@95-86.109.11.101:22-147.75.109.163:49242 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:30.108000 audit[6539]: USER_AUTH pid=6539 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="isabina" exe="/usr/sbin/sshd" hostname=38.7.207.12 addr=38.7.207.12 terminal=ssh res=failed' Feb 9 12:40:30.464799 sshd[6506]: Failed password for root from 61.177.172.179 port 15465 ssh2 Feb 9 12:40:31.198000 audit[6506]: USER_AUTH pid=6506 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=61.177.172.179 addr=61.177.172.179 terminal=ssh res=failed' Feb 9 12:40:31.754437 sshd[6539]: Failed password for invalid user isabina from 38.7.207.12 port 41600 ssh2 Feb 9 12:40:33.316126 sshd[6506]: Failed password for root from 61.177.172.179 port 15465 ssh2 Feb 9 12:40:33.493839 sshd[6539]: Received disconnect from 38.7.207.12 port 41600:11: Bye Bye [preauth] Feb 9 12:40:33.493839 sshd[6539]: Disconnected from invalid user isabina 38.7.207.12 port 41600 [preauth] Feb 9 12:40:33.496480 systemd[1]: sshd@94-86.109.11.101:22-38.7.207.12:41600.service: Deactivated successfully. Feb 9 12:40:33.495000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@94-86.109.11.101:22-38.7.207.12:41600 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:34.304700 sshd[6506]: Received disconnect from 61.177.172.179 port 15465:11: [preauth] Feb 9 12:40:34.304700 sshd[6506]: Disconnected from authenticating user root 61.177.172.179 port 15465 [preauth] Feb 9 12:40:34.305330 sshd[6506]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.179 user=root Feb 9 12:40:34.307397 systemd[1]: sshd@92-86.109.11.101:22-61.177.172.179:15465.service: Deactivated successfully. Feb 9 12:40:34.306000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@92-86.109.11.101:22-61.177.172.179:15465 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:34.335073 kernel: kauditd_printk_skb: 5 callbacks suppressed Feb 9 12:40:34.335133 kernel: audit: type=1131 audit(1707482434.306:1748): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@92-86.109.11.101:22-61.177.172.179:15465 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:34.433257 systemd[1]: Started sshd@96-86.109.11.101:22-61.177.172.179:32744.service. Feb 9 12:40:34.432000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@96-86.109.11.101:22-61.177.172.179:32744 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:34.522237 kernel: audit: type=1130 audit(1707482434.432:1749): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@96-86.109.11.101:22-61.177.172.179:32744 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:34.692175 systemd[1]: Started sshd@97-86.109.11.101:22-147.75.109.163:58232.service. Feb 9 12:40:34.691000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@97-86.109.11.101:22-147.75.109.163:58232 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:34.783263 kernel: audit: type=1130 audit(1707482434.691:1750): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@97-86.109.11.101:22-147.75.109.163:58232 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:34.811000 audit[6573]: USER_ACCT pid=6573 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:34.812686 sshd[6573]: Accepted publickey for core from 147.75.109.163 port 58232 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:40:34.814001 sshd[6573]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:40:34.816356 systemd-logind[1465]: New session 25 of user core. Feb 9 12:40:34.817018 systemd[1]: Started session-25.scope. Feb 9 12:40:34.898331 sshd[6573]: pam_unix(sshd:session): session closed for user core Feb 9 12:40:34.899860 systemd[1]: sshd@97-86.109.11.101:22-147.75.109.163:58232.service: Deactivated successfully. Feb 9 12:40:34.900397 systemd[1]: session-25.scope: Deactivated successfully. Feb 9 12:40:34.900875 systemd-logind[1465]: Session 25 logged out. Waiting for processes to exit. Feb 9 12:40:34.901457 systemd-logind[1465]: Removed session 25. Feb 9 12:40:34.812000 audit[6573]: CRED_ACQ pid=6573 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:34.998766 kernel: audit: type=1101 audit(1707482434.811:1751): pid=6573 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:34.998805 kernel: audit: type=1103 audit(1707482434.812:1752): pid=6573 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:34.998821 kernel: audit: type=1006 audit(1707482434.812:1753): pid=6573 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=25 res=1 Feb 9 12:40:35.057964 kernel: audit: type=1300 audit(1707482434.812:1753): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffd12d6ea0 a2=3 a3=0 items=0 ppid=1 pid=6573 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=25 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:34.812000 audit[6573]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffd12d6ea0 a2=3 a3=0 items=0 ppid=1 pid=6573 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=25 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:34.812000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:35.182097 kernel: audit: type=1327 audit(1707482434.812:1753): proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:35.182122 kernel: audit: type=1105 audit(1707482434.817:1754): pid=6573 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:34.817000 audit[6573]: USER_START pid=6573 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:35.277998 kernel: audit: type=1103 audit(1707482434.818:1755): pid=6575 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:34.818000 audit[6575]: CRED_ACQ pid=6575 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:34.897000 audit[6573]: USER_END pid=6573 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:34.897000 audit[6573]: CRED_DISP pid=6573 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:34.898000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@97-86.109.11.101:22-147.75.109.163:58232 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:35.595941 sshd[6570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.179 user=root Feb 9 12:40:35.595000 audit[6570]: USER_AUTH pid=6570 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=61.177.172.179 addr=61.177.172.179 terminal=ssh res=failed' Feb 9 12:40:37.261470 sshd[6570]: Failed password for root from 61.177.172.179 port 32744 ssh2 Feb 9 12:40:38.691000 audit[6570]: USER_AUTH pid=6570 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=61.177.172.179 addr=61.177.172.179 terminal=ssh res=failed' Feb 9 12:40:39.221000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:40:39.221000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0010f7ca0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:40:39.221000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:40:39.222000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:40:39.222000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0010f7cc0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:40:39.222000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:40:39.224000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:40:39.224000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0010f7ce0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:40:39.224000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:40:39.225000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:40:39.225000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c002a33f40 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:40:39.225000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:40:39.907680 systemd[1]: Started sshd@98-86.109.11.101:22-147.75.109.163:58248.service. Feb 9 12:40:39.906000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@98-86.109.11.101:22-147.75.109.163:58248 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:39.934804 kernel: kauditd_printk_skb: 17 callbacks suppressed Feb 9 12:40:39.934887 kernel: audit: type=1130 audit(1707482439.906:1765): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@98-86.109.11.101:22-147.75.109.163:58248 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:40.052000 audit[6598]: USER_ACCT pid=6598 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:40.053758 sshd[6598]: Accepted publickey for core from 147.75.109.163 port 58248 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:40:40.054532 sshd[6598]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:40:40.056837 systemd-logind[1465]: New session 26 of user core. Feb 9 12:40:40.057377 systemd[1]: Started session-26.scope. Feb 9 12:40:40.138103 sshd[6598]: pam_unix(sshd:session): session closed for user core Feb 9 12:40:40.139486 systemd[1]: sshd@98-86.109.11.101:22-147.75.109.163:58248.service: Deactivated successfully. Feb 9 12:40:40.139919 systemd[1]: session-26.scope: Deactivated successfully. Feb 9 12:40:40.140194 systemd-logind[1465]: Session 26 logged out. Waiting for processes to exit. Feb 9 12:40:40.140696 systemd-logind[1465]: Removed session 26. Feb 9 12:40:40.053000 audit[6598]: CRED_ACQ pid=6598 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:40.235709 kernel: audit: type=1101 audit(1707482440.052:1766): pid=6598 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:40.235745 kernel: audit: type=1103 audit(1707482440.053:1767): pid=6598 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:40.235765 kernel: audit: type=1006 audit(1707482440.053:1768): pid=6598 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=26 res=1 Feb 9 12:40:40.294601 kernel: audit: type=1300 audit(1707482440.053:1768): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd60ae6bb0 a2=3 a3=0 items=0 ppid=1 pid=6598 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=26 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:40.053000 audit[6598]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd60ae6bb0 a2=3 a3=0 items=0 ppid=1 pid=6598 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=26 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:40.387184 kernel: audit: type=1327 audit(1707482440.053:1768): proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:40.053000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:40.417859 kernel: audit: type=1105 audit(1707482440.058:1769): pid=6598 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:40.058000 audit[6598]: USER_START pid=6598 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:40.512791 kernel: audit: type=1103 audit(1707482440.059:1770): pid=6600 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:40.059000 audit[6600]: CRED_ACQ pid=6600 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:40.601936 kernel: audit: type=1106 audit(1707482440.137:1771): pid=6598 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:40.137000 audit[6598]: USER_END pid=6598 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:40.697384 kernel: audit: type=1104 audit(1707482440.137:1772): pid=6598 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:40.137000 audit[6598]: CRED_DISP pid=6598 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:40.768379 sshd[6570]: Failed password for root from 61.177.172.179 port 32744 ssh2 Feb 9 12:40:40.138000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@98-86.109.11.101:22-147.75.109.163:58248 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:41.787000 audit[6570]: USER_AUTH pid=6570 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=61.177.172.179 addr=61.177.172.179 terminal=ssh res=failed' Feb 9 12:40:43.277626 sshd[6570]: Failed password for root from 61.177.172.179 port 32744 ssh2 Feb 9 12:40:44.886392 sshd[6570]: Received disconnect from 61.177.172.179 port 32744:11: [preauth] Feb 9 12:40:44.886392 sshd[6570]: Disconnected from authenticating user root 61.177.172.179 port 32744 [preauth] Feb 9 12:40:44.886925 sshd[6570]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.179 user=root Feb 9 12:40:44.889031 systemd[1]: sshd@96-86.109.11.101:22-61.177.172.179:32744.service: Deactivated successfully. Feb 9 12:40:44.888000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@96-86.109.11.101:22-61.177.172.179:32744 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:45.044220 systemd[1]: Started sshd@99-86.109.11.101:22-61.177.172.179:40179.service. Feb 9 12:40:45.043000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@99-86.109.11.101:22-61.177.172.179:40179 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:45.071178 kernel: kauditd_printk_skb: 3 callbacks suppressed Feb 9 12:40:45.071223 kernel: audit: type=1130 audit(1707482445.043:1776): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@99-86.109.11.101:22-61.177.172.179:40179 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:45.140428 systemd[1]: Started sshd@100-86.109.11.101:22-147.75.109.163:55566.service. Feb 9 12:40:45.139000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@100-86.109.11.101:22-147.75.109.163:55566 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:45.247390 kernel: audit: type=1130 audit(1707482445.139:1777): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@100-86.109.11.101:22-147.75.109.163:55566 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:45.275000 audit[6629]: USER_ACCT pid=6629 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:45.276486 sshd[6629]: Accepted publickey for core from 147.75.109.163 port 55566 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:40:45.277801 sshd[6629]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:40:45.280160 systemd-logind[1465]: New session 27 of user core. Feb 9 12:40:45.280712 systemd[1]: Started session-27.scope. Feb 9 12:40:45.358146 sshd[6629]: pam_unix(sshd:session): session closed for user core Feb 9 12:40:45.359661 systemd[1]: sshd@100-86.109.11.101:22-147.75.109.163:55566.service: Deactivated successfully. Feb 9 12:40:45.360095 systemd[1]: session-27.scope: Deactivated successfully. Feb 9 12:40:45.360518 systemd-logind[1465]: Session 27 logged out. Waiting for processes to exit. Feb 9 12:40:45.361073 systemd-logind[1465]: Removed session 27. Feb 9 12:40:45.276000 audit[6629]: CRED_ACQ pid=6629 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:45.457526 kernel: audit: type=1101 audit(1707482445.275:1778): pid=6629 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:45.457569 kernel: audit: type=1103 audit(1707482445.276:1779): pid=6629 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:45.457585 kernel: audit: type=1006 audit(1707482445.276:1780): pid=6629 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=27 res=1 Feb 9 12:40:45.516111 kernel: audit: type=1300 audit(1707482445.276:1780): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffebe454d80 a2=3 a3=0 items=0 ppid=1 pid=6629 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=27 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:45.276000 audit[6629]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffebe454d80 a2=3 a3=0 items=0 ppid=1 pid=6629 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=27 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:45.608060 kernel: audit: type=1327 audit(1707482445.276:1780): proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:45.276000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:45.638567 kernel: audit: type=1105 audit(1707482445.281:1781): pid=6629 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:45.281000 audit[6629]: USER_START pid=6629 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:45.733899 kernel: audit: type=1103 audit(1707482445.282:1782): pid=6631 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:45.282000 audit[6631]: CRED_ACQ pid=6631 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:45.357000 audit[6629]: USER_END pid=6629 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:45.918903 kernel: audit: type=1106 audit(1707482445.357:1783): pid=6629 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:45.357000 audit[6629]: CRED_DISP pid=6629 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:45.358000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@100-86.109.11.101:22-147.75.109.163:55566 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:46.823294 sshd[6626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.179 user=root Feb 9 12:40:46.822000 audit[6626]: USER_AUTH pid=6626 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=61.177.172.179 addr=61.177.172.179 terminal=ssh res=failed' Feb 9 12:40:49.000610 sshd[6626]: Failed password for root from 61.177.172.179 port 40179 ssh2 Feb 9 12:40:49.928000 audit[6626]: USER_AUTH pid=6626 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=61.177.172.179 addr=61.177.172.179 terminal=ssh res=failed' Feb 9 12:40:50.370427 systemd[1]: Started sshd@101-86.109.11.101:22-147.75.109.163:55582.service. Feb 9 12:40:50.370000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@101-86.109.11.101:22-147.75.109.163:55582 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:50.413042 kernel: kauditd_printk_skb: 4 callbacks suppressed Feb 9 12:40:50.413111 kernel: audit: type=1130 audit(1707482450.370:1788): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@101-86.109.11.101:22-147.75.109.163:55582 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:50.530000 audit[6653]: USER_ACCT pid=6653 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:50.530695 sshd[6653]: Accepted publickey for core from 147.75.109.163 port 55582 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:40:50.532523 sshd[6653]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:40:50.534828 systemd-logind[1465]: New session 28 of user core. Feb 9 12:40:50.535411 systemd[1]: Started session-28.scope. Feb 9 12:40:50.616624 sshd[6653]: pam_unix(sshd:session): session closed for user core Feb 9 12:40:50.617965 systemd[1]: sshd@101-86.109.11.101:22-147.75.109.163:55582.service: Deactivated successfully. Feb 9 12:40:50.618407 systemd[1]: session-28.scope: Deactivated successfully. Feb 9 12:40:50.618858 systemd-logind[1465]: Session 28 logged out. Waiting for processes to exit. Feb 9 12:40:50.619242 systemd-logind[1465]: Removed session 28. Feb 9 12:40:50.532000 audit[6653]: CRED_ACQ pid=6653 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:50.713470 kernel: audit: type=1101 audit(1707482450.530:1789): pid=6653 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:50.713545 kernel: audit: type=1103 audit(1707482450.532:1790): pid=6653 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:50.713560 kernel: audit: type=1006 audit(1707482450.532:1791): pid=6653 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=28 res=1 Feb 9 12:40:50.772430 kernel: audit: type=1300 audit(1707482450.532:1791): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffd5e559d0 a2=3 a3=0 items=0 ppid=1 pid=6653 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=28 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:50.532000 audit[6653]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffd5e559d0 a2=3 a3=0 items=0 ppid=1 pid=6653 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=28 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:50.864967 kernel: audit: type=1327 audit(1707482450.532:1791): proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:50.532000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:50.895649 kernel: audit: type=1105 audit(1707482450.537:1792): pid=6653 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:50.537000 audit[6653]: USER_START pid=6653 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:50.538000 audit[6655]: CRED_ACQ pid=6655 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:51.080378 kernel: audit: type=1103 audit(1707482450.538:1793): pid=6655 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:51.080453 kernel: audit: type=1106 audit(1707482450.616:1794): pid=6653 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:50.616000 audit[6653]: USER_END pid=6653 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:50.617000 audit[6653]: CRED_DISP pid=6653 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:51.266293 kernel: audit: type=1104 audit(1707482450.617:1795): pid=6653 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:50.617000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@101-86.109.11.101:22-147.75.109.163:55582 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:51.849504 sshd[6626]: Failed password for root from 61.177.172.179 port 40179 ssh2 Feb 9 12:40:53.031000 audit[6626]: USER_AUTH pid=6626 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=61.177.172.179 addr=61.177.172.179 terminal=ssh res=failed' Feb 9 12:40:54.500652 sshd[6626]: Failed password for root from 61.177.172.179 port 40179 ssh2 Feb 9 12:40:54.653067 sshd[6626]: Received disconnect from 61.177.172.179 port 40179:11: [preauth] Feb 9 12:40:54.653067 sshd[6626]: Disconnected from authenticating user root 61.177.172.179 port 40179 [preauth] Feb 9 12:40:54.653634 sshd[6626]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.179 user=root Feb 9 12:40:54.655767 systemd[1]: sshd@99-86.109.11.101:22-61.177.172.179:40179.service: Deactivated successfully. Feb 9 12:40:54.656000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@99-86.109.11.101:22-61.177.172.179:40179 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:55.128169 systemd[1]: Started sshd@102-86.109.11.101:22-106.54.212.205:43340.service. Feb 9 12:40:55.128000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@102-86.109.11.101:22-106.54.212.205:43340 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:55.628075 systemd[1]: Started sshd@103-86.109.11.101:22-147.75.109.163:42214.service. Feb 9 12:40:55.628000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@103-86.109.11.101:22-147.75.109.163:42214 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:55.655721 kernel: kauditd_printk_skb: 4 callbacks suppressed Feb 9 12:40:55.655789 kernel: audit: type=1130 audit(1707482455.628:1800): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@103-86.109.11.101:22-147.75.109.163:42214 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:55.790000 audit[6708]: USER_ACCT pid=6708 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:55.790523 sshd[6708]: Accepted publickey for core from 147.75.109.163 port 42214 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:40:55.792073 sshd[6708]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:40:55.797172 systemd-logind[1465]: New session 29 of user core. Feb 9 12:40:55.797794 systemd[1]: Started session-29.scope. Feb 9 12:40:55.791000 audit[6708]: CRED_ACQ pid=6708 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:55.972356 kernel: audit: type=1101 audit(1707482455.790:1801): pid=6708 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:55.972399 kernel: audit: type=1103 audit(1707482455.791:1802): pid=6708 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:55.972417 kernel: audit: type=1006 audit(1707482455.791:1803): pid=6708 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=29 res=1 Feb 9 12:40:56.031323 kernel: audit: type=1300 audit(1707482455.791:1803): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffcedffdad0 a2=3 a3=0 items=0 ppid=1 pid=6708 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=29 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:55.791000 audit[6708]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffcedffdad0 a2=3 a3=0 items=0 ppid=1 pid=6708 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=29 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:40:55.791000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:56.154498 kernel: audit: type=1327 audit(1707482455.791:1803): proctitle=737368643A20636F7265205B707269765D Feb 9 12:40:56.154548 kernel: audit: type=1105 audit(1707482455.799:1804): pid=6708 uid=0 auid=500 ses=29 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:55.799000 audit[6708]: USER_START pid=6708 uid=0 auid=500 ses=29 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:56.154708 sshd[6708]: pam_unix(sshd:session): session closed for user core Feb 9 12:40:56.156095 systemd[1]: sshd@103-86.109.11.101:22-147.75.109.163:42214.service: Deactivated successfully. Feb 9 12:40:56.156535 systemd[1]: session-29.scope: Deactivated successfully. Feb 9 12:40:56.156875 systemd-logind[1465]: Session 29 logged out. Waiting for processes to exit. Feb 9 12:40:56.157222 systemd-logind[1465]: Removed session 29. Feb 9 12:40:56.249493 kernel: audit: type=1103 audit(1707482455.800:1805): pid=6710 uid=0 auid=500 ses=29 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:55.800000 audit[6710]: CRED_ACQ pid=6710 uid=0 auid=500 ses=29 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:56.293166 systemd[1]: Started sshd@104-86.109.11.101:22-101.35.54.203:54074.service. Feb 9 12:40:56.155000 audit[6708]: USER_END pid=6708 uid=0 auid=500 ses=29 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:56.434217 kernel: audit: type=1106 audit(1707482456.155:1806): pid=6708 uid=0 auid=500 ses=29 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:56.434263 kernel: audit: type=1104 audit(1707482456.155:1807): pid=6708 uid=0 auid=500 ses=29 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:56.155000 audit[6708]: CRED_DISP pid=6708 uid=0 auid=500 ses=29 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:40:56.155000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@103-86.109.11.101:22-147.75.109.163:42214 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:56.292000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@104-86.109.11.101:22-101.35.54.203:54074 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:57.020366 systemd[1]: Started sshd@105-86.109.11.101:22-43.153.64.49:49212.service. Feb 9 12:40:57.020000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@105-86.109.11.101:22-43.153.64.49:49212 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:57.046019 sshd[6733]: Invalid user kia from 101.35.54.203 port 54074 Feb 9 12:40:57.047776 sshd[6733]: pam_faillock(sshd:auth): User unknown Feb 9 12:40:57.048131 sshd[6733]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:40:57.048157 sshd[6733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.35.54.203 Feb 9 12:40:57.048436 sshd[6733]: pam_faillock(sshd:auth): User unknown Feb 9 12:40:57.048000 audit[6733]: USER_AUTH pid=6733 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="kia" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:40:57.136015 sshd[6736]: Invalid user hemati from 43.153.64.49 port 49212 Feb 9 12:40:57.138660 sshd[6736]: pam_faillock(sshd:auth): User unknown Feb 9 12:40:57.139081 sshd[6736]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:40:57.139120 sshd[6736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.153.64.49 Feb 9 12:40:57.139550 sshd[6736]: pam_faillock(sshd:auth): User unknown Feb 9 12:40:57.139000 audit[6736]: USER_AUTH pid=6736 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="hemati" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:40:59.069736 sshd[6733]: Failed password for invalid user kia from 101.35.54.203 port 54074 ssh2 Feb 9 12:40:59.161098 sshd[6736]: Failed password for invalid user hemati from 43.153.64.49 port 49212 ssh2 Feb 9 12:40:59.278377 sshd[6736]: Received disconnect from 43.153.64.49 port 49212:11: Bye Bye [preauth] Feb 9 12:40:59.278377 sshd[6736]: Disconnected from invalid user hemati 43.153.64.49 port 49212 [preauth] Feb 9 12:40:59.280834 systemd[1]: sshd@105-86.109.11.101:22-43.153.64.49:49212.service: Deactivated successfully. Feb 9 12:40:59.281000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@105-86.109.11.101:22-43.153.64.49:49212 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:40:59.793169 sshd[6733]: Received disconnect from 101.35.54.203 port 54074:11: Bye Bye [preauth] Feb 9 12:40:59.793169 sshd[6733]: Disconnected from invalid user kia 101.35.54.203 port 54074 [preauth] Feb 9 12:40:59.795667 systemd[1]: sshd@104-86.109.11.101:22-101.35.54.203:54074.service: Deactivated successfully. Feb 9 12:40:59.795000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@104-86.109.11.101:22-101.35.54.203:54074 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:01.134827 systemd[1]: Started sshd@106-86.109.11.101:22-147.75.109.163:42222.service. Feb 9 12:41:01.134000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@106-86.109.11.101:22-147.75.109.163:42222 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:01.161612 kernel: kauditd_printk_skb: 7 callbacks suppressed Feb 9 12:41:01.161691 kernel: audit: type=1130 audit(1707482461.134:1815): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@106-86.109.11.101:22-147.75.109.163:42222 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:01.279000 audit[6742]: USER_ACCT pid=6742 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:01.279727 sshd[6742]: Accepted publickey for core from 147.75.109.163 port 42222 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:41:01.280473 sshd[6742]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:41:01.282864 systemd-logind[1465]: New session 30 of user core. Feb 9 12:41:01.283428 systemd[1]: Started session-30.scope. Feb 9 12:41:01.280000 audit[6742]: CRED_ACQ pid=6742 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:01.373519 sshd[6742]: pam_unix(sshd:session): session closed for user core Feb 9 12:41:01.374896 systemd[1]: sshd@106-86.109.11.101:22-147.75.109.163:42222.service: Deactivated successfully. Feb 9 12:41:01.375326 systemd[1]: session-30.scope: Deactivated successfully. Feb 9 12:41:01.375644 systemd-logind[1465]: Session 30 logged out. Waiting for processes to exit. Feb 9 12:41:01.376050 systemd-logind[1465]: Removed session 30. Feb 9 12:41:01.461521 kernel: audit: type=1101 audit(1707482461.279:1816): pid=6742 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:01.461551 kernel: audit: type=1103 audit(1707482461.280:1817): pid=6742 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:01.461572 kernel: audit: type=1006 audit(1707482461.280:1818): pid=6742 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=30 res=1 Feb 9 12:41:01.520093 kernel: audit: type=1300 audit(1707482461.280:1818): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffee13335b0 a2=3 a3=0 items=0 ppid=1 pid=6742 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=30 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:01.280000 audit[6742]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffee13335b0 a2=3 a3=0 items=0 ppid=1 pid=6742 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=30 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:01.612243 kernel: audit: type=1327 audit(1707482461.280:1818): proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:01.280000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:01.642768 kernel: audit: type=1105 audit(1707482461.285:1819): pid=6742 uid=0 auid=500 ses=30 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:01.285000 audit[6742]: USER_START pid=6742 uid=0 auid=500 ses=30 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:01.737384 kernel: audit: type=1103 audit(1707482461.286:1820): pid=6744 uid=0 auid=500 ses=30 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:01.286000 audit[6744]: CRED_ACQ pid=6744 uid=0 auid=500 ses=30 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:01.826569 kernel: audit: type=1106 audit(1707482461.373:1821): pid=6742 uid=0 auid=500 ses=30 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:01.373000 audit[6742]: USER_END pid=6742 uid=0 auid=500 ses=30 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:01.922111 kernel: audit: type=1104 audit(1707482461.374:1822): pid=6742 uid=0 auid=500 ses=30 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:01.374000 audit[6742]: CRED_DISP pid=6742 uid=0 auid=500 ses=30 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:01.374000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@106-86.109.11.101:22-147.75.109.163:42222 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:06.383298 systemd[1]: Started sshd@107-86.109.11.101:22-147.75.109.163:45760.service. Feb 9 12:41:06.383000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@107-86.109.11.101:22-147.75.109.163:45760 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:06.410210 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:41:06.410267 kernel: audit: type=1130 audit(1707482466.383:1824): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@107-86.109.11.101:22-147.75.109.163:45760 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:06.528000 audit[6768]: USER_ACCT pid=6768 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:06.528785 sshd[6768]: Accepted publickey for core from 147.75.109.163 port 45760 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:41:06.529509 sshd[6768]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:41:06.531885 systemd-logind[1465]: New session 31 of user core. Feb 9 12:41:06.532377 systemd[1]: Started session-31.scope. Feb 9 12:41:06.612286 sshd[6768]: pam_unix(sshd:session): session closed for user core Feb 9 12:41:06.613885 systemd[1]: sshd@107-86.109.11.101:22-147.75.109.163:45760.service: Deactivated successfully. Feb 9 12:41:06.614375 systemd[1]: session-31.scope: Deactivated successfully. Feb 9 12:41:06.614724 systemd-logind[1465]: Session 31 logged out. Waiting for processes to exit. Feb 9 12:41:06.615149 systemd-logind[1465]: Removed session 31. Feb 9 12:41:06.529000 audit[6768]: CRED_ACQ pid=6768 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:06.712288 kernel: audit: type=1101 audit(1707482466.528:1825): pid=6768 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:06.712324 kernel: audit: type=1103 audit(1707482466.529:1826): pid=6768 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:06.712339 kernel: audit: type=1006 audit(1707482466.529:1827): pid=6768 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=31 res=1 Feb 9 12:41:06.529000 audit[6768]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffb21a39f0 a2=3 a3=0 items=0 ppid=1 pid=6768 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=31 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:06.863022 kernel: audit: type=1300 audit(1707482466.529:1827): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffb21a39f0 a2=3 a3=0 items=0 ppid=1 pid=6768 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=31 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:06.863051 kernel: audit: type=1327 audit(1707482466.529:1827): proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:06.529000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:06.534000 audit[6768]: USER_START pid=6768 uid=0 auid=500 ses=31 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:06.988095 kernel: audit: type=1105 audit(1707482466.534:1828): pid=6768 uid=0 auid=500 ses=31 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:06.988126 kernel: audit: type=1103 audit(1707482466.534:1829): pid=6770 uid=0 auid=500 ses=31 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:06.534000 audit[6770]: CRED_ACQ pid=6770 uid=0 auid=500 ses=31 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:07.077465 kernel: audit: type=1106 audit(1707482466.612:1830): pid=6768 uid=0 auid=500 ses=31 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:06.612000 audit[6768]: USER_END pid=6768 uid=0 auid=500 ses=31 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:06.612000 audit[6768]: CRED_DISP pid=6768 uid=0 auid=500 ses=31 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:07.262254 kernel: audit: type=1104 audit(1707482466.612:1831): pid=6768 uid=0 auid=500 ses=31 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:06.613000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@107-86.109.11.101:22-147.75.109.163:45760 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:11.622301 systemd[1]: Started sshd@108-86.109.11.101:22-147.75.109.163:45770.service. Feb 9 12:41:11.622000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@108-86.109.11.101:22-147.75.109.163:45770 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:11.649272 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:41:11.649314 kernel: audit: type=1130 audit(1707482471.622:1833): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@108-86.109.11.101:22-147.75.109.163:45770 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:11.767000 audit[6795]: USER_ACCT pid=6795 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:11.767665 sshd[6795]: Accepted publickey for core from 147.75.109.163 port 45770 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:41:11.769105 sshd[6795]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:41:11.771526 systemd-logind[1465]: New session 32 of user core. Feb 9 12:41:11.771956 systemd[1]: Started session-32.scope. Feb 9 12:41:11.768000 audit[6795]: CRED_ACQ pid=6795 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:11.861371 sshd[6795]: pam_unix(sshd:session): session closed for user core Feb 9 12:41:11.862834 systemd[1]: sshd@108-86.109.11.101:22-147.75.109.163:45770.service: Deactivated successfully. Feb 9 12:41:11.863292 systemd[1]: session-32.scope: Deactivated successfully. Feb 9 12:41:11.863649 systemd-logind[1465]: Session 32 logged out. Waiting for processes to exit. Feb 9 12:41:11.864084 systemd-logind[1465]: Removed session 32. Feb 9 12:41:11.949476 kernel: audit: type=1101 audit(1707482471.767:1834): pid=6795 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:11.949520 kernel: audit: type=1103 audit(1707482471.768:1835): pid=6795 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:11.949535 kernel: audit: type=1006 audit(1707482471.768:1836): pid=6795 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=32 res=1 Feb 9 12:41:12.008074 kernel: audit: type=1300 audit(1707482471.768:1836): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc0ce94bc0 a2=3 a3=0 items=0 ppid=1 pid=6795 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=32 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:11.768000 audit[6795]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc0ce94bc0 a2=3 a3=0 items=0 ppid=1 pid=6795 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=32 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:12.100140 kernel: audit: type=1327 audit(1707482471.768:1836): proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:11.768000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:12.130654 kernel: audit: type=1105 audit(1707482471.773:1837): pid=6795 uid=0 auid=500 ses=32 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:11.773000 audit[6795]: USER_START pid=6795 uid=0 auid=500 ses=32 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:12.225169 kernel: audit: type=1103 audit(1707482471.774:1838): pid=6797 uid=0 auid=500 ses=32 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:11.774000 audit[6797]: CRED_ACQ pid=6797 uid=0 auid=500 ses=32 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:12.314405 kernel: audit: type=1106 audit(1707482471.861:1839): pid=6795 uid=0 auid=500 ses=32 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:11.861000 audit[6795]: USER_END pid=6795 uid=0 auid=500 ses=32 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:12.409939 kernel: audit: type=1104 audit(1707482471.861:1840): pid=6795 uid=0 auid=500 ses=32 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:11.861000 audit[6795]: CRED_DISP pid=6795 uid=0 auid=500 ses=32 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:11.862000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@108-86.109.11.101:22-147.75.109.163:45770 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:16.865729 systemd[1]: Started sshd@109-86.109.11.101:22-147.75.109.163:37472.service. Feb 9 12:41:16.865000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@109-86.109.11.101:22-147.75.109.163:37472 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:16.892809 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:41:16.892876 kernel: audit: type=1130 audit(1707482476.865:1842): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@109-86.109.11.101:22-147.75.109.163:37472 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:17.010000 audit[6821]: USER_ACCT pid=6821 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:17.011472 sshd[6821]: Accepted publickey for core from 147.75.109.163 port 37472 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:41:17.012906 sshd[6821]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:41:17.015408 systemd-logind[1465]: New session 33 of user core. Feb 9 12:41:17.015994 systemd[1]: Started session-33.scope. Feb 9 12:41:17.011000 audit[6821]: CRED_ACQ pid=6821 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:17.105312 sshd[6821]: pam_unix(sshd:session): session closed for user core Feb 9 12:41:17.106724 systemd[1]: sshd@109-86.109.11.101:22-147.75.109.163:37472.service: Deactivated successfully. Feb 9 12:41:17.107200 systemd[1]: session-33.scope: Deactivated successfully. Feb 9 12:41:17.107597 systemd-logind[1465]: Session 33 logged out. Waiting for processes to exit. Feb 9 12:41:17.108089 systemd-logind[1465]: Removed session 33. Feb 9 12:41:17.193366 kernel: audit: type=1101 audit(1707482477.010:1843): pid=6821 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:17.193421 kernel: audit: type=1103 audit(1707482477.011:1844): pid=6821 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:17.193439 kernel: audit: type=1006 audit(1707482477.011:1845): pid=6821 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=33 res=1 Feb 9 12:41:17.252026 kernel: audit: type=1300 audit(1707482477.011:1845): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff8728f130 a2=3 a3=0 items=0 ppid=1 pid=6821 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=33 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:17.011000 audit[6821]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff8728f130 a2=3 a3=0 items=0 ppid=1 pid=6821 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=33 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:17.344091 kernel: audit: type=1327 audit(1707482477.011:1845): proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:17.011000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:17.374602 kernel: audit: type=1105 audit(1707482477.016:1846): pid=6821 uid=0 auid=500 ses=33 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:17.016000 audit[6821]: USER_START pid=6821 uid=0 auid=500 ses=33 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:17.469124 kernel: audit: type=1103 audit(1707482477.017:1847): pid=6823 uid=0 auid=500 ses=33 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:17.017000 audit[6823]: CRED_ACQ pid=6823 uid=0 auid=500 ses=33 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:17.104000 audit[6821]: USER_END pid=6821 uid=0 auid=500 ses=33 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:17.653873 kernel: audit: type=1106 audit(1707482477.104:1848): pid=6821 uid=0 auid=500 ses=33 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:17.653906 kernel: audit: type=1104 audit(1707482477.104:1849): pid=6821 uid=0 auid=500 ses=33 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:17.104000 audit[6821]: CRED_DISP pid=6821 uid=0 auid=500 ses=33 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:17.105000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@109-86.109.11.101:22-147.75.109.163:37472 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:22.116757 systemd[1]: Started sshd@110-86.109.11.101:22-147.75.109.163:37488.service. Feb 9 12:41:22.115000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@110-86.109.11.101:22-147.75.109.163:37488 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:22.160270 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:41:22.160382 kernel: audit: type=1130 audit(1707482482.115:1851): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@110-86.109.11.101:22-147.75.109.163:37488 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:22.278158 sshd[6847]: Accepted publickey for core from 147.75.109.163 port 37488 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:41:22.276000 audit[6847]: USER_ACCT pid=6847 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:22.279534 sshd[6847]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:41:22.281769 systemd-logind[1465]: New session 34 of user core. Feb 9 12:41:22.282356 systemd[1]: Started session-34.scope. Feb 9 12:41:22.278000 audit[6847]: CRED_ACQ pid=6847 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:22.372005 sshd[6847]: pam_unix(sshd:session): session closed for user core Feb 9 12:41:22.373342 systemd[1]: sshd@110-86.109.11.101:22-147.75.109.163:37488.service: Deactivated successfully. Feb 9 12:41:22.373769 systemd[1]: session-34.scope: Deactivated successfully. Feb 9 12:41:22.374103 systemd-logind[1465]: Session 34 logged out. Waiting for processes to exit. Feb 9 12:41:22.374657 systemd-logind[1465]: Removed session 34. Feb 9 12:41:22.460060 kernel: audit: type=1101 audit(1707482482.276:1852): pid=6847 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:22.460100 kernel: audit: type=1103 audit(1707482482.278:1853): pid=6847 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:22.460119 kernel: audit: type=1006 audit(1707482482.278:1854): pid=6847 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=34 res=1 Feb 9 12:41:22.278000 audit[6847]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffa29178e0 a2=3 a3=0 items=0 ppid=1 pid=6847 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=34 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:22.610695 kernel: audit: type=1300 audit(1707482482.278:1854): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffa29178e0 a2=3 a3=0 items=0 ppid=1 pid=6847 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=34 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:22.610745 kernel: audit: type=1327 audit(1707482482.278:1854): proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:22.278000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:22.641298 kernel: audit: type=1105 audit(1707482482.283:1855): pid=6847 uid=0 auid=500 ses=34 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:22.283000 audit[6847]: USER_START pid=6847 uid=0 auid=500 ses=34 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:22.283000 audit[6849]: CRED_ACQ pid=6849 uid=0 auid=500 ses=34 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:22.825054 kernel: audit: type=1103 audit(1707482482.283:1856): pid=6849 uid=0 auid=500 ses=34 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:22.825132 kernel: audit: type=1106 audit(1707482482.371:1857): pid=6847 uid=0 auid=500 ses=34 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:22.371000 audit[6847]: USER_END pid=6847 uid=0 auid=500 ses=34 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:22.371000 audit[6847]: CRED_DISP pid=6847 uid=0 auid=500 ses=34 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:23.009921 kernel: audit: type=1104 audit(1707482482.371:1858): pid=6847 uid=0 auid=500 ses=34 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:22.372000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@110-86.109.11.101:22-147.75.109.163:37488 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:23.329000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:41:23.329000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c000d268e0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:41:23.329000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:41:23.329000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:41:23.329000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=b a1=c0012ac840 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:41:23.329000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:41:23.460000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="sda9" ino=521007 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:41:23.460000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:41:23.460000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=69 a1=c009eaf0e0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:41:23.460000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=67 a1=c00812e390 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:41:23.460000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:41:23.460000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:41:23.460000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="sda9" ino=521013 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:41:23.460000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=69 a1=c009eaf140 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:41:23.460000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:41:23.460000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:41:23.460000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=67 a1=c00920d080 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:41:23.460000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:41:23.460000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:41:23.460000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=69 a1=c01229e1e0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:41:23.460000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:41:23.461000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:41:23.461000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=67 a1=c0109b6060 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:41:23.461000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:41:27.381703 systemd[1]: Started sshd@111-86.109.11.101:22-147.75.109.163:50360.service. Feb 9 12:41:27.380000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@111-86.109.11.101:22-147.75.109.163:50360 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:27.409056 kernel: kauditd_printk_skb: 25 callbacks suppressed Feb 9 12:41:27.409116 kernel: audit: type=1130 audit(1707482487.380:1868): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@111-86.109.11.101:22-147.75.109.163:50360 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:27.535000 audit[6925]: USER_ACCT pid=6925 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:27.536401 sshd[6925]: Accepted publickey for core from 147.75.109.163 port 50360 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:41:27.537518 sshd[6925]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:41:27.539936 systemd-logind[1465]: New session 35 of user core. Feb 9 12:41:27.540480 systemd[1]: Started session-35.scope. Feb 9 12:41:27.618216 sshd[6925]: pam_unix(sshd:session): session closed for user core Feb 9 12:41:27.619712 systemd[1]: sshd@111-86.109.11.101:22-147.75.109.163:50360.service: Deactivated successfully. Feb 9 12:41:27.620145 systemd[1]: session-35.scope: Deactivated successfully. Feb 9 12:41:27.620572 systemd-logind[1465]: Session 35 logged out. Waiting for processes to exit. Feb 9 12:41:27.621103 systemd-logind[1465]: Removed session 35. Feb 9 12:41:27.536000 audit[6925]: CRED_ACQ pid=6925 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:27.718047 kernel: audit: type=1101 audit(1707482487.535:1869): pid=6925 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:27.718100 kernel: audit: type=1103 audit(1707482487.536:1870): pid=6925 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:27.718116 kernel: audit: type=1006 audit(1707482487.536:1871): pid=6925 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=35 res=1 Feb 9 12:41:27.776658 kernel: audit: type=1300 audit(1707482487.536:1871): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff71890d70 a2=3 a3=0 items=0 ppid=1 pid=6925 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=35 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:27.536000 audit[6925]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff71890d70 a2=3 a3=0 items=0 ppid=1 pid=6925 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=35 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:27.868689 kernel: audit: type=1327 audit(1707482487.536:1871): proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:27.536000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:27.899299 kernel: audit: type=1105 audit(1707482487.541:1872): pid=6925 uid=0 auid=500 ses=35 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:27.541000 audit[6925]: USER_START pid=6925 uid=0 auid=500 ses=35 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:27.993794 kernel: audit: type=1103 audit(1707482487.541:1873): pid=6927 uid=0 auid=500 ses=35 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:27.541000 audit[6927]: CRED_ACQ pid=6927 uid=0 auid=500 ses=35 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:28.083064 kernel: audit: type=1106 audit(1707482487.617:1874): pid=6925 uid=0 auid=500 ses=35 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:27.617000 audit[6925]: USER_END pid=6925 uid=0 auid=500 ses=35 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:28.178540 kernel: audit: type=1104 audit(1707482487.617:1875): pid=6925 uid=0 auid=500 ses=35 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:27.617000 audit[6925]: CRED_DISP pid=6925 uid=0 auid=500 ses=35 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:27.618000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@111-86.109.11.101:22-147.75.109.163:50360 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:32.628461 systemd[1]: Started sshd@112-86.109.11.101:22-147.75.109.163:50364.service. Feb 9 12:41:32.627000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@112-86.109.11.101:22-147.75.109.163:50364 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:32.655702 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:41:32.655768 kernel: audit: type=1130 audit(1707482492.627:1877): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@112-86.109.11.101:22-147.75.109.163:50364 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:32.773000 audit[6949]: USER_ACCT pid=6949 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:32.774583 sshd[6949]: Accepted publickey for core from 147.75.109.163 port 50364 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:41:32.776194 sshd[6949]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:41:32.778578 systemd-logind[1465]: New session 36 of user core. Feb 9 12:41:32.779119 systemd[1]: Started session-36.scope. Feb 9 12:41:32.859668 sshd[6949]: pam_unix(sshd:session): session closed for user core Feb 9 12:41:32.861044 systemd[1]: sshd@112-86.109.11.101:22-147.75.109.163:50364.service: Deactivated successfully. Feb 9 12:41:32.861560 systemd[1]: session-36.scope: Deactivated successfully. Feb 9 12:41:32.861888 systemd-logind[1465]: Session 36 logged out. Waiting for processes to exit. Feb 9 12:41:32.862324 systemd-logind[1465]: Removed session 36. Feb 9 12:41:32.774000 audit[6949]: CRED_ACQ pid=6949 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:32.959062 kernel: audit: type=1101 audit(1707482492.773:1878): pid=6949 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:32.959098 kernel: audit: type=1103 audit(1707482492.774:1879): pid=6949 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:32.959115 kernel: audit: type=1006 audit(1707482492.774:1880): pid=6949 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=36 res=1 Feb 9 12:41:32.961489 systemd[1]: Started sshd@113-86.109.11.101:22-101.35.54.203:34928.service. Feb 9 12:41:32.774000 audit[6949]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffef188ea00 a2=3 a3=0 items=0 ppid=1 pid=6949 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=36 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:33.109697 kernel: audit: type=1300 audit(1707482492.774:1880): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffef188ea00 a2=3 a3=0 items=0 ppid=1 pid=6949 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=36 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:33.109746 kernel: audit: type=1327 audit(1707482492.774:1880): proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:32.774000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:33.140299 kernel: audit: type=1105 audit(1707482492.779:1881): pid=6949 uid=0 auid=500 ses=36 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:32.779000 audit[6949]: USER_START pid=6949 uid=0 auid=500 ses=36 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:32.780000 audit[6951]: CRED_ACQ pid=6951 uid=0 auid=500 ses=36 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:33.324026 kernel: audit: type=1103 audit(1707482492.780:1882): pid=6951 uid=0 auid=500 ses=36 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:33.324054 kernel: audit: type=1106 audit(1707482492.859:1883): pid=6949 uid=0 auid=500 ses=36 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:32.859000 audit[6949]: USER_END pid=6949 uid=0 auid=500 ses=36 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:33.393898 systemd[1]: Started sshd@114-86.109.11.101:22-38.7.207.12:60518.service. Feb 9 12:41:33.419727 kernel: audit: type=1104 audit(1707482492.859:1884): pid=6949 uid=0 auid=500 ses=36 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:32.859000 audit[6949]: CRED_DISP pid=6949 uid=0 auid=500 ses=36 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:32.859000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@112-86.109.11.101:22-147.75.109.163:50364 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:32.960000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@113-86.109.11.101:22-101.35.54.203:34928 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:33.392000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@114-86.109.11.101:22-38.7.207.12:60518 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:33.793143 sshd[6974]: Invalid user lscpd from 101.35.54.203 port 34928 Feb 9 12:41:33.798695 sshd[6974]: pam_faillock(sshd:auth): User unknown Feb 9 12:41:33.799589 sshd[6974]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:41:33.799672 sshd[6974]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.35.54.203 Feb 9 12:41:33.800626 sshd[6974]: pam_faillock(sshd:auth): User unknown Feb 9 12:41:33.799000 audit[6974]: USER_AUTH pid=6974 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="lscpd" exe="/usr/sbin/sshd" hostname=101.35.54.203 addr=101.35.54.203 terminal=ssh res=failed' Feb 9 12:41:34.319284 sshd[6977]: Invalid user adelshahriyari from 38.7.207.12 port 60518 Feb 9 12:41:34.325738 sshd[6977]: pam_faillock(sshd:auth): User unknown Feb 9 12:41:34.326881 sshd[6977]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:41:34.326971 sshd[6977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.7.207.12 Feb 9 12:41:34.328031 sshd[6977]: pam_faillock(sshd:auth): User unknown Feb 9 12:41:34.327000 audit[6977]: USER_AUTH pid=6977 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="adelshahriyari" exe="/usr/sbin/sshd" hostname=38.7.207.12 addr=38.7.207.12 terminal=ssh res=failed' Feb 9 12:41:35.762180 sshd[6974]: Failed password for invalid user lscpd from 101.35.54.203 port 34928 ssh2 Feb 9 12:41:36.761270 sshd[6977]: Failed password for invalid user adelshahriyari from 38.7.207.12 port 60518 ssh2 Feb 9 12:41:37.429935 sshd[6974]: Received disconnect from 101.35.54.203 port 34928:11: Bye Bye [preauth] Feb 9 12:41:37.429935 sshd[6974]: Disconnected from invalid user lscpd 101.35.54.203 port 34928 [preauth] Feb 9 12:41:37.432431 systemd[1]: sshd@113-86.109.11.101:22-101.35.54.203:34928.service: Deactivated successfully. Feb 9 12:41:37.431000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@113-86.109.11.101:22-101.35.54.203:34928 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:37.869720 systemd[1]: Started sshd@115-86.109.11.101:22-147.75.109.163:52588.service. Feb 9 12:41:37.868000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@115-86.109.11.101:22-147.75.109.163:52588 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:37.896874 kernel: kauditd_printk_skb: 6 callbacks suppressed Feb 9 12:41:37.896962 kernel: audit: type=1130 audit(1707482497.868:1891): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@115-86.109.11.101:22-147.75.109.163:52588 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:38.014000 audit[6982]: USER_ACCT pid=6982 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:38.015563 sshd[6982]: Accepted publickey for core from 147.75.109.163 port 52588 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:41:38.016755 sshd[6982]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:41:38.019204 systemd-logind[1465]: New session 37 of user core. Feb 9 12:41:38.019768 systemd[1]: Started session-37.scope. Feb 9 12:41:38.100084 sshd[6982]: pam_unix(sshd:session): session closed for user core Feb 9 12:41:38.101497 systemd[1]: sshd@115-86.109.11.101:22-147.75.109.163:52588.service: Deactivated successfully. Feb 9 12:41:38.101937 systemd[1]: session-37.scope: Deactivated successfully. Feb 9 12:41:38.102265 systemd-logind[1465]: Session 37 logged out. Waiting for processes to exit. Feb 9 12:41:38.103029 systemd-logind[1465]: Removed session 37. Feb 9 12:41:38.015000 audit[6982]: CRED_ACQ pid=6982 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:38.199597 kernel: audit: type=1101 audit(1707482498.014:1892): pid=6982 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:38.199635 kernel: audit: type=1103 audit(1707482498.015:1893): pid=6982 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:38.199653 kernel: audit: type=1006 audit(1707482498.015:1894): pid=6982 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=37 res=1 Feb 9 12:41:38.258187 kernel: audit: type=1300 audit(1707482498.015:1894): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffcf9698650 a2=3 a3=0 items=0 ppid=1 pid=6982 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=37 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:38.015000 audit[6982]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffcf9698650 a2=3 a3=0 items=0 ppid=1 pid=6982 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=37 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:38.350238 kernel: audit: type=1327 audit(1707482498.015:1894): proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:38.015000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:38.380759 kernel: audit: type=1105 audit(1707482498.021:1895): pid=6982 uid=0 auid=500 ses=37 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:38.021000 audit[6982]: USER_START pid=6982 uid=0 auid=500 ses=37 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:38.475372 kernel: audit: type=1103 audit(1707482498.021:1896): pid=6984 uid=0 auid=500 ses=37 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:38.021000 audit[6984]: CRED_ACQ pid=6984 uid=0 auid=500 ses=37 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:38.564638 kernel: audit: type=1106 audit(1707482498.099:1897): pid=6982 uid=0 auid=500 ses=37 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:38.099000 audit[6982]: USER_END pid=6982 uid=0 auid=500 ses=37 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:38.660115 kernel: audit: type=1104 audit(1707482498.099:1898): pid=6982 uid=0 auid=500 ses=37 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:38.099000 audit[6982]: CRED_DISP pid=6982 uid=0 auid=500 ses=37 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:38.100000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@115-86.109.11.101:22-147.75.109.163:52588 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:38.930252 sshd[6977]: Received disconnect from 38.7.207.12 port 60518:11: Bye Bye [preauth] Feb 9 12:41:38.930252 sshd[6977]: Disconnected from invalid user adelshahriyari 38.7.207.12 port 60518 [preauth] Feb 9 12:41:38.932542 systemd[1]: sshd@114-86.109.11.101:22-38.7.207.12:60518.service: Deactivated successfully. Feb 9 12:41:38.931000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@114-86.109.11.101:22-38.7.207.12:60518 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:39.222000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:41:39.222000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c000f30b80 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:41:39.222000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:41:39.223000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:41:39.223000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c000f30ba0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:41:39.223000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:41:39.224000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:41:39.224000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c000f30bc0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:41:39.224000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:41:39.226000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:41:39.226000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c002f9d880 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:41:39.226000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:41:43.103834 systemd[1]: Started sshd@116-86.109.11.101:22-147.75.109.163:52600.service. Feb 9 12:41:43.102000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@116-86.109.11.101:22-147.75.109.163:52600 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:43.130759 kernel: kauditd_printk_skb: 14 callbacks suppressed Feb 9 12:41:43.130834 kernel: audit: type=1130 audit(1707482503.102:1905): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@116-86.109.11.101:22-147.75.109.163:52600 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:43.248000 audit[7010]: USER_ACCT pid=7010 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:43.249690 sshd[7010]: Accepted publickey for core from 147.75.109.163 port 52600 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:41:43.250902 sshd[7010]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:41:43.253445 systemd-logind[1465]: New session 38 of user core. Feb 9 12:41:43.253880 systemd[1]: Started session-38.scope. Feb 9 12:41:43.333837 sshd[7010]: pam_unix(sshd:session): session closed for user core Feb 9 12:41:43.335320 systemd[1]: sshd@116-86.109.11.101:22-147.75.109.163:52600.service: Deactivated successfully. Feb 9 12:41:43.335748 systemd[1]: session-38.scope: Deactivated successfully. Feb 9 12:41:43.336104 systemd-logind[1465]: Session 38 logged out. Waiting for processes to exit. Feb 9 12:41:43.337011 systemd-logind[1465]: Removed session 38. Feb 9 12:41:43.249000 audit[7010]: CRED_ACQ pid=7010 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:43.431678 kernel: audit: type=1101 audit(1707482503.248:1906): pid=7010 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:43.431715 kernel: audit: type=1103 audit(1707482503.249:1907): pid=7010 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:43.431733 kernel: audit: type=1006 audit(1707482503.249:1908): pid=7010 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=38 res=1 Feb 9 12:41:43.490298 kernel: audit: type=1300 audit(1707482503.249:1908): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc38df0560 a2=3 a3=0 items=0 ppid=1 pid=7010 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=38 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:43.249000 audit[7010]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc38df0560 a2=3 a3=0 items=0 ppid=1 pid=7010 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=38 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:43.582312 kernel: audit: type=1327 audit(1707482503.249:1908): proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:43.249000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:43.612789 kernel: audit: type=1105 audit(1707482503.254:1909): pid=7010 uid=0 auid=500 ses=38 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:43.254000 audit[7010]: USER_START pid=7010 uid=0 auid=500 ses=38 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:43.707291 kernel: audit: type=1103 audit(1707482503.255:1910): pid=7012 uid=0 auid=500 ses=38 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:43.255000 audit[7012]: CRED_ACQ pid=7012 uid=0 auid=500 ses=38 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:43.796540 kernel: audit: type=1106 audit(1707482503.333:1911): pid=7010 uid=0 auid=500 ses=38 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:43.333000 audit[7010]: USER_END pid=7010 uid=0 auid=500 ses=38 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:43.892014 kernel: audit: type=1104 audit(1707482503.333:1912): pid=7010 uid=0 auid=500 ses=38 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:43.333000 audit[7010]: CRED_DISP pid=7010 uid=0 auid=500 ses=38 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:43.334000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@116-86.109.11.101:22-147.75.109.163:52600 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:48.344378 systemd[1]: Started sshd@117-86.109.11.101:22-147.75.109.163:32878.service. Feb 9 12:41:48.343000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@117-86.109.11.101:22-147.75.109.163:32878 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:48.378420 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:41:48.384371 kernel: audit: type=1130 audit(1707482508.343:1914): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@117-86.109.11.101:22-147.75.109.163:32878 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:48.494000 audit[7049]: USER_ACCT pid=7049 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:48.495632 sshd[7049]: Accepted publickey for core from 147.75.109.163 port 32878 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:41:48.496818 sshd[7049]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:41:48.499283 systemd-logind[1465]: New session 39 of user core. Feb 9 12:41:48.499788 systemd[1]: Started session-39.scope. Feb 9 12:41:48.579152 sshd[7049]: pam_unix(sshd:session): session closed for user core Feb 9 12:41:48.580486 systemd[1]: sshd@117-86.109.11.101:22-147.75.109.163:32878.service: Deactivated successfully. Feb 9 12:41:48.580944 systemd[1]: session-39.scope: Deactivated successfully. Feb 9 12:41:48.581231 systemd-logind[1465]: Session 39 logged out. Waiting for processes to exit. Feb 9 12:41:48.581694 systemd-logind[1465]: Removed session 39. Feb 9 12:41:48.495000 audit[7049]: CRED_ACQ pid=7049 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:48.677316 kernel: audit: type=1101 audit(1707482508.494:1915): pid=7049 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:48.677393 kernel: audit: type=1103 audit(1707482508.495:1916): pid=7049 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:48.677418 kernel: audit: type=1006 audit(1707482508.495:1917): pid=7049 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=39 res=1 Feb 9 12:41:48.735965 kernel: audit: type=1300 audit(1707482508.495:1917): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe90dd3c00 a2=3 a3=0 items=0 ppid=1 pid=7049 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=39 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:48.495000 audit[7049]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe90dd3c00 a2=3 a3=0 items=0 ppid=1 pid=7049 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=39 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:48.827960 kernel: audit: type=1327 audit(1707482508.495:1917): proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:48.495000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:48.858471 kernel: audit: type=1105 audit(1707482508.501:1918): pid=7049 uid=0 auid=500 ses=39 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:48.501000 audit[7049]: USER_START pid=7049 uid=0 auid=500 ses=39 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:48.953119 kernel: audit: type=1103 audit(1707482508.501:1919): pid=7052 uid=0 auid=500 ses=39 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:48.501000 audit[7052]: CRED_ACQ pid=7052 uid=0 auid=500 ses=39 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:48.578000 audit[7049]: USER_END pid=7049 uid=0 auid=500 ses=39 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:49.137925 kernel: audit: type=1106 audit(1707482508.578:1920): pid=7049 uid=0 auid=500 ses=39 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:49.137980 kernel: audit: type=1104 audit(1707482508.578:1921): pid=7049 uid=0 auid=500 ses=39 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:48.578000 audit[7049]: CRED_DISP pid=7049 uid=0 auid=500 ses=39 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:48.579000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@117-86.109.11.101:22-147.75.109.163:32878 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:51.238672 systemd[1]: Started sshd@118-86.109.11.101:22-43.153.64.49:39658.service. Feb 9 12:41:51.237000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@118-86.109.11.101:22-43.153.64.49:39658 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:51.399878 sshd[7074]: Invalid user hardik from 43.153.64.49 port 39658 Feb 9 12:41:51.409910 sshd[7074]: pam_faillock(sshd:auth): User unknown Feb 9 12:41:51.412583 sshd[7074]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:41:51.412898 sshd[7074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.153.64.49 Feb 9 12:41:51.414525 sshd[7074]: pam_faillock(sshd:auth): User unknown Feb 9 12:41:51.413000 audit[7074]: USER_AUTH pid=7074 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="hardik" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:41:53.511557 sshd[7074]: Failed password for invalid user hardik from 43.153.64.49 port 39658 ssh2 Feb 9 12:41:53.591134 systemd[1]: Started sshd@119-86.109.11.101:22-147.75.109.163:32886.service. Feb 9 12:41:53.590000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@119-86.109.11.101:22-147.75.109.163:32886 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:53.628709 kernel: kauditd_printk_skb: 3 callbacks suppressed Feb 9 12:41:53.628820 kernel: audit: type=1130 audit(1707482513.590:1925): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@119-86.109.11.101:22-147.75.109.163:32886 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:53.745000 audit[7105]: USER_ACCT pid=7105 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:53.747312 sshd[7105]: Accepted publickey for core from 147.75.109.163 port 32886 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:41:53.748523 sshd[7105]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:41:53.750800 systemd-logind[1465]: New session 40 of user core. Feb 9 12:41:53.751281 systemd[1]: Started session-40.scope. Feb 9 12:41:53.831659 sshd[7105]: pam_unix(sshd:session): session closed for user core Feb 9 12:41:53.833012 systemd[1]: sshd@119-86.109.11.101:22-147.75.109.163:32886.service: Deactivated successfully. Feb 9 12:41:53.833455 systemd[1]: session-40.scope: Deactivated successfully. Feb 9 12:41:53.833871 systemd-logind[1465]: Session 40 logged out. Waiting for processes to exit. Feb 9 12:41:53.834672 systemd-logind[1465]: Removed session 40. Feb 9 12:41:53.747000 audit[7105]: CRED_ACQ pid=7105 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:53.928929 kernel: audit: type=1101 audit(1707482513.745:1926): pid=7105 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:53.929003 kernel: audit: type=1103 audit(1707482513.747:1927): pid=7105 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:53.929020 kernel: audit: type=1006 audit(1707482513.747:1928): pid=7105 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=40 res=1 Feb 9 12:41:53.987561 kernel: audit: type=1300 audit(1707482513.747:1928): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc2c963770 a2=3 a3=0 items=0 ppid=1 pid=7105 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=40 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:53.747000 audit[7105]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc2c963770 a2=3 a3=0 items=0 ppid=1 pid=7105 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=40 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:53.747000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:54.110107 kernel: audit: type=1327 audit(1707482513.747:1928): proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:54.110170 kernel: audit: type=1105 audit(1707482513.752:1929): pid=7105 uid=0 auid=500 ses=40 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:53.752000 audit[7105]: USER_START pid=7105 uid=0 auid=500 ses=40 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:54.204618 kernel: audit: type=1103 audit(1707482513.753:1930): pid=7107 uid=0 auid=500 ses=40 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:53.753000 audit[7107]: CRED_ACQ pid=7107 uid=0 auid=500 ses=40 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:54.293877 kernel: audit: type=1106 audit(1707482513.830:1931): pid=7105 uid=0 auid=500 ses=40 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:53.830000 audit[7105]: USER_END pid=7105 uid=0 auid=500 ses=40 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:54.389354 kernel: audit: type=1104 audit(1707482513.831:1932): pid=7105 uid=0 auid=500 ses=40 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:53.831000 audit[7105]: CRED_DISP pid=7105 uid=0 auid=500 ses=40 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:53.831000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@119-86.109.11.101:22-147.75.109.163:32886 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:55.427825 sshd[7074]: Received disconnect from 43.153.64.49 port 39658:11: Bye Bye [preauth] Feb 9 12:41:55.427825 sshd[7074]: Disconnected from invalid user hardik 43.153.64.49 port 39658 [preauth] Feb 9 12:41:55.430078 systemd[1]: sshd@118-86.109.11.101:22-43.153.64.49:39658.service: Deactivated successfully. Feb 9 12:41:55.429000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@118-86.109.11.101:22-43.153.64.49:39658 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:58.843339 systemd[1]: Started sshd@120-86.109.11.101:22-147.75.109.163:59074.service. Feb 9 12:41:58.842000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@120-86.109.11.101:22-147.75.109.163:59074 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:58.870748 kernel: kauditd_printk_skb: 2 callbacks suppressed Feb 9 12:41:58.870822 kernel: audit: type=1130 audit(1707482518.842:1935): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@120-86.109.11.101:22-147.75.109.163:59074 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:41:58.899890 sshd[7131]: Accepted publickey for core from 147.75.109.163 port 59074 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:41:58.898000 audit[7131]: USER_ACCT pid=7131 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:58.961074 sshd[7131]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:41:58.961233 kernel: audit: type=1101 audit(1707482518.898:1936): pid=7131 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:58.963637 systemd-logind[1465]: New session 41 of user core. Feb 9 12:41:58.964116 systemd[1]: Started session-41.scope. Feb 9 12:41:59.044260 sshd[7131]: pam_unix(sshd:session): session closed for user core Feb 9 12:41:59.045654 systemd[1]: sshd@120-86.109.11.101:22-147.75.109.163:59074.service: Deactivated successfully. Feb 9 12:41:59.046100 systemd[1]: session-41.scope: Deactivated successfully. Feb 9 12:41:59.046417 systemd-logind[1465]: Session 41 logged out. Waiting for processes to exit. Feb 9 12:41:59.046798 systemd-logind[1465]: Removed session 41. Feb 9 12:41:58.959000 audit[7131]: CRED_ACQ pid=7131 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:59.054311 kernel: audit: type=1103 audit(1707482518.959:1937): pid=7131 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:59.144238 kernel: audit: type=1006 audit(1707482518.959:1938): pid=7131 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=41 res=1 Feb 9 12:41:58.959000 audit[7131]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd560207b0 a2=3 a3=0 items=0 ppid=1 pid=7131 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=41 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:59.294712 kernel: audit: type=1300 audit(1707482518.959:1938): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd560207b0 a2=3 a3=0 items=0 ppid=1 pid=7131 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=41 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:41:59.294742 kernel: audit: type=1327 audit(1707482518.959:1938): proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:58.959000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:41:59.325223 kernel: audit: type=1105 audit(1707482518.965:1939): pid=7131 uid=0 auid=500 ses=41 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:58.965000 audit[7131]: USER_START pid=7131 uid=0 auid=500 ses=41 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:59.419628 kernel: audit: type=1103 audit(1707482518.965:1940): pid=7133 uid=0 auid=500 ses=41 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:58.965000 audit[7133]: CRED_ACQ pid=7133 uid=0 auid=500 ses=41 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:59.508934 kernel: audit: type=1106 audit(1707482519.043:1941): pid=7131 uid=0 auid=500 ses=41 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:59.043000 audit[7131]: USER_END pid=7131 uid=0 auid=500 ses=41 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:59.604372 kernel: audit: type=1104 audit(1707482519.043:1942): pid=7131 uid=0 auid=500 ses=41 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:59.043000 audit[7131]: CRED_DISP pid=7131 uid=0 auid=500 ses=41 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:41:59.044000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@120-86.109.11.101:22-147.75.109.163:59074 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:04.053477 systemd[1]: Started sshd@121-86.109.11.101:22-147.75.109.163:59082.service. Feb 9 12:42:04.052000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@121-86.109.11.101:22-147.75.109.163:59082 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:04.080277 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:42:04.080344 kernel: audit: type=1130 audit(1707482524.052:1944): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@121-86.109.11.101:22-147.75.109.163:59082 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:04.196000 audit[7156]: USER_ACCT pid=7156 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:04.197779 sshd[7156]: Accepted publickey for core from 147.75.109.163 port 59082 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:42:04.198528 sshd[7156]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:42:04.200878 systemd-logind[1465]: New session 42 of user core. Feb 9 12:42:04.201428 systemd[1]: Started session-42.scope. Feb 9 12:42:04.280895 sshd[7156]: pam_unix(sshd:session): session closed for user core Feb 9 12:42:04.282313 systemd[1]: sshd@121-86.109.11.101:22-147.75.109.163:59082.service: Deactivated successfully. Feb 9 12:42:04.282752 systemd[1]: session-42.scope: Deactivated successfully. Feb 9 12:42:04.283056 systemd-logind[1465]: Session 42 logged out. Waiting for processes to exit. Feb 9 12:42:04.283539 systemd-logind[1465]: Removed session 42. Feb 9 12:42:04.197000 audit[7156]: CRED_ACQ pid=7156 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:04.379221 kernel: audit: type=1101 audit(1707482524.196:1945): pid=7156 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:04.379258 kernel: audit: type=1103 audit(1707482524.197:1946): pid=7156 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:04.379274 kernel: audit: type=1006 audit(1707482524.197:1947): pid=7156 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=42 res=1 Feb 9 12:42:04.437684 kernel: audit: type=1300 audit(1707482524.197:1947): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffea3354100 a2=3 a3=0 items=0 ppid=1 pid=7156 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=42 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:04.197000 audit[7156]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffea3354100 a2=3 a3=0 items=0 ppid=1 pid=7156 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=42 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:04.529648 kernel: audit: type=1327 audit(1707482524.197:1947): proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:04.197000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:04.560086 kernel: audit: type=1105 audit(1707482524.202:1948): pid=7156 uid=0 auid=500 ses=42 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:04.202000 audit[7156]: USER_START pid=7156 uid=0 auid=500 ses=42 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:04.654436 kernel: audit: type=1103 audit(1707482524.202:1949): pid=7158 uid=0 auid=500 ses=42 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:04.202000 audit[7158]: CRED_ACQ pid=7158 uid=0 auid=500 ses=42 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:04.743526 kernel: audit: type=1106 audit(1707482524.280:1950): pid=7156 uid=0 auid=500 ses=42 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:04.280000 audit[7156]: USER_END pid=7156 uid=0 auid=500 ses=42 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:04.838890 kernel: audit: type=1104 audit(1707482524.280:1951): pid=7156 uid=0 auid=500 ses=42 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:04.280000 audit[7156]: CRED_DISP pid=7156 uid=0 auid=500 ses=42 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:04.281000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@121-86.109.11.101:22-147.75.109.163:59082 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:09.290122 systemd[1]: Started sshd@122-86.109.11.101:22-147.75.109.163:60294.service. Feb 9 12:42:09.288000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@122-86.109.11.101:22-147.75.109.163:60294 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:09.317133 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:42:09.317186 kernel: audit: type=1130 audit(1707482529.288:1953): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@122-86.109.11.101:22-147.75.109.163:60294 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:09.434000 audit[7183]: USER_ACCT pid=7183 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:09.436267 sshd[7183]: Accepted publickey for core from 147.75.109.163 port 60294 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:42:09.437547 sshd[7183]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:42:09.439906 systemd-logind[1465]: New session 43 of user core. Feb 9 12:42:09.440390 systemd[1]: Started session-43.scope. Feb 9 12:42:09.519163 sshd[7183]: pam_unix(sshd:session): session closed for user core Feb 9 12:42:09.520681 systemd[1]: sshd@122-86.109.11.101:22-147.75.109.163:60294.service: Deactivated successfully. Feb 9 12:42:09.521112 systemd[1]: session-43.scope: Deactivated successfully. Feb 9 12:42:09.521509 systemd-logind[1465]: Session 43 logged out. Waiting for processes to exit. Feb 9 12:42:09.522006 systemd-logind[1465]: Removed session 43. Feb 9 12:42:09.436000 audit[7183]: CRED_ACQ pid=7183 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:09.618005 kernel: audit: type=1101 audit(1707482529.434:1954): pid=7183 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:09.618045 kernel: audit: type=1103 audit(1707482529.436:1955): pid=7183 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:09.618063 kernel: audit: type=1006 audit(1707482529.436:1956): pid=7183 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=43 res=1 Feb 9 12:42:09.676524 kernel: audit: type=1300 audit(1707482529.436:1956): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffa2196dc0 a2=3 a3=0 items=0 ppid=1 pid=7183 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=43 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:09.436000 audit[7183]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffa2196dc0 a2=3 a3=0 items=0 ppid=1 pid=7183 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=43 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:09.768470 kernel: audit: type=1327 audit(1707482529.436:1956): proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:09.436000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:09.798969 kernel: audit: type=1105 audit(1707482529.441:1957): pid=7183 uid=0 auid=500 ses=43 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:09.441000 audit[7183]: USER_START pid=7183 uid=0 auid=500 ses=43 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:09.893544 kernel: audit: type=1103 audit(1707482529.441:1958): pid=7185 uid=0 auid=500 ses=43 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:09.441000 audit[7185]: CRED_ACQ pid=7185 uid=0 auid=500 ses=43 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:09.982751 kernel: audit: type=1106 audit(1707482529.518:1959): pid=7183 uid=0 auid=500 ses=43 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:09.518000 audit[7183]: USER_END pid=7183 uid=0 auid=500 ses=43 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:09.518000 audit[7183]: CRED_DISP pid=7183 uid=0 auid=500 ses=43 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:10.079285 kernel: audit: type=1104 audit(1707482529.518:1960): pid=7183 uid=0 auid=500 ses=43 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:09.519000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@122-86.109.11.101:22-147.75.109.163:60294 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:14.528723 systemd[1]: Started sshd@123-86.109.11.101:22-147.75.109.163:58656.service. Feb 9 12:42:14.527000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@123-86.109.11.101:22-147.75.109.163:58656 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:14.555866 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:42:14.555997 kernel: audit: type=1130 audit(1707482534.527:1962): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@123-86.109.11.101:22-147.75.109.163:58656 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:14.672000 audit[7215]: USER_ACCT pid=7215 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:14.673978 sshd[7215]: Accepted publickey for core from 147.75.109.163 port 58656 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:42:14.674647 sshd[7215]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:42:14.677005 systemd-logind[1465]: New session 44 of user core. Feb 9 12:42:14.677682 systemd[1]: Started session-44.scope. Feb 9 12:42:14.757051 sshd[7215]: pam_unix(sshd:session): session closed for user core Feb 9 12:42:14.758512 systemd[1]: sshd@123-86.109.11.101:22-147.75.109.163:58656.service: Deactivated successfully. Feb 9 12:42:14.758945 systemd[1]: session-44.scope: Deactivated successfully. Feb 9 12:42:14.759294 systemd-logind[1465]: Session 44 logged out. Waiting for processes to exit. Feb 9 12:42:14.759714 systemd-logind[1465]: Removed session 44. Feb 9 12:42:14.673000 audit[7215]: CRED_ACQ pid=7215 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:14.855860 kernel: audit: type=1101 audit(1707482534.672:1963): pid=7215 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:14.855911 kernel: audit: type=1103 audit(1707482534.673:1964): pid=7215 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:14.855931 kernel: audit: type=1006 audit(1707482534.673:1965): pid=7215 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=44 res=1 Feb 9 12:42:14.673000 audit[7215]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffdd7bd79b0 a2=3 a3=0 items=0 ppid=1 pid=7215 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=44 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:15.006442 kernel: audit: type=1300 audit(1707482534.673:1965): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffdd7bd79b0 a2=3 a3=0 items=0 ppid=1 pid=7215 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=44 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:15.006475 kernel: audit: type=1327 audit(1707482534.673:1965): proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:14.673000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:15.036943 kernel: audit: type=1105 audit(1707482534.678:1966): pid=7215 uid=0 auid=500 ses=44 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:14.678000 audit[7215]: USER_START pid=7215 uid=0 auid=500 ses=44 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:15.131427 kernel: audit: type=1103 audit(1707482534.679:1967): pid=7217 uid=0 auid=500 ses=44 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:14.679000 audit[7217]: CRED_ACQ pid=7217 uid=0 auid=500 ses=44 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:15.220676 kernel: audit: type=1106 audit(1707482534.756:1968): pid=7215 uid=0 auid=500 ses=44 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:14.756000 audit[7215]: USER_END pid=7215 uid=0 auid=500 ses=44 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:15.316148 kernel: audit: type=1104 audit(1707482534.756:1969): pid=7215 uid=0 auid=500 ses=44 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:14.756000 audit[7215]: CRED_DISP pid=7215 uid=0 auid=500 ses=44 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:14.757000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@123-86.109.11.101:22-147.75.109.163:58656 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:19.770108 systemd[1]: Started sshd@124-86.109.11.101:22-147.75.109.163:58662.service. Feb 9 12:42:19.769000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@124-86.109.11.101:22-147.75.109.163:58662 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:19.809507 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:42:19.809597 kernel: audit: type=1130 audit(1707482539.769:1971): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@124-86.109.11.101:22-147.75.109.163:58662 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:19.927000 audit[7243]: USER_ACCT pid=7243 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:19.928669 sshd[7243]: Accepted publickey for core from 147.75.109.163 port 58662 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:42:19.930517 sshd[7243]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:42:19.932826 systemd-logind[1465]: New session 45 of user core. Feb 9 12:42:19.933543 systemd[1]: Started session-45.scope. Feb 9 12:42:20.015545 sshd[7243]: pam_unix(sshd:session): session closed for user core Feb 9 12:42:20.016872 systemd[1]: sshd@124-86.109.11.101:22-147.75.109.163:58662.service: Deactivated successfully. Feb 9 12:42:20.017320 systemd[1]: session-45.scope: Deactivated successfully. Feb 9 12:42:20.017707 systemd-logind[1465]: Session 45 logged out. Waiting for processes to exit. Feb 9 12:42:20.018098 systemd-logind[1465]: Removed session 45. Feb 9 12:42:19.929000 audit[7243]: CRED_ACQ pid=7243 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:20.110366 kernel: audit: type=1101 audit(1707482539.927:1972): pid=7243 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:20.110405 kernel: audit: type=1103 audit(1707482539.929:1973): pid=7243 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:20.110421 kernel: audit: type=1006 audit(1707482539.929:1974): pid=7243 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=45 res=1 Feb 9 12:42:19.929000 audit[7243]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe4bb21190 a2=3 a3=0 items=0 ppid=1 pid=7243 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=45 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:20.260862 kernel: audit: type=1300 audit(1707482539.929:1974): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe4bb21190 a2=3 a3=0 items=0 ppid=1 pid=7243 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=45 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:20.260896 kernel: audit: type=1327 audit(1707482539.929:1974): proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:19.929000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:19.934000 audit[7243]: USER_START pid=7243 uid=0 auid=500 ses=45 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:20.385823 kernel: audit: type=1105 audit(1707482539.934:1975): pid=7243 uid=0 auid=500 ses=45 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:20.385909 kernel: audit: type=1103 audit(1707482539.935:1976): pid=7245 uid=0 auid=500 ses=45 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:19.935000 audit[7245]: CRED_ACQ pid=7245 uid=0 auid=500 ses=45 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:20.014000 audit[7243]: USER_END pid=7243 uid=0 auid=500 ses=45 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:20.570519 kernel: audit: type=1106 audit(1707482540.014:1977): pid=7243 uid=0 auid=500 ses=45 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:20.570550 kernel: audit: type=1104 audit(1707482540.014:1978): pid=7243 uid=0 auid=500 ses=45 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:20.014000 audit[7243]: CRED_DISP pid=7243 uid=0 auid=500 ses=45 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:20.015000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@124-86.109.11.101:22-147.75.109.163:58662 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:23.330000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:42:23.330000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0030ed420 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:42:23.330000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:42:23.330000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:42:23.330000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0012ad740 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:42:23.330000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:42:23.461000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:42:23.461000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=66 a1=c0099c2060 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:42:23.461000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:42:23.461000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:42:23.461000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=67 a1=c009beb590 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:42:23.461000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:42:23.461000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="sda9" ino=521007 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:42:23.461000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=68 a1=c014a85fb0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:42:23.461000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:42:23.461000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:42:23.461000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=66 a1=c006eaa800 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:42:23.461000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:42:23.461000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="sda9" ino=521013 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:42:23.461000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=67 a1=c0034cc3c0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:42:23.461000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:42:23.461000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:42:23.461000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=66 a1=c01395a000 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:42:23.461000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:42:25.025527 systemd[1]: Started sshd@125-86.109.11.101:22-147.75.109.163:39564.service. Feb 9 12:42:25.024000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@125-86.109.11.101:22-147.75.109.163:39564 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:25.052717 kernel: kauditd_printk_skb: 25 callbacks suppressed Feb 9 12:42:25.052814 kernel: audit: type=1130 audit(1707482545.024:1988): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@125-86.109.11.101:22-147.75.109.163:39564 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:25.186000 audit[7317]: USER_ACCT pid=7317 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:25.187811 sshd[7317]: Accepted publickey for core from 147.75.109.163 port 39564 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:42:25.189963 sshd[7317]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:42:25.196080 systemd-logind[1465]: New session 46 of user core. Feb 9 12:42:25.197490 systemd[1]: Started session-46.scope. Feb 9 12:42:25.188000 audit[7317]: CRED_ACQ pid=7317 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:25.282789 sshd[7317]: pam_unix(sshd:session): session closed for user core Feb 9 12:42:25.284218 systemd[1]: sshd@125-86.109.11.101:22-147.75.109.163:39564.service: Deactivated successfully. Feb 9 12:42:25.284657 systemd[1]: session-46.scope: Deactivated successfully. Feb 9 12:42:25.285059 systemd-logind[1465]: Session 46 logged out. Waiting for processes to exit. Feb 9 12:42:25.285542 systemd-logind[1465]: Removed session 46. Feb 9 12:42:25.369427 kernel: audit: type=1101 audit(1707482545.186:1989): pid=7317 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:25.369468 kernel: audit: type=1103 audit(1707482545.188:1990): pid=7317 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:25.369487 kernel: audit: type=1006 audit(1707482545.188:1991): pid=7317 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=46 res=1 Feb 9 12:42:25.427968 kernel: audit: type=1300 audit(1707482545.188:1991): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffdf8d204e0 a2=3 a3=0 items=0 ppid=1 pid=7317 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=46 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:25.188000 audit[7317]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffdf8d204e0 a2=3 a3=0 items=0 ppid=1 pid=7317 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=46 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:25.188000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:25.550464 kernel: audit: type=1327 audit(1707482545.188:1991): proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:25.550500 kernel: audit: type=1105 audit(1707482545.203:1992): pid=7317 uid=0 auid=500 ses=46 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:25.203000 audit[7317]: USER_START pid=7317 uid=0 auid=500 ses=46 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:25.205000 audit[7319]: CRED_ACQ pid=7319 uid=0 auid=500 ses=46 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:25.734198 kernel: audit: type=1103 audit(1707482545.205:1993): pid=7319 uid=0 auid=500 ses=46 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:25.734234 kernel: audit: type=1106 audit(1707482545.282:1994): pid=7317 uid=0 auid=500 ses=46 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:25.282000 audit[7317]: USER_END pid=7317 uid=0 auid=500 ses=46 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:25.829727 kernel: audit: type=1104 audit(1707482545.282:1995): pid=7317 uid=0 auid=500 ses=46 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:25.282000 audit[7317]: CRED_DISP pid=7317 uid=0 auid=500 ses=46 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:25.283000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@125-86.109.11.101:22-147.75.109.163:39564 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:30.292632 systemd[1]: Started sshd@126-86.109.11.101:22-147.75.109.163:39568.service. Feb 9 12:42:30.291000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@126-86.109.11.101:22-147.75.109.163:39568 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:30.319741 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:42:30.319813 kernel: audit: type=1130 audit(1707482550.291:1997): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@126-86.109.11.101:22-147.75.109.163:39568 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:30.437000 audit[7345]: USER_ACCT pid=7345 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:30.438935 sshd[7345]: Accepted publickey for core from 147.75.109.163 port 39568 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:42:30.440548 sshd[7345]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:42:30.442894 systemd-logind[1465]: New session 47 of user core. Feb 9 12:42:30.443531 systemd[1]: Started session-47.scope. Feb 9 12:42:30.521344 sshd[7345]: pam_unix(sshd:session): session closed for user core Feb 9 12:42:30.522833 systemd[1]: sshd@126-86.109.11.101:22-147.75.109.163:39568.service: Deactivated successfully. Feb 9 12:42:30.523282 systemd[1]: session-47.scope: Deactivated successfully. Feb 9 12:42:30.523714 systemd-logind[1465]: Session 47 logged out. Waiting for processes to exit. Feb 9 12:42:30.524213 systemd-logind[1465]: Removed session 47. Feb 9 12:42:30.439000 audit[7345]: CRED_ACQ pid=7345 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:30.530269 kernel: audit: type=1101 audit(1707482550.437:1998): pid=7345 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:30.530294 kernel: audit: type=1103 audit(1707482550.439:1999): pid=7345 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:30.679203 kernel: audit: type=1006 audit(1707482550.439:2000): pid=7345 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=47 res=1 Feb 9 12:42:30.679244 kernel: audit: type=1300 audit(1707482550.439:2000): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe1f875250 a2=3 a3=0 items=0 ppid=1 pid=7345 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=47 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:30.439000 audit[7345]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe1f875250 a2=3 a3=0 items=0 ppid=1 pid=7345 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=47 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:30.771197 kernel: audit: type=1327 audit(1707482550.439:2000): proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:30.439000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:30.801685 kernel: audit: type=1105 audit(1707482550.444:2001): pid=7345 uid=0 auid=500 ses=47 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:30.444000 audit[7345]: USER_START pid=7345 uid=0 auid=500 ses=47 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:30.896308 kernel: audit: type=1103 audit(1707482550.444:2002): pid=7349 uid=0 auid=500 ses=47 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:30.444000 audit[7349]: CRED_ACQ pid=7349 uid=0 auid=500 ses=47 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:30.985459 kernel: audit: type=1106 audit(1707482550.520:2003): pid=7345 uid=0 auid=500 ses=47 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:30.520000 audit[7345]: USER_END pid=7345 uid=0 auid=500 ses=47 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:30.520000 audit[7345]: CRED_DISP pid=7345 uid=0 auid=500 ses=47 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:31.170216 kernel: audit: type=1104 audit(1707482550.520:2004): pid=7345 uid=0 auid=500 ses=47 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:30.521000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@126-86.109.11.101:22-147.75.109.163:39568 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:33.752002 systemd[1]: Started sshd@127-86.109.11.101:22-106.54.212.205:59846.service. Feb 9 12:42:33.750000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@127-86.109.11.101:22-106.54.212.205:59846 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:35.273987 sshd[7372]: Invalid user airport from 106.54.212.205 port 59846 Feb 9 12:42:35.280478 sshd[7372]: pam_faillock(sshd:auth): User unknown Feb 9 12:42:35.281552 sshd[7372]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:42:35.281570 sshd[7372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.212.205 Feb 9 12:42:35.281740 sshd[7372]: pam_faillock(sshd:auth): User unknown Feb 9 12:42:35.280000 audit[7372]: USER_AUTH pid=7372 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="airport" exe="/usr/sbin/sshd" hostname=106.54.212.205 addr=106.54.212.205 terminal=ssh res=failed' Feb 9 12:42:35.531096 systemd[1]: Started sshd@128-86.109.11.101:22-147.75.109.163:33686.service. Feb 9 12:42:35.529000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@128-86.109.11.101:22-147.75.109.163:33686 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:35.557546 kernel: kauditd_printk_skb: 3 callbacks suppressed Feb 9 12:42:35.557606 kernel: audit: type=1130 audit(1707482555.529:2008): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@128-86.109.11.101:22-147.75.109.163:33686 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:35.674000 audit[7376]: USER_ACCT pid=7376 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:35.675910 sshd[7376]: Accepted publickey for core from 147.75.109.163 port 33686 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:42:35.676631 sshd[7376]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:42:35.679186 systemd-logind[1465]: New session 48 of user core. Feb 9 12:42:35.679817 systemd[1]: Started session-48.scope. Feb 9 12:42:35.761207 sshd[7376]: pam_unix(sshd:session): session closed for user core Feb 9 12:42:35.762738 systemd[1]: sshd@128-86.109.11.101:22-147.75.109.163:33686.service: Deactivated successfully. Feb 9 12:42:35.763306 systemd[1]: session-48.scope: Deactivated successfully. Feb 9 12:42:35.763763 systemd-logind[1465]: Session 48 logged out. Waiting for processes to exit. Feb 9 12:42:35.764146 systemd-logind[1465]: Removed session 48. Feb 9 12:42:35.675000 audit[7376]: CRED_ACQ pid=7376 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:35.859952 kernel: audit: type=1101 audit(1707482555.674:2009): pid=7376 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:35.859995 kernel: audit: type=1103 audit(1707482555.675:2010): pid=7376 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:35.860014 kernel: audit: type=1006 audit(1707482555.675:2011): pid=7376 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=48 res=1 Feb 9 12:42:35.675000 audit[7376]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff1ec54140 a2=3 a3=0 items=0 ppid=1 pid=7376 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=48 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:36.010444 kernel: audit: type=1300 audit(1707482555.675:2011): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff1ec54140 a2=3 a3=0 items=0 ppid=1 pid=7376 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=48 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:36.010489 kernel: audit: type=1327 audit(1707482555.675:2011): proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:35.675000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:36.040953 kernel: audit: type=1105 audit(1707482555.681:2012): pid=7376 uid=0 auid=500 ses=48 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:35.681000 audit[7376]: USER_START pid=7376 uid=0 auid=500 ses=48 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:35.681000 audit[7378]: CRED_ACQ pid=7378 uid=0 auid=500 ses=48 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:36.224641 kernel: audit: type=1103 audit(1707482555.681:2013): pid=7378 uid=0 auid=500 ses=48 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:36.224682 kernel: audit: type=1106 audit(1707482555.760:2014): pid=7376 uid=0 auid=500 ses=48 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:35.760000 audit[7376]: USER_END pid=7376 uid=0 auid=500 ses=48 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:36.320186 kernel: audit: type=1104 audit(1707482555.760:2015): pid=7376 uid=0 auid=500 ses=48 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:35.760000 audit[7376]: CRED_DISP pid=7376 uid=0 auid=500 ses=48 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:35.761000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@128-86.109.11.101:22-147.75.109.163:33686 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:37.086385 sshd[7372]: Failed password for invalid user airport from 106.54.212.205 port 59846 ssh2 Feb 9 12:42:37.503309 sshd[7372]: Received disconnect from 106.54.212.205 port 59846:11: Bye Bye [preauth] Feb 9 12:42:37.503309 sshd[7372]: Disconnected from invalid user airport 106.54.212.205 port 59846 [preauth] Feb 9 12:42:37.505791 systemd[1]: sshd@127-86.109.11.101:22-106.54.212.205:59846.service: Deactivated successfully. Feb 9 12:42:37.505000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@127-86.109.11.101:22-106.54.212.205:59846 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:39.223000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:42:39.223000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0013828c0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:42:39.223000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:42:39.224000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:42:39.224000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0013828e0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:42:39.224000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:42:39.225000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:42:39.225000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c002b3a280 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:42:39.225000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:42:39.227000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:42:39.227000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c002b3a2a0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:42:39.227000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:42:40.771461 systemd[1]: Started sshd@129-86.109.11.101:22-147.75.109.163:33694.service. Feb 9 12:42:40.770000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@129-86.109.11.101:22-147.75.109.163:33694 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:40.798665 kernel: kauditd_printk_skb: 14 callbacks suppressed Feb 9 12:42:40.798733 kernel: audit: type=1130 audit(1707482560.770:2022): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@129-86.109.11.101:22-147.75.109.163:33694 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:40.916000 audit[7404]: USER_ACCT pid=7404 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:40.918094 sshd[7404]: Accepted publickey for core from 147.75.109.163 port 33694 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:42:40.919553 sshd[7404]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:42:40.921889 systemd-logind[1465]: New session 49 of user core. Feb 9 12:42:40.922479 systemd[1]: Started session-49.scope. Feb 9 12:42:41.000748 sshd[7404]: pam_unix(sshd:session): session closed for user core Feb 9 12:42:41.002111 systemd[1]: sshd@129-86.109.11.101:22-147.75.109.163:33694.service: Deactivated successfully. Feb 9 12:42:41.002551 systemd[1]: session-49.scope: Deactivated successfully. Feb 9 12:42:41.002963 systemd-logind[1465]: Session 49 logged out. Waiting for processes to exit. Feb 9 12:42:41.003582 systemd-logind[1465]: Removed session 49. Feb 9 12:42:40.918000 audit[7404]: CRED_ACQ pid=7404 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:41.010318 kernel: audit: type=1101 audit(1707482560.916:2023): pid=7404 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:41.010350 kernel: audit: type=1103 audit(1707482560.918:2024): pid=7404 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:41.158457 kernel: audit: type=1006 audit(1707482560.918:2025): pid=7404 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=49 res=1 Feb 9 12:42:41.158502 kernel: audit: type=1300 audit(1707482560.918:2025): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe57d36b50 a2=3 a3=0 items=0 ppid=1 pid=7404 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=49 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:40.918000 audit[7404]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe57d36b50 a2=3 a3=0 items=0 ppid=1 pid=7404 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=49 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:41.250452 kernel: audit: type=1327 audit(1707482560.918:2025): proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:40.918000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:41.280991 kernel: audit: type=1105 audit(1707482560.923:2026): pid=7404 uid=0 auid=500 ses=49 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:40.923000 audit[7404]: USER_START pid=7404 uid=0 auid=500 ses=49 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:41.375468 kernel: audit: type=1103 audit(1707482560.923:2027): pid=7406 uid=0 auid=500 ses=49 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:40.923000 audit[7406]: CRED_ACQ pid=7406 uid=0 auid=500 ses=49 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:41.464742 kernel: audit: type=1106 audit(1707482561.000:2028): pid=7404 uid=0 auid=500 ses=49 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:41.000000 audit[7404]: USER_END pid=7404 uid=0 auid=500 ses=49 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:41.560202 kernel: audit: type=1104 audit(1707482561.000:2029): pid=7404 uid=0 auid=500 ses=49 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:41.000000 audit[7404]: CRED_DISP pid=7404 uid=0 auid=500 ses=49 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:41.000000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@129-86.109.11.101:22-147.75.109.163:33694 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:46.007549 systemd[1]: Started sshd@130-86.109.11.101:22-147.75.109.163:33120.service. Feb 9 12:42:46.007000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@130-86.109.11.101:22-147.75.109.163:33120 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:46.034250 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:42:46.034340 kernel: audit: type=1130 audit(1707482566.007:2031): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@130-86.109.11.101:22-147.75.109.163:33120 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:46.152616 sshd[7430]: Accepted publickey for core from 147.75.109.163 port 33120 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:42:46.152000 audit[7430]: USER_ACCT pid=7430 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:46.154625 sshd[7430]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:42:46.156837 systemd-logind[1465]: New session 50 of user core. Feb 9 12:42:46.157457 systemd[1]: Started session-50.scope. Feb 9 12:42:46.235930 sshd[7430]: pam_unix(sshd:session): session closed for user core Feb 9 12:42:46.237337 systemd[1]: sshd@130-86.109.11.101:22-147.75.109.163:33120.service: Deactivated successfully. Feb 9 12:42:46.237778 systemd[1]: session-50.scope: Deactivated successfully. Feb 9 12:42:46.238096 systemd-logind[1465]: Session 50 logged out. Waiting for processes to exit. Feb 9 12:42:46.238751 systemd-logind[1465]: Removed session 50. Feb 9 12:42:46.154000 audit[7430]: CRED_ACQ pid=7430 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:46.334455 kernel: audit: type=1101 audit(1707482566.152:2032): pid=7430 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:46.334499 kernel: audit: type=1103 audit(1707482566.154:2033): pid=7430 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:46.334520 kernel: audit: type=1006 audit(1707482566.154:2034): pid=7430 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=50 res=1 Feb 9 12:42:46.393032 kernel: audit: type=1300 audit(1707482566.154:2034): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffa8f6a180 a2=3 a3=0 items=0 ppid=1 pid=7430 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=50 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:46.154000 audit[7430]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffa8f6a180 a2=3 a3=0 items=0 ppid=1 pid=7430 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=50 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:46.484973 kernel: audit: type=1327 audit(1707482566.154:2034): proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:46.154000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:46.159000 audit[7430]: USER_START pid=7430 uid=0 auid=500 ses=50 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:46.609863 kernel: audit: type=1105 audit(1707482566.159:2035): pid=7430 uid=0 auid=500 ses=50 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:46.609896 kernel: audit: type=1103 audit(1707482566.159:2036): pid=7432 uid=0 auid=500 ses=50 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:46.159000 audit[7432]: CRED_ACQ pid=7432 uid=0 auid=500 ses=50 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:46.699078 kernel: audit: type=1106 audit(1707482566.236:2037): pid=7430 uid=0 auid=500 ses=50 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:46.236000 audit[7430]: USER_END pid=7430 uid=0 auid=500 ses=50 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:46.794486 kernel: audit: type=1104 audit(1707482566.236:2038): pid=7430 uid=0 auid=500 ses=50 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:46.236000 audit[7430]: CRED_DISP pid=7430 uid=0 auid=500 ses=50 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:46.237000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@130-86.109.11.101:22-147.75.109.163:33120 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:46.895014 systemd[1]: Started sshd@131-86.109.11.101:22-218.92.0.118:16341.service. Feb 9 12:42:46.894000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@131-86.109.11.101:22-218.92.0.118:16341 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:47.150899 systemd[1]: Started sshd@132-86.109.11.101:22-43.153.64.49:58324.service. Feb 9 12:42:47.150000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@132-86.109.11.101:22-43.153.64.49:58324 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:47.266331 sshd[7457]: Invalid user wynnechen from 43.153.64.49 port 58324 Feb 9 12:42:47.272041 sshd[7457]: pam_faillock(sshd:auth): User unknown Feb 9 12:42:47.273065 sshd[7457]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:42:47.273149 sshd[7457]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.153.64.49 Feb 9 12:42:47.274151 sshd[7457]: pam_faillock(sshd:auth): User unknown Feb 9 12:42:47.274000 audit[7457]: USER_AUTH pid=7457 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="wynnechen" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:42:47.894777 sshd[7454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.118 user=root Feb 9 12:42:47.894000 audit[7454]: USER_AUTH pid=7454 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=218.92.0.118 addr=218.92.0.118 terminal=ssh res=failed' Feb 9 12:42:48.728500 sshd[7457]: Failed password for invalid user wynnechen from 43.153.64.49 port 58324 ssh2 Feb 9 12:42:49.349421 sshd[7454]: Failed password for root from 218.92.0.118 port 16341 ssh2 Feb 9 12:42:49.526000 audit[7454]: USER_AUTH pid=7454 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=218.92.0.118 addr=218.92.0.118 terminal=ssh res=failed' Feb 9 12:42:50.019658 sshd[7457]: Received disconnect from 43.153.64.49 port 58324:11: Bye Bye [preauth] Feb 9 12:42:50.019658 sshd[7457]: Disconnected from invalid user wynnechen 43.153.64.49 port 58324 [preauth] Feb 9 12:42:50.021936 systemd[1]: sshd@132-86.109.11.101:22-43.153.64.49:58324.service: Deactivated successfully. Feb 9 12:42:50.022000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@132-86.109.11.101:22-43.153.64.49:58324 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:51.245222 systemd[1]: Started sshd@133-86.109.11.101:22-147.75.109.163:33122.service. Feb 9 12:42:51.245000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@133-86.109.11.101:22-147.75.109.163:33122 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:51.271804 kernel: kauditd_printk_skb: 7 callbacks suppressed Feb 9 12:42:51.271842 kernel: audit: type=1130 audit(1707482571.245:2046): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@133-86.109.11.101:22-147.75.109.163:33122 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:51.389000 audit[7462]: USER_ACCT pid=7462 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:51.390001 sshd[7462]: Accepted publickey for core from 147.75.109.163 port 33122 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:42:51.391522 sshd[7462]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:42:51.393778 systemd-logind[1465]: New session 51 of user core. Feb 9 12:42:51.394243 systemd[1]: Started session-51.scope. Feb 9 12:42:51.472293 sshd[7462]: pam_unix(sshd:session): session closed for user core Feb 9 12:42:51.473663 systemd[1]: sshd@133-86.109.11.101:22-147.75.109.163:33122.service: Deactivated successfully. Feb 9 12:42:51.474100 systemd[1]: session-51.scope: Deactivated successfully. Feb 9 12:42:51.474501 systemd-logind[1465]: Session 51 logged out. Waiting for processes to exit. Feb 9 12:42:51.475054 systemd-logind[1465]: Removed session 51. Feb 9 12:42:51.391000 audit[7462]: CRED_ACQ pid=7462 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:51.571505 kernel: audit: type=1101 audit(1707482571.389:2047): pid=7462 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:51.571542 kernel: audit: type=1103 audit(1707482571.391:2048): pid=7462 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:51.571689 kernel: audit: type=1006 audit(1707482571.391:2049): pid=7462 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=51 res=1 Feb 9 12:42:51.587314 sshd[7454]: Failed password for root from 218.92.0.118 port 16341 ssh2 Feb 9 12:42:51.629979 kernel: audit: type=1300 audit(1707482571.391:2049): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff50dab3b0 a2=3 a3=0 items=0 ppid=1 pid=7462 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=51 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:51.391000 audit[7462]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff50dab3b0 a2=3 a3=0 items=0 ppid=1 pid=7462 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=51 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:51.391000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:51.752438 kernel: audit: type=1327 audit(1707482571.391:2049): proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:51.752477 kernel: audit: type=1105 audit(1707482571.396:2050): pid=7462 uid=0 auid=500 ses=51 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:51.396000 audit[7462]: USER_START pid=7462 uid=0 auid=500 ses=51 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:51.846852 kernel: audit: type=1103 audit(1707482571.396:2051): pid=7464 uid=0 auid=500 ses=51 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:51.396000 audit[7464]: CRED_ACQ pid=7464 uid=0 auid=500 ses=51 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:51.936042 kernel: audit: type=1106 audit(1707482571.472:2052): pid=7462 uid=0 auid=500 ses=51 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:51.472000 audit[7462]: USER_END pid=7462 uid=0 auid=500 ses=51 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:52.031482 kernel: audit: type=1104 audit(1707482571.472:2053): pid=7462 uid=0 auid=500 ses=51 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:51.472000 audit[7462]: CRED_DISP pid=7462 uid=0 auid=500 ses=51 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:51.473000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@133-86.109.11.101:22-147.75.109.163:33122 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:52.635000 audit[7454]: USER_AUTH pid=7454 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=218.92.0.118 addr=218.92.0.118 terminal=ssh res=failed' Feb 9 12:42:55.108841 sshd[7454]: Failed password for root from 218.92.0.118 port 16341 ssh2 Feb 9 12:42:55.133318 sshd[6706]: Timeout before authentication for 106.54.212.205 port 43340 Feb 9 12:42:55.134725 systemd[1]: sshd@102-86.109.11.101:22-106.54.212.205:43340.service: Deactivated successfully. Feb 9 12:42:55.134000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@102-86.109.11.101:22-106.54.212.205:43340 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:55.746526 sshd[7454]: Received disconnect from 218.92.0.118 port 16341:11: [preauth] Feb 9 12:42:55.746526 sshd[7454]: Disconnected from authenticating user root 218.92.0.118 port 16341 [preauth] Feb 9 12:42:55.747040 sshd[7454]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.118 user=root Feb 9 12:42:55.749066 systemd[1]: sshd@131-86.109.11.101:22-218.92.0.118:16341.service: Deactivated successfully. Feb 9 12:42:55.749000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@131-86.109.11.101:22-218.92.0.118:16341 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:55.909765 systemd[1]: Started sshd@134-86.109.11.101:22-218.92.0.118:16384.service. Feb 9 12:42:55.909000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@134-86.109.11.101:22-218.92.0.118:16384 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:56.482199 systemd[1]: Started sshd@135-86.109.11.101:22-147.75.109.163:33976.service. Feb 9 12:42:56.482000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@135-86.109.11.101:22-147.75.109.163:33976 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:56.508782 kernel: kauditd_printk_skb: 5 callbacks suppressed Feb 9 12:42:56.508856 kernel: audit: type=1130 audit(1707482576.482:2059): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@135-86.109.11.101:22-147.75.109.163:33976 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:56.627000 audit[7518]: USER_ACCT pid=7518 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:56.627621 sshd[7518]: Accepted publickey for core from 147.75.109.163 port 33976 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:42:56.629276 sshd[7518]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:42:56.631747 systemd-logind[1465]: New session 52 of user core. Feb 9 12:42:56.632306 systemd[1]: Started session-52.scope. Feb 9 12:42:56.628000 audit[7518]: CRED_ACQ pid=7518 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:56.722826 sshd[7518]: pam_unix(sshd:session): session closed for user core Feb 9 12:42:56.724216 systemd[1]: sshd@135-86.109.11.101:22-147.75.109.163:33976.service: Deactivated successfully. Feb 9 12:42:56.724668 systemd[1]: session-52.scope: Deactivated successfully. Feb 9 12:42:56.725072 systemd-logind[1465]: Session 52 logged out. Waiting for processes to exit. Feb 9 12:42:56.725662 systemd-logind[1465]: Removed session 52. Feb 9 12:42:56.811120 kernel: audit: type=1101 audit(1707482576.627:2060): pid=7518 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:56.811164 kernel: audit: type=1103 audit(1707482576.628:2061): pid=7518 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:56.811182 kernel: audit: type=1006 audit(1707482576.628:2062): pid=7518 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=52 res=1 Feb 9 12:42:56.869676 kernel: audit: type=1300 audit(1707482576.628:2062): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffeb1be4270 a2=3 a3=0 items=0 ppid=1 pid=7518 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=52 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:56.628000 audit[7518]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffeb1be4270 a2=3 a3=0 items=0 ppid=1 pid=7518 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=52 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:42:56.916698 sshd[7515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.118 user=root Feb 9 12:42:56.961649 kernel: audit: type=1327 audit(1707482576.628:2062): proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:56.628000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:42:56.992145 kernel: audit: type=1105 audit(1707482576.634:2063): pid=7518 uid=0 auid=500 ses=52 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:56.634000 audit[7518]: USER_START pid=7518 uid=0 auid=500 ses=52 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:56.634000 audit[7520]: CRED_ACQ pid=7520 uid=0 auid=500 ses=52 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:57.175739 kernel: audit: type=1103 audit(1707482576.634:2064): pid=7520 uid=0 auid=500 ses=52 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:57.175773 kernel: audit: type=1106 audit(1707482576.720:2065): pid=7518 uid=0 auid=500 ses=52 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:56.720000 audit[7518]: USER_END pid=7518 uid=0 auid=500 ses=52 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:56.720000 audit[7518]: CRED_DISP pid=7518 uid=0 auid=500 ses=52 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:57.360407 kernel: audit: type=1104 audit(1707482576.720:2066): pid=7518 uid=0 auid=500 ses=52 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:42:56.720000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@135-86.109.11.101:22-147.75.109.163:33976 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:42:56.915000 audit[7515]: USER_AUTH pid=7515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=218.92.0.118 addr=218.92.0.118 terminal=ssh res=failed' Feb 9 12:42:58.938415 sshd[7515]: Failed password for root from 218.92.0.118 port 16384 ssh2 Feb 9 12:43:00.028000 audit[7515]: ANOM_LOGIN_FAILURES pid=7515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='pam_faillock uid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:00.028000 audit[7515]: USER_AUTH pid=7515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=218.92.0.118 addr=218.92.0.118 terminal=ssh res=failed' Feb 9 12:43:00.028989 sshd[7515]: pam_faillock(sshd:auth): Consecutive login failures for user root account temporarily locked Feb 9 12:43:01.733101 systemd[1]: Started sshd@136-86.109.11.101:22-147.75.109.163:33980.service. Feb 9 12:43:01.732000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@136-86.109.11.101:22-147.75.109.163:33980 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:01.759835 kernel: kauditd_printk_skb: 4 callbacks suppressed Feb 9 12:43:01.759904 kernel: audit: type=1130 audit(1707482581.732:2071): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@136-86.109.11.101:22-147.75.109.163:33980 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:01.878000 audit[7544]: USER_ACCT pid=7544 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:01.879289 sshd[7544]: Accepted publickey for core from 147.75.109.163 port 33980 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:43:01.880538 sshd[7544]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:43:01.882927 systemd-logind[1465]: New session 53 of user core. Feb 9 12:43:01.883480 systemd[1]: Started session-53.scope. Feb 9 12:43:01.934288 sshd[7515]: Failed password for root from 218.92.0.118 port 16384 ssh2 Feb 9 12:43:01.961391 sshd[7544]: pam_unix(sshd:session): session closed for user core Feb 9 12:43:01.963184 systemd[1]: sshd@136-86.109.11.101:22-147.75.109.163:33980.service: Deactivated successfully. Feb 9 12:43:01.963527 systemd[1]: session-53.scope: Deactivated successfully. Feb 9 12:43:01.963894 systemd-logind[1465]: Session 53 logged out. Waiting for processes to exit. Feb 9 12:43:01.964465 systemd[1]: Started sshd@137-86.109.11.101:22-147.75.109.163:33994.service. Feb 9 12:43:01.964866 systemd-logind[1465]: Removed session 53. Feb 9 12:43:01.880000 audit[7544]: CRED_ACQ pid=7544 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:02.061146 kernel: audit: type=1101 audit(1707482581.878:2072): pid=7544 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:02.061190 kernel: audit: type=1103 audit(1707482581.880:2073): pid=7544 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:02.061210 kernel: audit: type=1006 audit(1707482581.880:2074): pid=7544 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=53 res=1 Feb 9 12:43:01.880000 audit[7544]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff3dac2b20 a2=3 a3=0 items=0 ppid=1 pid=7544 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=53 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:02.148510 sshd[7569]: Accepted publickey for core from 147.75.109.163 port 33994 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:43:02.150233 sshd[7569]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:43:02.152655 systemd-logind[1465]: New session 54 of user core. Feb 9 12:43:02.153114 systemd[1]: Started session-54.scope. Feb 9 12:43:02.211547 kernel: audit: type=1300 audit(1707482581.880:2074): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff3dac2b20 a2=3 a3=0 items=0 ppid=1 pid=7544 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=53 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:02.211642 kernel: audit: type=1327 audit(1707482581.880:2074): proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:01.880000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:01.885000 audit[7544]: USER_START pid=7544 uid=0 auid=500 ses=53 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:02.336470 kernel: audit: type=1105 audit(1707482581.885:2075): pid=7544 uid=0 auid=500 ses=53 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:02.336507 kernel: audit: type=1103 audit(1707482581.885:2076): pid=7546 uid=0 auid=500 ses=53 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:01.885000 audit[7546]: CRED_ACQ pid=7546 uid=0 auid=500 ses=53 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:02.425600 kernel: audit: type=1106 audit(1707482581.961:2077): pid=7544 uid=0 auid=500 ses=53 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:01.961000 audit[7544]: USER_END pid=7544 uid=0 auid=500 ses=53 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:01.961000 audit[7544]: CRED_DISP pid=7544 uid=0 auid=500 ses=53 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:02.610110 kernel: audit: type=1104 audit(1707482581.961:2078): pid=7544 uid=0 auid=500 ses=53 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:01.963000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@136-86.109.11.101:22-147.75.109.163:33980 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:01.964000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@137-86.109.11.101:22-147.75.109.163:33994 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:02.148000 audit[7569]: USER_ACCT pid=7569 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:02.149000 audit[7569]: CRED_ACQ pid=7569 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:02.149000 audit[7569]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff9138a9e0 a2=3 a3=0 items=0 ppid=1 pid=7569 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=54 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:02.149000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:02.154000 audit[7569]: USER_START pid=7569 uid=0 auid=500 ses=54 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:02.155000 audit[7571]: CRED_ACQ pid=7571 uid=0 auid=500 ses=54 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:03.142000 audit[7515]: USER_AUTH pid=7515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=218.92.0.118 addr=218.92.0.118 terminal=ssh res=failed' Feb 9 12:43:03.259779 sshd[7569]: pam_unix(sshd:session): session closed for user core Feb 9 12:43:03.262000 audit[7569]: USER_END pid=7569 uid=0 auid=500 ses=54 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:03.262000 audit[7569]: CRED_DISP pid=7569 uid=0 auid=500 ses=54 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:03.267526 systemd[1]: sshd@137-86.109.11.101:22-147.75.109.163:33994.service: Deactivated successfully. Feb 9 12:43:03.267000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@137-86.109.11.101:22-147.75.109.163:33994 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:03.269364 systemd[1]: session-54.scope: Deactivated successfully. Feb 9 12:43:03.271223 systemd-logind[1465]: Session 54 logged out. Waiting for processes to exit. Feb 9 12:43:03.274179 systemd[1]: Started sshd@138-86.109.11.101:22-147.75.109.163:34002.service. Feb 9 12:43:03.274000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@138-86.109.11.101:22-147.75.109.163:34002 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:03.276871 systemd-logind[1465]: Removed session 54. Feb 9 12:43:03.311000 audit[7592]: USER_ACCT pid=7592 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:03.312299 sshd[7592]: Accepted publickey for core from 147.75.109.163 port 34002 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:43:03.312000 audit[7592]: CRED_ACQ pid=7592 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:03.312000 audit[7592]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffeb61e8850 a2=3 a3=0 items=0 ppid=1 pid=7592 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=55 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:03.312000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:03.312907 sshd[7592]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:43:03.315239 systemd-logind[1465]: New session 55 of user core. Feb 9 12:43:03.315882 systemd[1]: Started session-55.scope. Feb 9 12:43:03.318000 audit[7592]: USER_START pid=7592 uid=0 auid=500 ses=55 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:03.318000 audit[7594]: CRED_ACQ pid=7594 uid=0 auid=500 ses=55 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:04.089000 audit[7617]: NETFILTER_CFG table=filter:111 family=2 entries=20 op=nft_register_rule pid=7617 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:43:04.089000 audit[7617]: SYSCALL arch=c000003e syscall=46 success=yes exit=11292 a0=3 a1=7ffd218c76b0 a2=0 a3=7ffd218c769c items=0 ppid=2874 pid=7617 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:04.089000 audit: PROCTITLE proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:43:04.096860 sshd[7592]: pam_unix(sshd:session): session closed for user core Feb 9 12:43:04.097000 audit[7592]: USER_END pid=7592 uid=0 auid=500 ses=55 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:04.097000 audit[7592]: CRED_DISP pid=7592 uid=0 auid=500 ses=55 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:04.098824 systemd[1]: sshd@138-86.109.11.101:22-147.75.109.163:34002.service: Deactivated successfully. Feb 9 12:43:04.098000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@138-86.109.11.101:22-147.75.109.163:34002 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:04.099278 systemd[1]: session-55.scope: Deactivated successfully. Feb 9 12:43:04.090000 audit[7617]: NETFILTER_CFG table=nat:112 family=2 entries=20 op=nft_register_rule pid=7617 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:43:04.090000 audit[7617]: SYSCALL arch=c000003e syscall=46 success=yes exit=5484 a0=3 a1=7ffd218c76b0 a2=0 a3=31030 items=0 ppid=2874 pid=7617 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:04.090000 audit: PROCTITLE proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:43:04.099762 systemd-logind[1465]: Session 55 logged out. Waiting for processes to exit. Feb 9 12:43:04.100524 systemd[1]: Started sshd@139-86.109.11.101:22-147.75.109.163:34014.service. Feb 9 12:43:04.100000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@139-86.109.11.101:22-147.75.109.163:34014 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:04.101166 systemd-logind[1465]: Removed session 55. Feb 9 12:43:04.114000 audit[7623]: NETFILTER_CFG table=filter:113 family=2 entries=32 op=nft_register_rule pid=7623 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:43:04.114000 audit[7623]: SYSCALL arch=c000003e syscall=46 success=yes exit=11292 a0=3 a1=7ffd084e7160 a2=0 a3=7ffd084e714c items=0 ppid=2874 pid=7623 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:04.114000 audit: PROCTITLE proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:43:04.114000 audit[7623]: NETFILTER_CFG table=nat:114 family=2 entries=20 op=nft_register_rule pid=7623 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" Feb 9 12:43:04.114000 audit[7623]: SYSCALL arch=c000003e syscall=46 success=yes exit=5484 a0=3 a1=7ffd084e7160 a2=0 a3=31030 items=0 ppid=2874 pid=7623 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:04.114000 audit: PROCTITLE proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 Feb 9 12:43:04.137000 audit[7620]: USER_ACCT pid=7620 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:04.138282 sshd[7620]: Accepted publickey for core from 147.75.109.163 port 34014 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:43:04.138000 audit[7620]: CRED_ACQ pid=7620 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:04.138000 audit[7620]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff942e8490 a2=3 a3=0 items=0 ppid=1 pid=7620 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=56 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:04.138000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:04.139214 sshd[7620]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:43:04.142372 systemd-logind[1465]: New session 56 of user core. Feb 9 12:43:04.143030 systemd[1]: Started session-56.scope. Feb 9 12:43:04.145000 audit[7620]: USER_START pid=7620 uid=0 auid=500 ses=56 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:04.146000 audit[7624]: CRED_ACQ pid=7624 uid=0 auid=500 ses=56 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:04.378404 sshd[7620]: pam_unix(sshd:session): session closed for user core Feb 9 12:43:04.378000 audit[7620]: USER_END pid=7620 uid=0 auid=500 ses=56 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:04.378000 audit[7620]: CRED_DISP pid=7620 uid=0 auid=500 ses=56 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:04.380256 systemd[1]: sshd@139-86.109.11.101:22-147.75.109.163:34014.service: Deactivated successfully. Feb 9 12:43:04.380000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@139-86.109.11.101:22-147.75.109.163:34014 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:04.380648 systemd[1]: session-56.scope: Deactivated successfully. Feb 9 12:43:04.381027 systemd-logind[1465]: Session 56 logged out. Waiting for processes to exit. Feb 9 12:43:04.381679 systemd[1]: Started sshd@140-86.109.11.101:22-147.75.109.163:34018.service. Feb 9 12:43:04.381000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@140-86.109.11.101:22-147.75.109.163:34018 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:04.382128 systemd-logind[1465]: Removed session 56. Feb 9 12:43:04.416000 audit[7645]: USER_ACCT pid=7645 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:04.416794 sshd[7645]: Accepted publickey for core from 147.75.109.163 port 34018 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:43:04.417000 audit[7645]: CRED_ACQ pid=7645 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:04.417000 audit[7645]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffcd8a190e0 a2=3 a3=0 items=0 ppid=1 pid=7645 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=57 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:04.417000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:04.417660 sshd[7645]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:43:04.420921 systemd-logind[1465]: New session 57 of user core. Feb 9 12:43:04.421610 systemd[1]: Started session-57.scope. Feb 9 12:43:04.425000 audit[7645]: USER_START pid=7645 uid=0 auid=500 ses=57 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:04.426000 audit[7647]: CRED_ACQ pid=7647 uid=0 auid=500 ses=57 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:04.547997 sshd[7645]: pam_unix(sshd:session): session closed for user core Feb 9 12:43:04.548000 audit[7645]: USER_END pid=7645 uid=0 auid=500 ses=57 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:04.548000 audit[7645]: CRED_DISP pid=7645 uid=0 auid=500 ses=57 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:04.549486 systemd[1]: sshd@140-86.109.11.101:22-147.75.109.163:34018.service: Deactivated successfully. Feb 9 12:43:04.549000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@140-86.109.11.101:22-147.75.109.163:34018 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:04.549914 systemd[1]: session-57.scope: Deactivated successfully. Feb 9 12:43:04.550185 systemd-logind[1465]: Session 57 logged out. Waiting for processes to exit. Feb 9 12:43:04.550826 systemd-logind[1465]: Removed session 57. Feb 9 12:43:05.460599 sshd[7515]: Failed password for root from 218.92.0.118 port 16384 ssh2 Feb 9 12:43:06.256218 sshd[7515]: Received disconnect from 218.92.0.118 port 16384:11: [preauth] Feb 9 12:43:06.256218 sshd[7515]: Disconnected from authenticating user root 218.92.0.118 port 16384 [preauth] Feb 9 12:43:06.256772 sshd[7515]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.118 user=root Feb 9 12:43:06.258889 systemd[1]: sshd@134-86.109.11.101:22-218.92.0.118:16384.service: Deactivated successfully. Feb 9 12:43:06.259000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@134-86.109.11.101:22-218.92.0.118:16384 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:06.405001 systemd[1]: Started sshd@141-86.109.11.101:22-218.92.0.118:22527.service. Feb 9 12:43:06.405000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@141-86.109.11.101:22-218.92.0.118:22527 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:07.370275 sshd[7671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.118 user=root Feb 9 12:43:07.370000 audit[7671]: USER_AUTH pid=7671 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=218.92.0.118 addr=218.92.0.118 terminal=ssh res=failed' Feb 9 12:43:07.397802 kernel: kauditd_printk_skb: 60 callbacks suppressed Feb 9 12:43:07.397885 kernel: audit: type=1100 audit(1707482587.370:2123): pid=7671 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=218.92.0.118 addr=218.92.0.118 terminal=ssh res=failed' Feb 9 12:43:09.236535 sshd[7671]: Failed password for root from 218.92.0.118 port 22527 ssh2 Feb 9 12:43:09.556989 systemd[1]: Started sshd@142-86.109.11.101:22-147.75.109.163:37744.service. Feb 9 12:43:09.555000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@142-86.109.11.101:22-147.75.109.163:37744 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:09.647326 kernel: audit: type=1130 audit(1707482589.555:2124): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@142-86.109.11.101:22-147.75.109.163:37744 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:09.707000 audit[7674]: USER_ACCT pid=7674 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:09.709276 sshd[7674]: Accepted publickey for core from 147.75.109.163 port 37744 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:43:09.713480 sshd[7674]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:43:09.723393 systemd-logind[1465]: New session 58 of user core. Feb 9 12:43:09.725777 systemd[1]: Started session-58.scope. Feb 9 12:43:09.711000 audit[7674]: CRED_ACQ pid=7674 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:09.820736 sshd[7674]: pam_unix(sshd:session): session closed for user core Feb 9 12:43:09.822100 systemd[1]: sshd@142-86.109.11.101:22-147.75.109.163:37744.service: Deactivated successfully. Feb 9 12:43:09.822545 systemd[1]: session-58.scope: Deactivated successfully. Feb 9 12:43:09.822950 systemd-logind[1465]: Session 58 logged out. Waiting for processes to exit. Feb 9 12:43:09.823486 systemd-logind[1465]: Removed session 58. Feb 9 12:43:09.892530 kernel: audit: type=1101 audit(1707482589.707:2125): pid=7674 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:09.892568 kernel: audit: type=1103 audit(1707482589.711:2126): pid=7674 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:09.892586 kernel: audit: type=1006 audit(1707482589.711:2127): pid=7674 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=58 res=1 Feb 9 12:43:09.951063 kernel: audit: type=1300 audit(1707482589.711:2127): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffcf80a92c0 a2=3 a3=0 items=0 ppid=1 pid=7674 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=58 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:09.711000 audit[7674]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffcf80a92c0 a2=3 a3=0 items=0 ppid=1 pid=7674 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=58 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:10.042891 kernel: audit: type=1327 audit(1707482589.711:2127): proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:09.711000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:10.073412 kernel: audit: type=1105 audit(1707482589.733:2128): pid=7674 uid=0 auid=500 ses=58 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:09.733000 audit[7674]: USER_START pid=7674 uid=0 auid=500 ses=58 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:10.168649 kernel: audit: type=1103 audit(1707482589.735:2129): pid=7676 uid=0 auid=500 ses=58 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:09.735000 audit[7676]: CRED_ACQ pid=7676 uid=0 auid=500 ses=58 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:10.257785 kernel: audit: type=1106 audit(1707482589.820:2130): pid=7674 uid=0 auid=500 ses=58 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:09.820000 audit[7674]: USER_END pid=7674 uid=0 auid=500 ses=58 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:09.820000 audit[7674]: CRED_DISP pid=7674 uid=0 auid=500 ses=58 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:09.820000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@142-86.109.11.101:22-147.75.109.163:37744 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:10.475000 audit[7671]: USER_AUTH pid=7671 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=218.92.0.118 addr=218.92.0.118 terminal=ssh res=failed' Feb 9 12:43:12.421434 sshd[7671]: Failed password for root from 218.92.0.118 port 22527 ssh2 Feb 9 12:43:13.582000 audit[7671]: USER_AUTH pid=7671 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=218.92.0.118 addr=218.92.0.118 terminal=ssh res=failed' Feb 9 12:43:13.624535 kernel: kauditd_printk_skb: 3 callbacks suppressed Feb 9 12:43:13.624617 kernel: audit: type=1100 audit(1707482593.582:2134): pid=7671 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=218.92.0.118 addr=218.92.0.118 terminal=ssh res=failed' Feb 9 12:43:14.830431 systemd[1]: Started sshd@143-86.109.11.101:22-147.75.109.163:44418.service. Feb 9 12:43:14.829000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@143-86.109.11.101:22-147.75.109.163:44418 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:14.922310 kernel: audit: type=1130 audit(1707482594.829:2135): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@143-86.109.11.101:22-147.75.109.163:44418 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:14.950330 sshd[7702]: Accepted publickey for core from 147.75.109.163 port 44418 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:43:14.949000 audit[7702]: USER_ACCT pid=7702 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:14.951524 sshd[7702]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:43:14.953724 systemd-logind[1465]: New session 59 of user core. Feb 9 12:43:14.954300 systemd[1]: Started session-59.scope. Feb 9 12:43:15.033684 sshd[7702]: pam_unix(sshd:session): session closed for user core Feb 9 12:43:15.034974 systemd[1]: sshd@143-86.109.11.101:22-147.75.109.163:44418.service: Deactivated successfully. Feb 9 12:43:15.035427 systemd[1]: session-59.scope: Deactivated successfully. Feb 9 12:43:15.035822 systemd-logind[1465]: Session 59 logged out. Waiting for processes to exit. Feb 9 12:43:15.036307 systemd-logind[1465]: Removed session 59. Feb 9 12:43:14.950000 audit[7702]: CRED_ACQ pid=7702 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:15.134887 kernel: audit: type=1101 audit(1707482594.949:2136): pid=7702 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:15.134925 kernel: audit: type=1103 audit(1707482594.950:2137): pid=7702 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:15.134942 kernel: audit: type=1006 audit(1707482594.950:2138): pid=7702 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=59 res=1 Feb 9 12:43:15.193723 kernel: audit: type=1300 audit(1707482594.950:2138): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe7b4a6ce0 a2=3 a3=0 items=0 ppid=1 pid=7702 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=59 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:14.950000 audit[7702]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe7b4a6ce0 a2=3 a3=0 items=0 ppid=1 pid=7702 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=59 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:15.286096 kernel: audit: type=1327 audit(1707482594.950:2138): proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:14.950000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:15.316743 kernel: audit: type=1105 audit(1707482594.954:2139): pid=7702 uid=0 auid=500 ses=59 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:14.954000 audit[7702]: USER_START pid=7702 uid=0 auid=500 ses=59 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:15.416462 kernel: audit: type=1103 audit(1707482594.955:2140): pid=7704 uid=0 auid=500 ses=59 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:14.955000 audit[7704]: CRED_ACQ pid=7704 uid=0 auid=500 ses=59 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:15.033000 audit[7702]: USER_END pid=7702 uid=0 auid=500 ses=59 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:15.598241 kernel: audit: type=1106 audit(1707482595.033:2141): pid=7702 uid=0 auid=500 ses=59 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:15.033000 audit[7702]: CRED_DISP pid=7702 uid=0 auid=500 ses=59 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:15.033000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@143-86.109.11.101:22-147.75.109.163:44418 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:15.940394 sshd[7671]: Failed password for root from 218.92.0.118 port 22527 ssh2 Feb 9 12:43:16.687656 sshd[7671]: Received disconnect from 218.92.0.118 port 22527:11: [preauth] Feb 9 12:43:16.687656 sshd[7671]: Disconnected from authenticating user root 218.92.0.118 port 22527 [preauth] Feb 9 12:43:16.688207 sshd[7671]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.118 user=root Feb 9 12:43:16.690161 systemd[1]: sshd@141-86.109.11.101:22-218.92.0.118:22527.service: Deactivated successfully. Feb 9 12:43:16.689000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@141-86.109.11.101:22-218.92.0.118:22527 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:20.045131 systemd[1]: Started sshd@144-86.109.11.101:22-147.75.109.163:44422.service. Feb 9 12:43:20.044000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@144-86.109.11.101:22-147.75.109.163:44422 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:20.072751 kernel: kauditd_printk_skb: 3 callbacks suppressed Feb 9 12:43:20.072807 kernel: audit: type=1130 audit(1707482600.044:2145): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@144-86.109.11.101:22-147.75.109.163:44422 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:20.205000 audit[7742]: USER_ACCT pid=7742 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:20.207268 sshd[7742]: Accepted publickey for core from 147.75.109.163 port 44422 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:43:20.209401 sshd[7742]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:43:20.211702 systemd-logind[1465]: New session 60 of user core. Feb 9 12:43:20.212192 systemd[1]: Started session-60.scope. Feb 9 12:43:20.291387 sshd[7742]: pam_unix(sshd:session): session closed for user core Feb 9 12:43:20.292870 systemd[1]: sshd@144-86.109.11.101:22-147.75.109.163:44422.service: Deactivated successfully. Feb 9 12:43:20.293318 systemd[1]: session-60.scope: Deactivated successfully. Feb 9 12:43:20.293703 systemd-logind[1465]: Session 60 logged out. Waiting for processes to exit. Feb 9 12:43:20.294118 systemd-logind[1465]: Removed session 60. Feb 9 12:43:20.207000 audit[7742]: CRED_ACQ pid=7742 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:20.390150 kernel: audit: type=1101 audit(1707482600.205:2146): pid=7742 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:20.390191 kernel: audit: type=1103 audit(1707482600.207:2147): pid=7742 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:20.390209 kernel: audit: type=1006 audit(1707482600.207:2148): pid=7742 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=60 res=1 Feb 9 12:43:20.449411 kernel: audit: type=1300 audit(1707482600.207:2148): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd22f02d00 a2=3 a3=0 items=0 ppid=1 pid=7742 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=60 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:20.207000 audit[7742]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd22f02d00 a2=3 a3=0 items=0 ppid=1 pid=7742 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=60 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:20.207000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:20.573309 kernel: audit: type=1327 audit(1707482600.207:2148): proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:20.573342 kernel: audit: type=1105 audit(1707482600.213:2149): pid=7742 uid=0 auid=500 ses=60 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:20.213000 audit[7742]: USER_START pid=7742 uid=0 auid=500 ses=60 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:20.213000 audit[7744]: CRED_ACQ pid=7744 uid=0 auid=500 ses=60 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:20.758430 kernel: audit: type=1103 audit(1707482600.213:2150): pid=7744 uid=0 auid=500 ses=60 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:20.758509 kernel: audit: type=1106 audit(1707482600.290:2151): pid=7742 uid=0 auid=500 ses=60 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:20.290000 audit[7742]: USER_END pid=7742 uid=0 auid=500 ses=60 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:20.854442 kernel: audit: type=1104 audit(1707482600.290:2152): pid=7742 uid=0 auid=500 ses=60 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:20.290000 audit[7742]: CRED_DISP pid=7742 uid=0 auid=500 ses=60 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:20.291000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@144-86.109.11.101:22-147.75.109.163:44422 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:23.331000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:43:23.331000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c000d27aa0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:43:23.331000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:43:23.331000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:43:23.331000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=c a1=c001fa1e00 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:43:23.331000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:43:23.462000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="sda9" ino=521007 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:43:23.462000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=66 a1=c014fd8870 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:43:23.462000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:43:23.462000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:43:23.462000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=66 a1=c009109020 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:43:23.462000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:43:23.462000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:43:23.462000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="sda9" ino=521013 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:43:23.462000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=67 a1=c00773ce20 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:43:23.462000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:43:23.462000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=68 a1=c0097cf590 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:43:23.462000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:43:23.463000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:43:23.463000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=69 a1=c008c64040 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:43:23.463000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:43:23.463000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:43:23.463000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=68 a1=c009109080 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:43:23.463000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:43:25.300949 systemd[1]: Started sshd@145-86.109.11.101:22-147.75.109.163:45378.service. Feb 9 12:43:25.299000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@145-86.109.11.101:22-147.75.109.163:45378 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:25.328124 kernel: kauditd_printk_skb: 25 callbacks suppressed Feb 9 12:43:25.328169 kernel: audit: type=1130 audit(1707482605.299:2162): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@145-86.109.11.101:22-147.75.109.163:45378 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:25.447000 audit[7794]: USER_ACCT pid=7794 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:25.448768 sshd[7794]: Accepted publickey for core from 147.75.109.163 port 45378 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:43:25.452097 sshd[7794]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:43:25.461834 systemd-logind[1465]: New session 61 of user core. Feb 9 12:43:25.464241 systemd[1]: Started session-61.scope. Feb 9 12:43:25.450000 audit[7794]: CRED_ACQ pid=7794 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:25.551055 sshd[7794]: pam_unix(sshd:session): session closed for user core Feb 9 12:43:25.552391 systemd[1]: sshd@145-86.109.11.101:22-147.75.109.163:45378.service: Deactivated successfully. Feb 9 12:43:25.552829 systemd[1]: session-61.scope: Deactivated successfully. Feb 9 12:43:25.553150 systemd-logind[1465]: Session 61 logged out. Waiting for processes to exit. Feb 9 12:43:25.553803 systemd-logind[1465]: Removed session 61. Feb 9 12:43:25.630793 kernel: audit: type=1101 audit(1707482605.447:2163): pid=7794 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:25.630835 kernel: audit: type=1103 audit(1707482605.450:2164): pid=7794 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:25.630854 kernel: audit: type=1006 audit(1707482605.450:2165): pid=7794 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=61 res=1 Feb 9 12:43:25.689735 kernel: audit: type=1300 audit(1707482605.450:2165): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe0f4f7780 a2=3 a3=0 items=0 ppid=1 pid=7794 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=61 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:25.450000 audit[7794]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe0f4f7780 a2=3 a3=0 items=0 ppid=1 pid=7794 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=61 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:25.782196 kernel: audit: type=1327 audit(1707482605.450:2165): proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:25.450000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:25.812864 kernel: audit: type=1105 audit(1707482605.472:2166): pid=7794 uid=0 auid=500 ses=61 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:25.472000 audit[7794]: USER_START pid=7794 uid=0 auid=500 ses=61 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:25.907852 kernel: audit: type=1103 audit(1707482605.474:2167): pid=7796 uid=0 auid=500 ses=61 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:25.474000 audit[7796]: CRED_ACQ pid=7796 uid=0 auid=500 ses=61 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:25.997052 kernel: audit: type=1106 audit(1707482605.550:2168): pid=7794 uid=0 auid=500 ses=61 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:25.550000 audit[7794]: USER_END pid=7794 uid=0 auid=500 ses=61 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:26.092542 kernel: audit: type=1104 audit(1707482605.550:2169): pid=7794 uid=0 auid=500 ses=61 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:25.550000 audit[7794]: CRED_DISP pid=7794 uid=0 auid=500 ses=61 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:25.551000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@145-86.109.11.101:22-147.75.109.163:45378 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:30.560069 systemd[1]: Started sshd@146-86.109.11.101:22-147.75.109.163:45386.service. Feb 9 12:43:30.558000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@146-86.109.11.101:22-147.75.109.163:45386 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:30.586349 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:43:30.586404 kernel: audit: type=1130 audit(1707482610.558:2171): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@146-86.109.11.101:22-147.75.109.163:45386 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:30.703000 audit[7821]: USER_ACCT pid=7821 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:30.704708 sshd[7821]: Accepted publickey for core from 147.75.109.163 port 45386 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:43:30.705799 sshd[7821]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:43:30.708190 systemd-logind[1465]: New session 62 of user core. Feb 9 12:43:30.708876 systemd[1]: Started session-62.scope. Feb 9 12:43:30.787240 sshd[7821]: pam_unix(sshd:session): session closed for user core Feb 9 12:43:30.788620 systemd[1]: sshd@146-86.109.11.101:22-147.75.109.163:45386.service: Deactivated successfully. Feb 9 12:43:30.789057 systemd[1]: session-62.scope: Deactivated successfully. Feb 9 12:43:30.789390 systemd-logind[1465]: Session 62 logged out. Waiting for processes to exit. Feb 9 12:43:30.789753 systemd-logind[1465]: Removed session 62. Feb 9 12:43:30.704000 audit[7821]: CRED_ACQ pid=7821 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:30.886505 kernel: audit: type=1101 audit(1707482610.703:2172): pid=7821 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:30.886545 kernel: audit: type=1103 audit(1707482610.704:2173): pid=7821 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:30.886565 kernel: audit: type=1006 audit(1707482610.704:2174): pid=7821 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=62 res=1 Feb 9 12:43:30.945107 kernel: audit: type=1300 audit(1707482610.704:2174): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc1a3ac260 a2=3 a3=0 items=0 ppid=1 pid=7821 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=62 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:30.704000 audit[7821]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc1a3ac260 a2=3 a3=0 items=0 ppid=1 pid=7821 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=62 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:31.037120 kernel: audit: type=1327 audit(1707482610.704:2174): proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:30.704000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:30.709000 audit[7821]: USER_START pid=7821 uid=0 auid=500 ses=62 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:31.162316 kernel: audit: type=1105 audit(1707482610.709:2175): pid=7821 uid=0 auid=500 ses=62 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:31.162345 kernel: audit: type=1103 audit(1707482610.710:2176): pid=7823 uid=0 auid=500 ses=62 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:30.710000 audit[7823]: CRED_ACQ pid=7823 uid=0 auid=500 ses=62 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:30.786000 audit[7821]: USER_END pid=7821 uid=0 auid=500 ses=62 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:31.346998 kernel: audit: type=1106 audit(1707482610.786:2177): pid=7821 uid=0 auid=500 ses=62 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:31.347027 kernel: audit: type=1104 audit(1707482610.786:2178): pid=7821 uid=0 auid=500 ses=62 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:30.786000 audit[7821]: CRED_DISP pid=7821 uid=0 auid=500 ses=62 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:30.787000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@146-86.109.11.101:22-147.75.109.163:45386 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:35.796487 systemd[1]: Started sshd@147-86.109.11.101:22-147.75.109.163:48054.service. Feb 9 12:43:35.795000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@147-86.109.11.101:22-147.75.109.163:48054 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:35.823469 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:43:35.823540 kernel: audit: type=1130 audit(1707482615.795:2180): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@147-86.109.11.101:22-147.75.109.163:48054 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:35.940000 audit[7847]: USER_ACCT pid=7847 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:35.942338 sshd[7847]: Accepted publickey for core from 147.75.109.163 port 48054 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:43:35.943572 sshd[7847]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:43:35.945908 systemd-logind[1465]: New session 63 of user core. Feb 9 12:43:35.946446 systemd[1]: Started session-63.scope. Feb 9 12:43:36.024156 sshd[7847]: pam_unix(sshd:session): session closed for user core Feb 9 12:43:36.025592 systemd[1]: sshd@147-86.109.11.101:22-147.75.109.163:48054.service: Deactivated successfully. Feb 9 12:43:36.026018 systemd[1]: session-63.scope: Deactivated successfully. Feb 9 12:43:36.026386 systemd-logind[1465]: Session 63 logged out. Waiting for processes to exit. Feb 9 12:43:36.026931 systemd-logind[1465]: Removed session 63. Feb 9 12:43:35.942000 audit[7847]: CRED_ACQ pid=7847 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:36.125246 kernel: audit: type=1101 audit(1707482615.940:2181): pid=7847 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:36.125293 kernel: audit: type=1103 audit(1707482615.942:2182): pid=7847 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:36.125309 kernel: audit: type=1006 audit(1707482615.942:2183): pid=7847 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=63 res=1 Feb 9 12:43:36.183760 kernel: audit: type=1300 audit(1707482615.942:2183): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffdf3bb55b0 a2=3 a3=0 items=0 ppid=1 pid=7847 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=63 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:35.942000 audit[7847]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffdf3bb55b0 a2=3 a3=0 items=0 ppid=1 pid=7847 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=63 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:36.275699 kernel: audit: type=1327 audit(1707482615.942:2183): proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:35.942000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:36.306174 kernel: audit: type=1105 audit(1707482615.947:2184): pid=7847 uid=0 auid=500 ses=63 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:35.947000 audit[7847]: USER_START pid=7847 uid=0 auid=500 ses=63 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:36.400535 kernel: audit: type=1103 audit(1707482615.947:2185): pid=7849 uid=0 auid=500 ses=63 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:35.947000 audit[7849]: CRED_ACQ pid=7849 uid=0 auid=500 ses=63 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:36.023000 audit[7847]: USER_END pid=7847 uid=0 auid=500 ses=63 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:36.585060 kernel: audit: type=1106 audit(1707482616.023:2186): pid=7847 uid=0 auid=500 ses=63 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:36.585094 kernel: audit: type=1104 audit(1707482616.023:2187): pid=7847 uid=0 auid=500 ses=63 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:36.023000 audit[7847]: CRED_DISP pid=7847 uid=0 auid=500 ses=63 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:36.024000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@147-86.109.11.101:22-147.75.109.163:48054 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:39.224000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:43:39.224000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c000521780 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:43:39.224000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:43:39.225000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:43:39.225000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0005217a0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:43:39.225000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:43:39.226000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:43:39.226000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c002f9cf00 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:43:39.226000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:43:39.228000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:43:39.228000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c002f9cf20 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:43:39.228000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:43:41.034011 systemd[1]: Started sshd@148-86.109.11.101:22-147.75.109.163:48070.service. Feb 9 12:43:41.032000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@148-86.109.11.101:22-147.75.109.163:48070 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:41.061109 kernel: kauditd_printk_skb: 13 callbacks suppressed Feb 9 12:43:41.061158 kernel: audit: type=1130 audit(1707482621.032:2193): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@148-86.109.11.101:22-147.75.109.163:48070 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:41.177000 audit[7896]: USER_ACCT pid=7896 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:41.178812 sshd[7896]: Accepted publickey for core from 147.75.109.163 port 48070 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:43:41.179514 sshd[7896]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:43:41.181882 systemd-logind[1465]: New session 64 of user core. Feb 9 12:43:41.182415 systemd[1]: Started session-64.scope. Feb 9 12:43:41.260973 sshd[7896]: pam_unix(sshd:session): session closed for user core Feb 9 12:43:41.262459 systemd[1]: sshd@148-86.109.11.101:22-147.75.109.163:48070.service: Deactivated successfully. Feb 9 12:43:41.262927 systemd[1]: session-64.scope: Deactivated successfully. Feb 9 12:43:41.263241 systemd-logind[1465]: Session 64 logged out. Waiting for processes to exit. Feb 9 12:43:41.263727 systemd-logind[1465]: Removed session 64. Feb 9 12:43:41.178000 audit[7896]: CRED_ACQ pid=7896 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:41.360398 kernel: audit: type=1101 audit(1707482621.177:2194): pid=7896 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:41.360441 kernel: audit: type=1103 audit(1707482621.178:2195): pid=7896 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:41.360460 kernel: audit: type=1006 audit(1707482621.178:2196): pid=7896 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=64 res=1 Feb 9 12:43:41.418918 kernel: audit: type=1300 audit(1707482621.178:2196): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc695f9d60 a2=3 a3=0 items=0 ppid=1 pid=7896 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=64 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:41.178000 audit[7896]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc695f9d60 a2=3 a3=0 items=0 ppid=1 pid=7896 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=64 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:41.510821 kernel: audit: type=1327 audit(1707482621.178:2196): proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:41.178000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:41.541311 kernel: audit: type=1105 audit(1707482621.183:2197): pid=7896 uid=0 auid=500 ses=64 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:41.183000 audit[7896]: USER_START pid=7896 uid=0 auid=500 ses=64 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:41.635685 kernel: audit: type=1103 audit(1707482621.183:2198): pid=7898 uid=0 auid=500 ses=64 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:41.183000 audit[7898]: CRED_ACQ pid=7898 uid=0 auid=500 ses=64 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:41.724829 kernel: audit: type=1106 audit(1707482621.260:2199): pid=7896 uid=0 auid=500 ses=64 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:41.260000 audit[7896]: USER_END pid=7896 uid=0 auid=500 ses=64 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:41.820252 kernel: audit: type=1104 audit(1707482621.260:2200): pid=7896 uid=0 auid=500 ses=64 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:41.260000 audit[7896]: CRED_DISP pid=7896 uid=0 auid=500 ses=64 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:41.261000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@148-86.109.11.101:22-147.75.109.163:48070 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:42.920284 systemd[1]: Started sshd@149-86.109.11.101:22-43.153.64.49:48762.service. Feb 9 12:43:42.919000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@149-86.109.11.101:22-43.153.64.49:48762 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:43.044666 sshd[7924]: Invalid user empirica from 43.153.64.49 port 48762 Feb 9 12:43:43.050333 sshd[7924]: pam_faillock(sshd:auth): User unknown Feb 9 12:43:43.051255 sshd[7924]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:43:43.051348 sshd[7924]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.153.64.49 Feb 9 12:43:43.052161 sshd[7924]: pam_faillock(sshd:auth): User unknown Feb 9 12:43:43.051000 audit[7924]: USER_AUTH pid=7924 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="empirica" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:43:44.526948 sshd[7924]: Failed password for invalid user empirica from 43.153.64.49 port 48762 ssh2 Feb 9 12:43:45.828742 sshd[7924]: Received disconnect from 43.153.64.49 port 48762:11: Bye Bye [preauth] Feb 9 12:43:45.828742 sshd[7924]: Disconnected from invalid user empirica 43.153.64.49 port 48762 [preauth] Feb 9 12:43:45.831221 systemd[1]: sshd@149-86.109.11.101:22-43.153.64.49:48762.service: Deactivated successfully. Feb 9 12:43:45.830000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@149-86.109.11.101:22-43.153.64.49:48762 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:46.271937 systemd[1]: Started sshd@150-86.109.11.101:22-147.75.109.163:43928.service. Feb 9 12:43:46.271000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@150-86.109.11.101:22-147.75.109.163:43928 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:46.299549 kernel: kauditd_printk_skb: 4 callbacks suppressed Feb 9 12:43:46.299620 kernel: audit: type=1130 audit(1707482626.271:2205): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@150-86.109.11.101:22-147.75.109.163:43928 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:46.417000 audit[7928]: USER_ACCT pid=7928 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:46.418581 sshd[7928]: Accepted publickey for core from 147.75.109.163 port 43928 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:43:46.420116 sshd[7928]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:43:46.422557 systemd-logind[1465]: New session 65 of user core. Feb 9 12:43:46.423069 systemd[1]: Started session-65.scope. Feb 9 12:43:46.500648 sshd[7928]: pam_unix(sshd:session): session closed for user core Feb 9 12:43:46.501999 systemd[1]: sshd@150-86.109.11.101:22-147.75.109.163:43928.service: Deactivated successfully. Feb 9 12:43:46.502532 systemd[1]: session-65.scope: Deactivated successfully. Feb 9 12:43:46.502852 systemd-logind[1465]: Session 65 logged out. Waiting for processes to exit. Feb 9 12:43:46.503284 systemd-logind[1465]: Removed session 65. Feb 9 12:43:46.418000 audit[7928]: CRED_ACQ pid=7928 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:46.600250 kernel: audit: type=1101 audit(1707482626.417:2206): pid=7928 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:46.600289 kernel: audit: type=1103 audit(1707482626.418:2207): pid=7928 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:46.600310 kernel: audit: type=1006 audit(1707482626.418:2208): pid=7928 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=65 res=1 Feb 9 12:43:46.658969 kernel: audit: type=1300 audit(1707482626.418:2208): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc2d5d05a0 a2=3 a3=0 items=0 ppid=1 pid=7928 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=65 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:46.418000 audit[7928]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc2d5d05a0 a2=3 a3=0 items=0 ppid=1 pid=7928 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=65 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:46.750933 kernel: audit: type=1327 audit(1707482626.418:2208): proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:46.418000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:46.423000 audit[7928]: USER_START pid=7928 uid=0 auid=500 ses=65 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:46.875932 kernel: audit: type=1105 audit(1707482626.423:2209): pid=7928 uid=0 auid=500 ses=65 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:46.875994 kernel: audit: type=1103 audit(1707482626.424:2210): pid=7930 uid=0 auid=500 ses=65 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:46.424000 audit[7930]: CRED_ACQ pid=7930 uid=0 auid=500 ses=65 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:46.965128 kernel: audit: type=1106 audit(1707482626.500:2211): pid=7928 uid=0 auid=500 ses=65 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:46.500000 audit[7928]: USER_END pid=7928 uid=0 auid=500 ses=65 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:47.060578 kernel: audit: type=1104 audit(1707482626.500:2212): pid=7928 uid=0 auid=500 ses=65 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:46.500000 audit[7928]: CRED_DISP pid=7928 uid=0 auid=500 ses=65 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:46.500000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@150-86.109.11.101:22-147.75.109.163:43928 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:51.403877 systemd[1]: Started sshd@151-86.109.11.101:22-106.54.212.205:48074.service. Feb 9 12:43:51.403000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@151-86.109.11.101:22-106.54.212.205:48074 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:51.444854 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:43:51.444935 kernel: audit: type=1130 audit(1707482631.403:2214): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@151-86.109.11.101:22-106.54.212.205:48074 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:51.503180 systemd[1]: Started sshd@152-86.109.11.101:22-147.75.109.163:43934.service. Feb 9 12:43:51.502000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@152-86.109.11.101:22-147.75.109.163:43934 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:51.562624 sshd[7955]: Accepted publickey for core from 147.75.109.163 port 43934 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:43:51.564556 sshd[7955]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:43:51.566703 systemd-logind[1465]: New session 66 of user core. Feb 9 12:43:51.567142 systemd[1]: Started session-66.scope. Feb 9 12:43:51.621623 kernel: audit: type=1130 audit(1707482631.502:2215): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@152-86.109.11.101:22-147.75.109.163:43934 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:51.561000 audit[7955]: USER_ACCT pid=7955 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:51.645800 sshd[7955]: pam_unix(sshd:session): session closed for user core Feb 9 12:43:51.647297 systemd[1]: sshd@152-86.109.11.101:22-147.75.109.163:43934.service: Deactivated successfully. Feb 9 12:43:51.647726 systemd[1]: session-66.scope: Deactivated successfully. Feb 9 12:43:51.648026 systemd-logind[1465]: Session 66 logged out. Waiting for processes to exit. Feb 9 12:43:51.648470 systemd-logind[1465]: Removed session 66. Feb 9 12:43:51.713741 kernel: audit: type=1101 audit(1707482631.561:2216): pid=7955 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:51.563000 audit[7955]: CRED_ACQ pid=7955 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:51.804471 kernel: audit: type=1103 audit(1707482631.563:2217): pid=7955 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:51.804505 kernel: audit: type=1006 audit(1707482631.563:2218): pid=7955 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=66 res=1 Feb 9 12:43:51.863097 kernel: audit: type=1300 audit(1707482631.563:2218): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffddc2f9c00 a2=3 a3=0 items=0 ppid=1 pid=7955 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=66 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:51.563000 audit[7955]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffddc2f9c00 a2=3 a3=0 items=0 ppid=1 pid=7955 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=66 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:51.563000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:51.985597 kernel: audit: type=1327 audit(1707482631.563:2218): proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:51.985634 kernel: audit: type=1105 audit(1707482631.567:2219): pid=7955 uid=0 auid=500 ses=66 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:51.567000 audit[7955]: USER_START pid=7955 uid=0 auid=500 ses=66 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:51.568000 audit[7957]: CRED_ACQ pid=7957 uid=0 auid=500 ses=66 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:52.170184 kernel: audit: type=1103 audit(1707482631.568:2220): pid=7957 uid=0 auid=500 ses=66 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:52.170251 kernel: audit: type=1106 audit(1707482631.645:2221): pid=7955 uid=0 auid=500 ses=66 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:51.645000 audit[7955]: USER_END pid=7955 uid=0 auid=500 ses=66 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:52.213833 sshd[7952]: Invalid user muto from 106.54.212.205 port 48074 Feb 9 12:43:52.214986 sshd[7952]: pam_faillock(sshd:auth): User unknown Feb 9 12:43:52.215165 sshd[7952]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:43:52.215183 sshd[7952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.212.205 Feb 9 12:43:52.215404 sshd[7952]: pam_faillock(sshd:auth): User unknown Feb 9 12:43:51.645000 audit[7955]: CRED_DISP pid=7955 uid=0 auid=500 ses=66 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:51.646000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@152-86.109.11.101:22-147.75.109.163:43934 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:52.214000 audit[7952]: USER_AUTH pid=7952 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="muto" exe="/usr/sbin/sshd" hostname=106.54.212.205 addr=106.54.212.205 terminal=ssh res=failed' Feb 9 12:43:54.924673 sshd[7952]: Failed password for invalid user muto from 106.54.212.205 port 48074 ssh2 Feb 9 12:43:56.389731 sshd[7952]: Received disconnect from 106.54.212.205 port 48074:11: Bye Bye [preauth] Feb 9 12:43:56.389731 sshd[7952]: Disconnected from invalid user muto 106.54.212.205 port 48074 [preauth] Feb 9 12:43:56.392436 systemd[1]: sshd@151-86.109.11.101:22-106.54.212.205:48074.service: Deactivated successfully. Feb 9 12:43:56.391000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@151-86.109.11.101:22-106.54.212.205:48074 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:56.655456 systemd[1]: Started sshd@153-86.109.11.101:22-147.75.109.163:34078.service. Feb 9 12:43:56.654000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@153-86.109.11.101:22-147.75.109.163:34078 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:56.682710 kernel: kauditd_printk_skb: 4 callbacks suppressed Feb 9 12:43:56.682789 kernel: audit: type=1130 audit(1707482636.654:2226): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@153-86.109.11.101:22-147.75.109.163:34078 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:43:56.800000 audit[8011]: USER_ACCT pid=8011 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:56.801394 sshd[8011]: Accepted publickey for core from 147.75.109.163 port 34078 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:43:56.802512 sshd[8011]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:43:56.804708 systemd-logind[1465]: New session 67 of user core. Feb 9 12:43:56.805182 systemd[1]: Started session-67.scope. Feb 9 12:43:56.887708 sshd[8011]: pam_unix(sshd:session): session closed for user core Feb 9 12:43:56.889110 systemd[1]: sshd@153-86.109.11.101:22-147.75.109.163:34078.service: Deactivated successfully. Feb 9 12:43:56.889629 systemd[1]: session-67.scope: Deactivated successfully. Feb 9 12:43:56.890043 systemd-logind[1465]: Session 67 logged out. Waiting for processes to exit. Feb 9 12:43:56.890714 systemd-logind[1465]: Removed session 67. Feb 9 12:43:56.801000 audit[8011]: CRED_ACQ pid=8011 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:56.985914 kernel: audit: type=1101 audit(1707482636.800:2227): pid=8011 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:56.985952 kernel: audit: type=1103 audit(1707482636.801:2228): pid=8011 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:56.985969 kernel: audit: type=1006 audit(1707482636.801:2229): pid=8011 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=67 res=1 Feb 9 12:43:57.044795 kernel: audit: type=1300 audit(1707482636.801:2229): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff2fb5e040 a2=3 a3=0 items=0 ppid=1 pid=8011 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=67 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:56.801000 audit[8011]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff2fb5e040 a2=3 a3=0 items=0 ppid=1 pid=8011 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=67 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:43:56.801000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:57.167911 kernel: audit: type=1327 audit(1707482636.801:2229): proctitle=737368643A20636F7265205B707269765D Feb 9 12:43:57.167941 kernel: audit: type=1105 audit(1707482636.805:2230): pid=8011 uid=0 auid=500 ses=67 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:56.805000 audit[8011]: USER_START pid=8011 uid=0 auid=500 ses=67 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:56.806000 audit[8013]: CRED_ACQ pid=8013 uid=0 auid=500 ses=67 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:57.352542 kernel: audit: type=1103 audit(1707482636.806:2231): pid=8013 uid=0 auid=500 ses=67 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:57.352575 kernel: audit: type=1106 audit(1707482636.887:2232): pid=8011 uid=0 auid=500 ses=67 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:56.887000 audit[8011]: USER_END pid=8011 uid=0 auid=500 ses=67 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:57.448434 kernel: audit: type=1104 audit(1707482636.887:2233): pid=8011 uid=0 auid=500 ses=67 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:56.887000 audit[8011]: CRED_DISP pid=8011 uid=0 auid=500 ses=67 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:43:56.888000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@153-86.109.11.101:22-147.75.109.163:34078 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:00.357477 env[1477]: time="2024-02-09T12:44:00.357449191Z" level=info msg="ImageCreate event &ImageCreate{Name:ghcr.io/flatcar/calico/kube-controllers:v3.27.0,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:44:00.358105 env[1477]: time="2024-02-09T12:44:00.358093288Z" level=info msg="ImageCreate event &ImageCreate{Name:sha256:4e87edec0297dadd6f3bb25b2f540fd40e2abed9fff582c97ff4cd751d3f9803,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:44:00.359489 env[1477]: time="2024-02-09T12:44:00.359474646Z" level=info msg="ImageUpdate event &ImageUpdate{Name:ghcr.io/flatcar/calico/kube-controllers:v3.27.0,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:44:00.360363 env[1477]: time="2024-02-09T12:44:00.360334325Z" level=info msg="ImageCreate event &ImageCreate{Name:ghcr.io/flatcar/calico/kube-controllers@sha256:e264ab1fb2f1ae90dd1d84e226d11d2eb4350e74ac27de4c65f29f5aadba5bb1,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:44:00.361939 env[1477]: time="2024-02-09T12:44:00.361921565Z" level=info msg="PullImage \"ghcr.io/flatcar/calico/kube-controllers:v3.27.0\" returns image reference \"sha256:4e87edec0297dadd6f3bb25b2f540fd40e2abed9fff582c97ff4cd751d3f9803\"" Feb 9 12:44:00.362324 env[1477]: time="2024-02-09T12:44:00.362311407Z" level=info msg="PullImage \"ghcr.io/flatcar/calico/csi:v3.27.0\"" Feb 9 12:44:00.365981 env[1477]: time="2024-02-09T12:44:00.365961158Z" level=info msg="CreateContainer within sandbox \"ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da\" for container &ContainerMetadata{Name:calico-kube-controllers,Attempt:0,}" Feb 9 12:44:00.370370 env[1477]: time="2024-02-09T12:44:00.370325180Z" level=info msg="CreateContainer within sandbox \"ad2fff0f4492a0b4366a3700a6e1af89c5d082f087d6d5666d5f44e6418337da\" for &ContainerMetadata{Name:calico-kube-controllers,Attempt:0,} returns container id \"c99e7e391393ee1b1afa9ff56c0d66942a7d226bd768f0357d2d95b1118dcc17\"" Feb 9 12:44:00.370590 env[1477]: time="2024-02-09T12:44:00.370546089Z" level=info msg="StartContainer for \"c99e7e391393ee1b1afa9ff56c0d66942a7d226bd768f0357d2d95b1118dcc17\"" Feb 9 12:44:00.391932 systemd[1]: Started cri-containerd-c99e7e391393ee1b1afa9ff56c0d66942a7d226bd768f0357d2d95b1118dcc17.scope. Feb 9 12:44:00.396000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit[1]: AVC avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit[1]: AVC avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit: BPF prog-id=176 op=LOAD Feb 9 12:44:00.396000 audit[8045]: AVC avc: denied { bpf } for pid=8045 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit[8045]: SYSCALL arch=c000003e syscall=321 success=yes exit=0 a0=f a1=c000197c48 a2=10 a3=1c items=0 ppid=4592 pid=8045 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:00.396000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6339396537653339313339336565316231616661396666353663306436 Feb 9 12:44:00.396000 audit[8045]: AVC avc: denied { perfmon } for pid=8045 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit[8045]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=0 a1=c0001976b0 a2=3c a3=8 items=0 ppid=4592 pid=8045 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:00.396000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6339396537653339313339336565316231616661396666353663306436 Feb 9 12:44:00.396000 audit[8045]: AVC avc: denied { bpf } for pid=8045 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit[8045]: AVC avc: denied { bpf } for pid=8045 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit[8045]: AVC avc: denied { bpf } for pid=8045 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit[8045]: AVC avc: denied { perfmon } for pid=8045 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit[8045]: AVC avc: denied { perfmon } for pid=8045 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit[8045]: AVC avc: denied { perfmon } for pid=8045 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit[8045]: AVC avc: denied { perfmon } for pid=8045 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit[8045]: AVC avc: denied { perfmon } for pid=8045 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit[8045]: AVC avc: denied { bpf } for pid=8045 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit[8045]: AVC avc: denied { bpf } for pid=8045 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.396000 audit: BPF prog-id=177 op=LOAD Feb 9 12:44:00.396000 audit[8045]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c0001979d8 a2=78 a3=c0003d20a0 items=0 ppid=4592 pid=8045 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:00.396000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6339396537653339313339336565316231616661396666353663306436 Feb 9 12:44:00.397000 audit[8045]: AVC avc: denied { bpf } for pid=8045 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.397000 audit[8045]: AVC avc: denied { bpf } for pid=8045 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.397000 audit[8045]: AVC avc: denied { perfmon } for pid=8045 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.397000 audit[8045]: AVC avc: denied { perfmon } for pid=8045 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.397000 audit[8045]: AVC avc: denied { perfmon } for pid=8045 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.397000 audit[8045]: AVC avc: denied { perfmon } for pid=8045 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.397000 audit[8045]: AVC avc: denied { perfmon } for pid=8045 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.397000 audit[8045]: AVC avc: denied { bpf } for pid=8045 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.397000 audit[8045]: AVC avc: denied { bpf } for pid=8045 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.397000 audit: BPF prog-id=178 op=LOAD Feb 9 12:44:00.397000 audit[8045]: SYSCALL arch=c000003e syscall=321 success=yes exit=18 a0=5 a1=c000197770 a2=78 a3=c0003d20e8 items=0 ppid=4592 pid=8045 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:00.397000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6339396537653339313339336565316231616661396666353663306436 Feb 9 12:44:00.397000 audit: BPF prog-id=178 op=UNLOAD Feb 9 12:44:00.397000 audit: BPF prog-id=177 op=UNLOAD Feb 9 12:44:00.397000 audit[8045]: AVC avc: denied { bpf } for pid=8045 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.397000 audit[8045]: AVC avc: denied { bpf } for pid=8045 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.397000 audit[8045]: AVC avc: denied { bpf } for pid=8045 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.397000 audit[8045]: AVC avc: denied { perfmon } for pid=8045 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.397000 audit[8045]: AVC avc: denied { perfmon } for pid=8045 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.397000 audit[8045]: AVC avc: denied { perfmon } for pid=8045 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.397000 audit[8045]: AVC avc: denied { perfmon } for pid=8045 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.397000 audit[8045]: AVC avc: denied { perfmon } for pid=8045 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.397000 audit[8045]: AVC avc: denied { bpf } for pid=8045 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.397000 audit[8045]: AVC avc: denied { bpf } for pid=8045 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:00.397000 audit: BPF prog-id=179 op=LOAD Feb 9 12:44:00.397000 audit[8045]: SYSCALL arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c000197c30 a2=78 a3=c0003d24f8 items=0 ppid=4592 pid=8045 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:00.397000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6339396537653339313339336565316231616661396666353663306436 Feb 9 12:44:00.440187 env[1477]: time="2024-02-09T12:44:00.440154812Z" level=info msg="StartContainer for \"c99e7e391393ee1b1afa9ff56c0d66942a7d226bd768f0357d2d95b1118dcc17\" returns successfully" Feb 9 12:44:01.091386 kubelet[2604]: I0209 12:44:01.091316 2604 pod_startup_latency_tracker.go:102] "Observed pod startup duration" pod="calico-system/calico-kube-controllers-8598b7b64f-447jc" podStartSLOduration=72.610197737 podCreationTimestamp="2024-02-09 12:32:45 +0000 UTC" firstStartedPulling="2024-02-09 12:33:56.881175701 +0000 UTC m=+89.908662892" lastFinishedPulling="2024-02-09 12:44:00.362149144 +0000 UTC m=+693.389636338" observedRunningTime="2024-02-09 12:44:01.089948316 +0000 UTC m=+694.117435577" watchObservedRunningTime="2024-02-09 12:44:01.091171183 +0000 UTC m=+694.118658419" Feb 9 12:44:01.890720 systemd[1]: Started sshd@154-86.109.11.101:22-147.75.109.163:34092.service. Feb 9 12:44:01.889000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@154-86.109.11.101:22-147.75.109.163:34092 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:01.917909 kernel: kauditd_printk_skb: 58 callbacks suppressed Feb 9 12:44:01.917946 kernel: audit: type=1130 audit(1707482641.889:2253): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@154-86.109.11.101:22-147.75.109.163:34092 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:02.036000 audit[8119]: USER_ACCT pid=8119 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:02.037634 sshd[8119]: Accepted publickey for core from 147.75.109.163 port 34092 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:44:02.038515 sshd[8119]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:44:02.040752 systemd-logind[1465]: New session 68 of user core. Feb 9 12:44:02.041206 systemd[1]: Started session-68.scope. Feb 9 12:44:02.118867 sshd[8119]: pam_unix(sshd:session): session closed for user core Feb 9 12:44:02.037000 audit[8119]: CRED_ACQ pid=8119 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:02.120284 systemd[1]: sshd@154-86.109.11.101:22-147.75.109.163:34092.service: Deactivated successfully. Feb 9 12:44:02.120779 systemd[1]: session-68.scope: Deactivated successfully. Feb 9 12:44:02.121113 systemd-logind[1465]: Session 68 logged out. Waiting for processes to exit. Feb 9 12:44:02.121598 systemd-logind[1465]: Removed session 68. Feb 9 12:44:02.219588 kernel: audit: type=1101 audit(1707482642.036:2254): pid=8119 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:02.219631 kernel: audit: type=1103 audit(1707482642.037:2255): pid=8119 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:02.219657 kernel: audit: type=1006 audit(1707482642.037:2256): pid=8119 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=68 res=1 Feb 9 12:44:02.037000 audit[8119]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff3a4e5740 a2=3 a3=0 items=0 ppid=1 pid=8119 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=68 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:02.371032 kernel: audit: type=1300 audit(1707482642.037:2256): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff3a4e5740 a2=3 a3=0 items=0 ppid=1 pid=8119 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=68 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:02.371073 kernel: audit: type=1327 audit(1707482642.037:2256): proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:02.037000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:02.401712 kernel: audit: type=1105 audit(1707482642.042:2257): pid=8119 uid=0 auid=500 ses=68 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:02.042000 audit[8119]: USER_START pid=8119 uid=0 auid=500 ses=68 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:02.042000 audit[8124]: CRED_ACQ pid=8124 uid=0 auid=500 ses=68 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:02.585803 kernel: audit: type=1103 audit(1707482642.042:2258): pid=8124 uid=0 auid=500 ses=68 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:02.585865 kernel: audit: type=1106 audit(1707482642.118:2259): pid=8119 uid=0 auid=500 ses=68 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:02.118000 audit[8119]: USER_END pid=8119 uid=0 auid=500 ses=68 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:02.118000 audit[8119]: CRED_DISP pid=8119 uid=0 auid=500 ses=68 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:02.770493 kernel: audit: type=1104 audit(1707482642.118:2260): pid=8119 uid=0 auid=500 ses=68 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:02.119000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@154-86.109.11.101:22-147.75.109.163:34092 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:04.228611 systemd[1]: var-lib-containerd-tmpmounts-containerd\x2dmount1341000162.mount: Deactivated successfully. Feb 9 12:44:05.491105 env[1477]: time="2024-02-09T12:44:05.491075177Z" level=info msg="ImageCreate event &ImageCreate{Name:ghcr.io/flatcar/calico/csi:v3.27.0,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:44:05.491739 env[1477]: time="2024-02-09T12:44:05.491726066Z" level=info msg="ImageCreate event &ImageCreate{Name:sha256:91c1c91da7602f16686c149419195b486669f3a1828fd320cf332fdc6a25297d,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:44:05.492453 env[1477]: time="2024-02-09T12:44:05.492442352Z" level=info msg="ImageUpdate event &ImageUpdate{Name:ghcr.io/flatcar/calico/csi:v3.27.0,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:44:05.493478 env[1477]: time="2024-02-09T12:44:05.493463827Z" level=info msg="ImageCreate event &ImageCreate{Name:ghcr.io/flatcar/calico/csi@sha256:2b9021393c17e87ba8a3c89f5b3719941812f4e4751caa0b71eb2233bff48738,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:44:05.493707 env[1477]: time="2024-02-09T12:44:05.493693145Z" level=info msg="PullImage \"ghcr.io/flatcar/calico/csi:v3.27.0\" returns image reference \"sha256:91c1c91da7602f16686c149419195b486669f3a1828fd320cf332fdc6a25297d\"" Feb 9 12:44:05.494881 env[1477]: time="2024-02-09T12:44:05.494823799Z" level=info msg="CreateContainer within sandbox \"8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb\" for container &ContainerMetadata{Name:calico-csi,Attempt:0,}" Feb 9 12:44:05.500177 env[1477]: time="2024-02-09T12:44:05.500162163Z" level=info msg="CreateContainer within sandbox \"8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb\" for &ContainerMetadata{Name:calico-csi,Attempt:0,} returns container id \"a4c9b958caff45ad59d7f4cd2854e1111485757e595d26845c6f4c2fe8ab3035\"" Feb 9 12:44:05.500568 env[1477]: time="2024-02-09T12:44:05.500521772Z" level=info msg="StartContainer for \"a4c9b958caff45ad59d7f4cd2854e1111485757e595d26845c6f4c2fe8ab3035\"" Feb 9 12:44:05.524757 systemd[1]: Started cri-containerd-a4c9b958caff45ad59d7f4cd2854e1111485757e595d26845c6f4c2fe8ab3035.scope. Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { perfmon } for pid=8153 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c0001976b0 a2=3c a3=8 items=0 ppid=4795 pid=8153 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:05.530000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6134633962393538636166663435616435396437663463643238353465 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { bpf } for pid=8153 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { bpf } for pid=8153 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { bpf } for pid=8153 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { perfmon } for pid=8153 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { perfmon } for pid=8153 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { perfmon } for pid=8153 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { perfmon } for pid=8153 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { perfmon } for pid=8153 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { bpf } for pid=8153 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { bpf } for pid=8153 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit: BPF prog-id=180 op=LOAD Feb 9 12:44:05.530000 audit[8153]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c0001979d8 a2=78 a3=c0003ee080 items=0 ppid=4795 pid=8153 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:05.530000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6134633962393538636166663435616435396437663463643238353465 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { bpf } for pid=8153 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { bpf } for pid=8153 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { perfmon } for pid=8153 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { perfmon } for pid=8153 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { perfmon } for pid=8153 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { perfmon } for pid=8153 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { perfmon } for pid=8153 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { bpf } for pid=8153 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { bpf } for pid=8153 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit: BPF prog-id=181 op=LOAD Feb 9 12:44:05.530000 audit[8153]: SYSCALL arch=c000003e syscall=321 success=yes exit=17 a0=5 a1=c000197770 a2=78 a3=c0003ee0c8 items=0 ppid=4795 pid=8153 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:05.530000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6134633962393538636166663435616435396437663463643238353465 Feb 9 12:44:05.530000 audit: BPF prog-id=181 op=UNLOAD Feb 9 12:44:05.530000 audit: BPF prog-id=180 op=UNLOAD Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { bpf } for pid=8153 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { bpf } for pid=8153 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { bpf } for pid=8153 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { perfmon } for pid=8153 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { perfmon } for pid=8153 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { perfmon } for pid=8153 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { perfmon } for pid=8153 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { perfmon } for pid=8153 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { bpf } for pid=8153 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit[8153]: AVC avc: denied { bpf } for pid=8153 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:05.530000 audit: BPF prog-id=182 op=LOAD Feb 9 12:44:05.530000 audit[8153]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c000197c30 a2=78 a3=c0003ee158 items=0 ppid=4795 pid=8153 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:05.530000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6134633962393538636166663435616435396437663463643238353465 Feb 9 12:44:05.538318 env[1477]: time="2024-02-09T12:44:05.538269182Z" level=info msg="StartContainer for \"a4c9b958caff45ad59d7f4cd2854e1111485757e595d26845c6f4c2fe8ab3035\" returns successfully" Feb 9 12:44:05.538838 env[1477]: time="2024-02-09T12:44:05.538828219Z" level=info msg="PullImage \"ghcr.io/flatcar/calico/node-driver-registrar:v3.27.0\"" Feb 9 12:44:07.129048 systemd[1]: Started sshd@155-86.109.11.101:22-147.75.109.163:33922.service. Feb 9 12:44:07.127000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@155-86.109.11.101:22-147.75.109.163:33922 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:07.155921 kernel: kauditd_printk_skb: 44 callbacks suppressed Feb 9 12:44:07.156014 kernel: audit: type=1130 audit(1707482647.127:2268): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@155-86.109.11.101:22-147.75.109.163:33922 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:07.273762 sshd[8180]: Accepted publickey for core from 147.75.109.163 port 33922 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:44:07.272000 audit[8180]: USER_ACCT pid=8180 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:07.274530 sshd[8180]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:44:07.276926 systemd-logind[1465]: New session 69 of user core. Feb 9 12:44:07.277368 systemd[1]: Started session-69.scope. Feb 9 12:44:07.355831 sshd[8180]: pam_unix(sshd:session): session closed for user core Feb 9 12:44:07.357387 systemd[1]: sshd@155-86.109.11.101:22-147.75.109.163:33922.service: Deactivated successfully. Feb 9 12:44:07.357861 systemd[1]: session-69.scope: Deactivated successfully. Feb 9 12:44:07.358149 systemd-logind[1465]: Session 69 logged out. Waiting for processes to exit. Feb 9 12:44:07.358654 systemd-logind[1465]: Removed session 69. Feb 9 12:44:07.273000 audit[8180]: CRED_ACQ pid=8180 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:07.458363 kernel: audit: type=1101 audit(1707482647.272:2269): pid=8180 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:07.458427 kernel: audit: type=1103 audit(1707482647.273:2270): pid=8180 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:07.458462 kernel: audit: type=1006 audit(1707482647.273:2271): pid=8180 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=69 res=1 Feb 9 12:44:07.273000 audit[8180]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffff67e4570 a2=3 a3=0 items=0 ppid=1 pid=8180 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=69 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:07.608989 kernel: audit: type=1300 audit(1707482647.273:2271): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffff67e4570 a2=3 a3=0 items=0 ppid=1 pid=8180 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=69 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:07.609044 kernel: audit: type=1327 audit(1707482647.273:2271): proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:07.273000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:07.278000 audit[8180]: USER_START pid=8180 uid=0 auid=500 ses=69 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:07.734003 kernel: audit: type=1105 audit(1707482647.278:2272): pid=8180 uid=0 auid=500 ses=69 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:07.734090 kernel: audit: type=1103 audit(1707482647.278:2273): pid=8182 uid=0 auid=500 ses=69 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:07.278000 audit[8182]: CRED_ACQ pid=8182 uid=0 auid=500 ses=69 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:07.355000 audit[8180]: USER_END pid=8180 uid=0 auid=500 ses=69 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:07.918872 kernel: audit: type=1106 audit(1707482647.355:2274): pid=8180 uid=0 auid=500 ses=69 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:07.918926 kernel: audit: type=1104 audit(1707482647.355:2275): pid=8180 uid=0 auid=500 ses=69 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:07.355000 audit[8180]: CRED_DISP pid=8180 uid=0 auid=500 ses=69 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:07.356000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@155-86.109.11.101:22-147.75.109.163:33922 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:10.722046 env[1477]: time="2024-02-09T12:44:10.722014855Z" level=info msg="ImageCreate event &ImageCreate{Name:ghcr.io/flatcar/calico/node-driver-registrar:v3.27.0,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:44:10.722682 env[1477]: time="2024-02-09T12:44:10.722656093Z" level=info msg="ImageCreate event &ImageCreate{Name:sha256:d36ef67f7b24c4facd86d0bc06b0cd907431a822dee695eb06b86a905bff85d4,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:44:10.723891 env[1477]: time="2024-02-09T12:44:10.723875286Z" level=info msg="ImageUpdate event &ImageUpdate{Name:ghcr.io/flatcar/calico/node-driver-registrar:v3.27.0,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:44:10.724474 env[1477]: time="2024-02-09T12:44:10.724462649Z" level=info msg="ImageCreate event &ImageCreate{Name:ghcr.io/flatcar/calico/node-driver-registrar@sha256:45a7aba6020a7cf7b866cb8a8d481b30c97e9b3407e1459aaa65a5b4cc06633a,Labels:map[string]string{io.cri-containerd.image: managed,},XXX_unrecognized:[],}" Feb 9 12:44:10.724755 env[1477]: time="2024-02-09T12:44:10.724743658Z" level=info msg="PullImage \"ghcr.io/flatcar/calico/node-driver-registrar:v3.27.0\" returns image reference \"sha256:d36ef67f7b24c4facd86d0bc06b0cd907431a822dee695eb06b86a905bff85d4\"" Feb 9 12:44:10.725880 env[1477]: time="2024-02-09T12:44:10.725868442Z" level=info msg="CreateContainer within sandbox \"8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb\" for container &ContainerMetadata{Name:csi-node-driver-registrar,Attempt:0,}" Feb 9 12:44:10.731407 env[1477]: time="2024-02-09T12:44:10.731392485Z" level=info msg="CreateContainer within sandbox \"8e7490ede8f22c4a5c69096c20227e743a1dbc51237d9f2315ae91d0a1819cbb\" for &ContainerMetadata{Name:csi-node-driver-registrar,Attempt:0,} returns container id \"575b0cdd9b604230f15fb41e075fbd4dbb648ef39400cf6bbc6218ece1889c8d\"" Feb 9 12:44:10.731694 env[1477]: time="2024-02-09T12:44:10.731667126Z" level=info msg="StartContainer for \"575b0cdd9b604230f15fb41e075fbd4dbb648ef39400cf6bbc6218ece1889c8d\"" Feb 9 12:44:10.755017 systemd[1]: Started cri-containerd-575b0cdd9b604230f15fb41e075fbd4dbb648ef39400cf6bbc6218ece1889c8d.scope. Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { perfmon } for pid=8211 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c0001976b0 a2=3c a3=8 items=0 ppid=4795 pid=8211 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:10.760000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3537356230636464396236303432333066313566623431653037356662 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { bpf } for pid=8211 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { bpf } for pid=8211 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { bpf } for pid=8211 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { perfmon } for pid=8211 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { perfmon } for pid=8211 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { perfmon } for pid=8211 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { perfmon } for pid=8211 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { perfmon } for pid=8211 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { bpf } for pid=8211 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { bpf } for pid=8211 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit: BPF prog-id=183 op=LOAD Feb 9 12:44:10.760000 audit[8211]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c0001979d8 a2=78 a3=c0003e4450 items=0 ppid=4795 pid=8211 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:10.760000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3537356230636464396236303432333066313566623431653037356662 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { bpf } for pid=8211 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { bpf } for pid=8211 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { perfmon } for pid=8211 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { perfmon } for pid=8211 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { perfmon } for pid=8211 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { perfmon } for pid=8211 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { perfmon } for pid=8211 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { bpf } for pid=8211 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { bpf } for pid=8211 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit: BPF prog-id=184 op=LOAD Feb 9 12:44:10.760000 audit[8211]: SYSCALL arch=c000003e syscall=321 success=yes exit=17 a0=5 a1=c000197770 a2=78 a3=c0003e4498 items=0 ppid=4795 pid=8211 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:10.760000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3537356230636464396236303432333066313566623431653037356662 Feb 9 12:44:10.760000 audit: BPF prog-id=184 op=UNLOAD Feb 9 12:44:10.760000 audit: BPF prog-id=183 op=UNLOAD Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { bpf } for pid=8211 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { bpf } for pid=8211 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { bpf } for pid=8211 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { perfmon } for pid=8211 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { perfmon } for pid=8211 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { perfmon } for pid=8211 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { perfmon } for pid=8211 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { perfmon } for pid=8211 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { bpf } for pid=8211 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit[8211]: AVC avc: denied { bpf } for pid=8211 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 Feb 9 12:44:10.760000 audit: BPF prog-id=185 op=LOAD Feb 9 12:44:10.760000 audit[8211]: SYSCALL arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c000197c30 a2=78 a3=c0003e4528 items=0 ppid=4795 pid=8211 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:10.760000 audit: PROCTITLE proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3537356230636464396236303432333066313566623431653037356662 Feb 9 12:44:10.779642 env[1477]: time="2024-02-09T12:44:10.779616295Z" level=info msg="StartContainer for \"575b0cdd9b604230f15fb41e075fbd4dbb648ef39400cf6bbc6218ece1889c8d\" returns successfully" Feb 9 12:44:11.095600 kubelet[2604]: I0209 12:44:11.095579 2604 pod_startup_latency_tracker.go:102] "Observed pod startup duration" pod="calico-system/csi-node-driver-8dfwv" podStartSLOduration=73.686682125 podCreationTimestamp="2024-02-09 12:32:45 +0000 UTC" firstStartedPulling="2024-02-09 12:33:58.316068749 +0000 UTC m=+91.343555941" lastFinishedPulling="2024-02-09 12:44:10.724939125 +0000 UTC m=+703.752426319" observedRunningTime="2024-02-09 12:44:11.095047667 +0000 UTC m=+704.122534867" watchObservedRunningTime="2024-02-09 12:44:11.095552503 +0000 UTC m=+704.123039697" Feb 9 12:44:11.458976 kubelet[2604]: I0209 12:44:11.458808 2604 csi_plugin.go:99] kubernetes.io/csi: Trying to validate a new CSI Driver with name: csi.tigera.io endpoint: /var/lib/kubelet/plugins/csi.tigera.io/csi.sock versions: 1.0.0 Feb 9 12:44:11.458976 kubelet[2604]: I0209 12:44:11.458878 2604 csi_plugin.go:112] kubernetes.io/csi: Register new plugin with name: csi.tigera.io at endpoint: /var/lib/kubelet/plugins/csi.tigera.io/csi.sock Feb 9 12:44:12.365061 systemd[1]: Started sshd@156-86.109.11.101:22-147.75.109.163:33928.service. Feb 9 12:44:12.363000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@156-86.109.11.101:22-147.75.109.163:33928 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:12.391917 kernel: kauditd_printk_skb: 44 callbacks suppressed Feb 9 12:44:12.392030 kernel: audit: type=1130 audit(1707482652.363:2283): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@156-86.109.11.101:22-147.75.109.163:33928 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:12.509000 audit[8244]: USER_ACCT pid=8244 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:12.510420 sshd[8244]: Accepted publickey for core from 147.75.109.163 port 33928 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:44:12.511527 sshd[8244]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:44:12.513905 systemd-logind[1465]: New session 70 of user core. Feb 9 12:44:12.514388 systemd[1]: Started session-70.scope. Feb 9 12:44:12.594343 sshd[8244]: pam_unix(sshd:session): session closed for user core Feb 9 12:44:12.595766 systemd[1]: sshd@156-86.109.11.101:22-147.75.109.163:33928.service: Deactivated successfully. Feb 9 12:44:12.596314 systemd[1]: session-70.scope: Deactivated successfully. Feb 9 12:44:12.596716 systemd-logind[1465]: Session 70 logged out. Waiting for processes to exit. Feb 9 12:44:12.597095 systemd-logind[1465]: Removed session 70. Feb 9 12:44:12.510000 audit[8244]: CRED_ACQ pid=8244 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:12.694212 kernel: audit: type=1101 audit(1707482652.509:2284): pid=8244 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:12.694281 kernel: audit: type=1103 audit(1707482652.510:2285): pid=8244 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:12.694308 kernel: audit: type=1006 audit(1707482652.510:2286): pid=8244 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=70 res=1 Feb 9 12:44:12.510000 audit[8244]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff69c8e170 a2=3 a3=0 items=0 ppid=1 pid=8244 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=70 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:12.844890 kernel: audit: type=1300 audit(1707482652.510:2286): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff69c8e170 a2=3 a3=0 items=0 ppid=1 pid=8244 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=70 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:12.844946 kernel: audit: type=1327 audit(1707482652.510:2286): proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:12.510000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:12.515000 audit[8244]: USER_START pid=8244 uid=0 auid=500 ses=70 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:12.970014 kernel: audit: type=1105 audit(1707482652.515:2287): pid=8244 uid=0 auid=500 ses=70 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:12.970072 kernel: audit: type=1103 audit(1707482652.516:2288): pid=8246 uid=0 auid=500 ses=70 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:12.516000 audit[8246]: CRED_ACQ pid=8246 uid=0 auid=500 ses=70 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:12.593000 audit[8244]: USER_END pid=8244 uid=0 auid=500 ses=70 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:13.060297 kernel: audit: type=1106 audit(1707482652.593:2289): pid=8244 uid=0 auid=500 ses=70 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:12.593000 audit[8244]: CRED_DISP pid=8244 uid=0 auid=500 ses=70 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:13.244308 kernel: audit: type=1104 audit(1707482652.593:2290): pid=8244 uid=0 auid=500 ses=70 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:12.594000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@156-86.109.11.101:22-147.75.109.163:33928 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:17.596898 systemd[1]: Started sshd@157-86.109.11.101:22-147.75.109.163:58552.service. Feb 9 12:44:17.595000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@157-86.109.11.101:22-147.75.109.163:58552 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:17.623822 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:44:17.623887 kernel: audit: type=1130 audit(1707482657.595:2292): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@157-86.109.11.101:22-147.75.109.163:58552 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:17.740000 audit[8269]: USER_ACCT pid=8269 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:17.741721 sshd[8269]: Accepted publickey for core from 147.75.109.163 port 58552 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:44:17.742890 sshd[8269]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:44:17.745163 systemd-logind[1465]: New session 71 of user core. Feb 9 12:44:17.745676 systemd[1]: Started session-71.scope. Feb 9 12:44:17.825342 sshd[8269]: pam_unix(sshd:session): session closed for user core Feb 9 12:44:17.826819 systemd[1]: sshd@157-86.109.11.101:22-147.75.109.163:58552.service: Deactivated successfully. Feb 9 12:44:17.827267 systemd[1]: session-71.scope: Deactivated successfully. Feb 9 12:44:17.827598 systemd-logind[1465]: Session 71 logged out. Waiting for processes to exit. Feb 9 12:44:17.828041 systemd-logind[1465]: Removed session 71. Feb 9 12:44:17.741000 audit[8269]: CRED_ACQ pid=8269 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:17.925184 kernel: audit: type=1101 audit(1707482657.740:2293): pid=8269 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:17.925218 kernel: audit: type=1103 audit(1707482657.741:2294): pid=8269 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:17.925243 kernel: audit: type=1006 audit(1707482657.741:2295): pid=8269 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=71 res=1 Feb 9 12:44:17.983785 kernel: audit: type=1300 audit(1707482657.741:2295): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffecaea1a50 a2=3 a3=0 items=0 ppid=1 pid=8269 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=71 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:17.741000 audit[8269]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffecaea1a50 a2=3 a3=0 items=0 ppid=1 pid=8269 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=71 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:18.075858 kernel: audit: type=1327 audit(1707482657.741:2295): proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:17.741000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:18.106359 kernel: audit: type=1105 audit(1707482657.746:2296): pid=8269 uid=0 auid=500 ses=71 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:17.746000 audit[8269]: USER_START pid=8269 uid=0 auid=500 ses=71 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:18.200840 kernel: audit: type=1103 audit(1707482657.747:2297): pid=8271 uid=0 auid=500 ses=71 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:17.747000 audit[8271]: CRED_ACQ pid=8271 uid=0 auid=500 ses=71 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:18.290221 kernel: audit: type=1106 audit(1707482657.824:2298): pid=8269 uid=0 auid=500 ses=71 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:17.824000 audit[8269]: USER_END pid=8269 uid=0 auid=500 ses=71 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:18.385700 kernel: audit: type=1104 audit(1707482657.824:2299): pid=8269 uid=0 auid=500 ses=71 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:17.824000 audit[8269]: CRED_DISP pid=8269 uid=0 auid=500 ses=71 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:17.825000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@157-86.109.11.101:22-147.75.109.163:58552 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:22.830537 systemd[1]: Started sshd@158-86.109.11.101:22-147.75.109.163:58568.service. Feb 9 12:44:22.829000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@158-86.109.11.101:22-147.75.109.163:58568 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:22.856942 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:44:22.857033 kernel: audit: type=1130 audit(1707482662.829:2301): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@158-86.109.11.101:22-147.75.109.163:58568 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:22.990000 audit[8320]: USER_ACCT pid=8320 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:22.991674 sshd[8320]: Accepted publickey for core from 147.75.109.163 port 58568 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:44:22.993994 sshd[8320]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:44:22.999817 systemd-logind[1465]: New session 72 of user core. Feb 9 12:44:23.001136 systemd[1]: Started session-72.scope. Feb 9 12:44:22.992000 audit[8320]: CRED_ACQ pid=8320 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:23.087432 sshd[8320]: pam_unix(sshd:session): session closed for user core Feb 9 12:44:23.088889 systemd[1]: sshd@158-86.109.11.101:22-147.75.109.163:58568.service: Deactivated successfully. Feb 9 12:44:23.089322 systemd[1]: session-72.scope: Deactivated successfully. Feb 9 12:44:23.089718 systemd-logind[1465]: Session 72 logged out. Waiting for processes to exit. Feb 9 12:44:23.090152 systemd-logind[1465]: Removed session 72. Feb 9 12:44:23.173459 kernel: audit: type=1101 audit(1707482662.990:2302): pid=8320 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:23.173510 kernel: audit: type=1103 audit(1707482662.992:2303): pid=8320 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:23.173528 kernel: audit: type=1006 audit(1707482662.992:2304): pid=8320 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=72 res=1 Feb 9 12:44:22.992000 audit[8320]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe72219950 a2=3 a3=0 items=0 ppid=1 pid=8320 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=72 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:23.324200 kernel: audit: type=1300 audit(1707482662.992:2304): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe72219950 a2=3 a3=0 items=0 ppid=1 pid=8320 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=72 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:23.324265 kernel: audit: type=1327 audit(1707482662.992:2304): proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:22.992000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:23.354782 kernel: audit: type=1105 audit(1707482663.007:2305): pid=8320 uid=0 auid=500 ses=72 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:23.007000 audit[8320]: USER_START pid=8320 uid=0 auid=500 ses=72 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:23.008000 audit[8322]: CRED_ACQ pid=8322 uid=0 auid=500 ses=72 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:23.538716 kernel: audit: type=1103 audit(1707482663.008:2306): pid=8322 uid=0 auid=500 ses=72 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:23.538796 kernel: audit: type=1106 audit(1707482663.086:2307): pid=8320 uid=0 auid=500 ses=72 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:23.086000 audit[8320]: USER_END pid=8320 uid=0 auid=500 ses=72 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:23.087000 audit[8320]: CRED_DISP pid=8320 uid=0 auid=500 ses=72 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:23.723808 kernel: audit: type=1104 audit(1707482663.087:2308): pid=8320 uid=0 auid=500 ses=72 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:23.087000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@158-86.109.11.101:22-147.75.109.163:58568 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:23.332000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:44:23.332000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c002863f20 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:44:23.332000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:44:23.332000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:44:23.332000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c000d268e0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:44:23.332000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:44:23.463000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:44:23.463000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=67 a1=c00a6ed200 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:44:23.463000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:44:23.464000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:44:23.464000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="sda9" ino=521013 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:44:23.464000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=68 a1=c00a6ed4a0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:44:23.464000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=67 a1=c007416140 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:44:23.464000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="sda9" ino=521007 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:44:23.464000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:44:23.464000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:44:23.464000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=69 a1=c009eae8a0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:44:23.464000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:44:23.464000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:44:23.464000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=69 a1=c0071ceba0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:44:23.464000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:44:23.464000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:44:23.464000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=67 a1=c00c161620 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:44:23.464000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:44:28.091292 systemd[1]: Started sshd@159-86.109.11.101:22-147.75.109.163:44626.service. Feb 9 12:44:28.090000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@159-86.109.11.101:22-147.75.109.163:44626 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:28.118432 kernel: kauditd_printk_skb: 25 callbacks suppressed Feb 9 12:44:28.118482 kernel: audit: type=1130 audit(1707482668.090:2318): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@159-86.109.11.101:22-147.75.109.163:44626 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:28.236000 audit[8348]: USER_ACCT pid=8348 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:28.237486 sshd[8348]: Accepted publickey for core from 147.75.109.163 port 44626 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:44:28.238546 sshd[8348]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:44:28.240918 systemd-logind[1465]: New session 73 of user core. Feb 9 12:44:28.241446 systemd[1]: Started session-73.scope. Feb 9 12:44:28.321891 sshd[8348]: pam_unix(sshd:session): session closed for user core Feb 9 12:44:28.323265 systemd[1]: sshd@159-86.109.11.101:22-147.75.109.163:44626.service: Deactivated successfully. Feb 9 12:44:28.323688 systemd[1]: session-73.scope: Deactivated successfully. Feb 9 12:44:28.324007 systemd-logind[1465]: Session 73 logged out. Waiting for processes to exit. Feb 9 12:44:28.324459 systemd-logind[1465]: Removed session 73. Feb 9 12:44:28.237000 audit[8348]: CRED_ACQ pid=8348 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:28.421297 kernel: audit: type=1101 audit(1707482668.236:2319): pid=8348 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:28.421342 kernel: audit: type=1103 audit(1707482668.237:2320): pid=8348 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:28.421390 kernel: audit: type=1006 audit(1707482668.237:2321): pid=8348 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=73 res=1 Feb 9 12:44:28.479938 kernel: audit: type=1300 audit(1707482668.237:2321): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff4cc15360 a2=3 a3=0 items=0 ppid=1 pid=8348 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=73 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:28.237000 audit[8348]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff4cc15360 a2=3 a3=0 items=0 ppid=1 pid=8348 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=73 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:28.572025 kernel: audit: type=1327 audit(1707482668.237:2321): proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:28.237000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:28.602549 kernel: audit: type=1105 audit(1707482668.242:2322): pid=8348 uid=0 auid=500 ses=73 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:28.242000 audit[8348]: USER_START pid=8348 uid=0 auid=500 ses=73 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:28.697167 kernel: audit: type=1103 audit(1707482668.242:2323): pid=8350 uid=0 auid=500 ses=73 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:28.242000 audit[8350]: CRED_ACQ pid=8350 uid=0 auid=500 ses=73 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:28.786464 kernel: audit: type=1106 audit(1707482668.321:2324): pid=8348 uid=0 auid=500 ses=73 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:28.321000 audit[8348]: USER_END pid=8348 uid=0 auid=500 ses=73 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:28.882069 kernel: audit: type=1104 audit(1707482668.321:2325): pid=8348 uid=0 auid=500 ses=73 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:28.321000 audit[8348]: CRED_DISP pid=8348 uid=0 auid=500 ses=73 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:28.322000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@159-86.109.11.101:22-147.75.109.163:44626 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:33.331654 systemd[1]: Started sshd@160-86.109.11.101:22-147.75.109.163:44632.service. Feb 9 12:44:33.330000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@160-86.109.11.101:22-147.75.109.163:44632 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:33.358644 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:44:33.358747 kernel: audit: type=1130 audit(1707482673.330:2327): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@160-86.109.11.101:22-147.75.109.163:44632 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:33.483000 audit[8417]: USER_ACCT pid=8417 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:33.485009 sshd[8417]: Accepted publickey for core from 147.75.109.163 port 44632 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:44:33.485935 sshd[8417]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:44:33.488034 systemd-logind[1465]: New session 74 of user core. Feb 9 12:44:33.488558 systemd[1]: Started session-74.scope. Feb 9 12:44:33.568334 sshd[8417]: pam_unix(sshd:session): session closed for user core Feb 9 12:44:33.569679 systemd[1]: sshd@160-86.109.11.101:22-147.75.109.163:44632.service: Deactivated successfully. Feb 9 12:44:33.570111 systemd[1]: session-74.scope: Deactivated successfully. Feb 9 12:44:33.570445 systemd-logind[1465]: Session 74 logged out. Waiting for processes to exit. Feb 9 12:44:33.570905 systemd-logind[1465]: Removed session 74. Feb 9 12:44:33.484000 audit[8417]: CRED_ACQ pid=8417 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:33.666908 kernel: audit: type=1101 audit(1707482673.483:2328): pid=8417 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:33.666945 kernel: audit: type=1103 audit(1707482673.484:2329): pid=8417 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:33.666969 kernel: audit: type=1006 audit(1707482673.484:2330): pid=8417 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=74 res=1 Feb 9 12:44:33.725508 kernel: audit: type=1300 audit(1707482673.484:2330): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffea1231140 a2=3 a3=0 items=0 ppid=1 pid=8417 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=74 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:33.484000 audit[8417]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffea1231140 a2=3 a3=0 items=0 ppid=1 pid=8417 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=74 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:33.817551 kernel: audit: type=1327 audit(1707482673.484:2330): proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:33.484000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:33.848052 kernel: audit: type=1105 audit(1707482673.489:2331): pid=8417 uid=0 auid=500 ses=74 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:33.489000 audit[8417]: USER_START pid=8417 uid=0 auid=500 ses=74 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:33.942570 kernel: audit: type=1103 audit(1707482673.490:2332): pid=8419 uid=0 auid=500 ses=74 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:33.490000 audit[8419]: CRED_ACQ pid=8419 uid=0 auid=500 ses=74 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:34.031819 kernel: audit: type=1106 audit(1707482673.567:2333): pid=8417 uid=0 auid=500 ses=74 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:33.567000 audit[8417]: USER_END pid=8417 uid=0 auid=500 ses=74 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:33.567000 audit[8417]: CRED_DISP pid=8417 uid=0 auid=500 ses=74 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:34.128316 kernel: audit: type=1104 audit(1707482673.567:2334): pid=8417 uid=0 auid=500 ses=74 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:33.568000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@160-86.109.11.101:22-147.75.109.163:44632 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:38.578276 systemd[1]: Started sshd@161-86.109.11.101:22-147.75.109.163:46164.service. Feb 9 12:44:38.578000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@161-86.109.11.101:22-147.75.109.163:46164 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:38.605139 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:44:38.605179 kernel: audit: type=1130 audit(1707482678.578:2336): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@161-86.109.11.101:22-147.75.109.163:46164 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:38.679289 systemd[1]: Started sshd@162-86.109.11.101:22-43.153.64.49:39204.service. Feb 9 12:44:38.679000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@162-86.109.11.101:22-43.153.64.49:39204 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:38.724608 sshd[8442]: Accepted publickey for core from 147.75.109.163 port 46164 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:44:38.726020 sshd[8442]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:44:38.728462 systemd-logind[1465]: New session 75 of user core. Feb 9 12:44:38.728969 systemd[1]: Started session-75.scope. Feb 9 12:44:38.782936 kernel: audit: type=1130 audit(1707482678.679:2337): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@162-86.109.11.101:22-43.153.64.49:39204 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:38.783012 kernel: audit: type=1101 audit(1707482678.724:2338): pid=8442 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:38.724000 audit[8442]: USER_ACCT pid=8442 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:38.804874 sshd[8442]: pam_unix(sshd:session): session closed for user core Feb 9 12:44:38.806309 systemd[1]: sshd@161-86.109.11.101:22-147.75.109.163:46164.service: Deactivated successfully. Feb 9 12:44:38.806748 systemd[1]: session-75.scope: Deactivated successfully. Feb 9 12:44:38.807151 systemd-logind[1465]: Session 75 logged out. Waiting for processes to exit. Feb 9 12:44:38.807727 systemd-logind[1465]: Removed session 75. Feb 9 12:44:38.853930 sshd[8445]: Invalid user venos from 43.153.64.49 port 39204 Feb 9 12:44:38.855045 sshd[8445]: pam_faillock(sshd:auth): User unknown Feb 9 12:44:38.855249 sshd[8445]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:44:38.855265 sshd[8445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.153.64.49 Feb 9 12:44:38.855501 sshd[8445]: pam_faillock(sshd:auth): User unknown Feb 9 12:44:38.874930 kernel: audit: type=1103 audit(1707482678.725:2339): pid=8442 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:38.725000 audit[8442]: CRED_ACQ pid=8442 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:38.965415 kernel: audit: type=1006 audit(1707482678.725:2340): pid=8442 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=75 res=1 Feb 9 12:44:39.024034 kernel: audit: type=1300 audit(1707482678.725:2340): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff116cf870 a2=3 a3=0 items=0 ppid=1 pid=8442 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=75 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:38.725000 audit[8442]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff116cf870 a2=3 a3=0 items=0 ppid=1 pid=8442 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=75 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:39.116030 kernel: audit: type=1327 audit(1707482678.725:2340): proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:38.725000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:38.730000 audit[8442]: USER_START pid=8442 uid=0 auid=500 ses=75 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:39.241945 kernel: audit: type=1105 audit(1707482678.730:2341): pid=8442 uid=0 auid=500 ses=75 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:39.241986 kernel: audit: type=1103 audit(1707482678.731:2342): pid=8447 uid=0 auid=500 ses=75 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:38.731000 audit[8447]: CRED_ACQ pid=8447 uid=0 auid=500 ses=75 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:38.805000 audit[8442]: USER_END pid=8442 uid=0 auid=500 ses=75 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:39.426875 kernel: audit: type=1106 audit(1707482678.805:2343): pid=8442 uid=0 auid=500 ses=75 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:38.805000 audit[8442]: CRED_DISP pid=8442 uid=0 auid=500 ses=75 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:38.806000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@161-86.109.11.101:22-147.75.109.163:46164 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:38.855000 audit[8445]: USER_AUTH pid=8445 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="venos" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:44:39.226000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:44:39.226000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0030ec440 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:44:39.226000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:44:39.227000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:44:39.227000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0011ec780 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:44:39.227000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:44:39.227000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:44:39.227000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=b a1=c0011ec7a0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:44:39.227000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:44:39.229000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:44:39.229000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0001b5660 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:44:39.229000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:44:40.881523 sshd[8445]: Failed password for invalid user venos from 43.153.64.49 port 39204 ssh2 Feb 9 12:44:42.082282 sshd[8445]: Received disconnect from 43.153.64.49 port 39204:11: Bye Bye [preauth] Feb 9 12:44:42.082282 sshd[8445]: Disconnected from invalid user venos 43.153.64.49 port 39204 [preauth] Feb 9 12:44:42.082986 systemd[1]: sshd@162-86.109.11.101:22-43.153.64.49:39204.service: Deactivated successfully. Feb 9 12:44:42.082000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@162-86.109.11.101:22-43.153.64.49:39204 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:43.814403 systemd[1]: Started sshd@163-86.109.11.101:22-147.75.109.163:46176.service. Feb 9 12:44:43.814000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@163-86.109.11.101:22-147.75.109.163:46176 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:43.841423 kernel: kauditd_printk_skb: 16 callbacks suppressed Feb 9 12:44:43.841496 kernel: audit: type=1130 audit(1707482683.814:2352): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@163-86.109.11.101:22-147.75.109.163:46176 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:43.960831 sshd[8475]: Accepted publickey for core from 147.75.109.163 port 46176 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:44:43.960000 audit[8475]: USER_ACCT pid=8475 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:43.962417 sshd[8475]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:44:43.964901 systemd-logind[1465]: New session 76 of user core. Feb 9 12:44:43.965405 systemd[1]: Started session-76.scope. Feb 9 12:44:44.042837 sshd[8475]: pam_unix(sshd:session): session closed for user core Feb 9 12:44:44.044296 systemd[1]: sshd@163-86.109.11.101:22-147.75.109.163:46176.service: Deactivated successfully. Feb 9 12:44:44.044740 systemd[1]: session-76.scope: Deactivated successfully. Feb 9 12:44:44.045088 systemd-logind[1465]: Session 76 logged out. Waiting for processes to exit. Feb 9 12:44:44.045640 systemd-logind[1465]: Removed session 76. Feb 9 12:44:43.961000 audit[8475]: CRED_ACQ pid=8475 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:44.143788 kernel: audit: type=1101 audit(1707482683.960:2353): pid=8475 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:44.143819 kernel: audit: type=1103 audit(1707482683.961:2354): pid=8475 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:44.143838 kernel: audit: type=1006 audit(1707482683.961:2355): pid=8475 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=76 res=1 Feb 9 12:44:43.961000 audit[8475]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe05e28e20 a2=3 a3=0 items=0 ppid=1 pid=8475 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=76 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:44.295307 kernel: audit: type=1300 audit(1707482683.961:2355): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe05e28e20 a2=3 a3=0 items=0 ppid=1 pid=8475 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=76 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:44.295346 kernel: audit: type=1327 audit(1707482683.961:2355): proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:43.961000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:44.325985 kernel: audit: type=1105 audit(1707482683.967:2356): pid=8475 uid=0 auid=500 ses=76 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:43.967000 audit[8475]: USER_START pid=8475 uid=0 auid=500 ses=76 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:44.421005 kernel: audit: type=1103 audit(1707482683.968:2357): pid=8478 uid=0 auid=500 ses=76 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:43.968000 audit[8478]: CRED_ACQ pid=8478 uid=0 auid=500 ses=76 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:44.510748 kernel: audit: type=1106 audit(1707482684.043:2358): pid=8475 uid=0 auid=500 ses=76 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:44.043000 audit[8475]: USER_END pid=8475 uid=0 auid=500 ses=76 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:44.606797 kernel: audit: type=1104 audit(1707482684.043:2359): pid=8475 uid=0 auid=500 ses=76 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:44.043000 audit[8475]: CRED_DISP pid=8475 uid=0 auid=500 ses=76 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:44.044000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@163-86.109.11.101:22-147.75.109.163:46176 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:49.046869 systemd[1]: Started sshd@164-86.109.11.101:22-147.75.109.163:37792.service. Feb 9 12:44:49.046000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@164-86.109.11.101:22-147.75.109.163:37792 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:49.074032 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:44:49.074105 kernel: audit: type=1130 audit(1707482689.046:2361): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@164-86.109.11.101:22-147.75.109.163:37792 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:49.102927 sshd[8504]: Accepted publickey for core from 147.75.109.163 port 37792 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:44:49.104570 sshd[8504]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:44:49.107870 systemd-logind[1465]: New session 77 of user core. Feb 9 12:44:49.109163 systemd[1]: Started session-77.scope. Feb 9 12:44:49.102000 audit[8504]: USER_ACCT pid=8504 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:49.188165 sshd[8504]: pam_unix(sshd:session): session closed for user core Feb 9 12:44:49.189769 systemd[1]: sshd@164-86.109.11.101:22-147.75.109.163:37792.service: Deactivated successfully. Feb 9 12:44:49.190431 systemd[1]: session-77.scope: Deactivated successfully. Feb 9 12:44:49.190960 systemd-logind[1465]: Session 77 logged out. Waiting for processes to exit. Feb 9 12:44:49.191528 systemd-logind[1465]: Removed session 77. Feb 9 12:44:49.255415 kernel: audit: type=1101 audit(1707482689.102:2362): pid=8504 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:49.255460 kernel: audit: type=1103 audit(1707482689.104:2363): pid=8504 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:49.104000 audit[8504]: CRED_ACQ pid=8504 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:49.345861 kernel: audit: type=1006 audit(1707482689.104:2364): pid=8504 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=77 res=1 Feb 9 12:44:49.104000 audit[8504]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffff4e88c00 a2=3 a3=0 items=0 ppid=1 pid=8504 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=77 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:49.497409 kernel: audit: type=1300 audit(1707482689.104:2364): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffff4e88c00 a2=3 a3=0 items=0 ppid=1 pid=8504 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=77 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:49.497463 kernel: audit: type=1327 audit(1707482689.104:2364): proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:49.104000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:49.528131 kernel: audit: type=1105 audit(1707482689.111:2365): pid=8504 uid=0 auid=500 ses=77 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:49.111000 audit[8504]: USER_START pid=8504 uid=0 auid=500 ses=77 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:49.112000 audit[8507]: CRED_ACQ pid=8507 uid=0 auid=500 ses=77 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:49.624233 kernel: audit: type=1103 audit(1707482689.112:2366): pid=8507 uid=0 auid=500 ses=77 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:49.188000 audit[8504]: USER_END pid=8504 uid=0 auid=500 ses=77 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:49.808370 kernel: audit: type=1106 audit(1707482689.188:2367): pid=8504 uid=0 auid=500 ses=77 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:49.808424 kernel: audit: type=1104 audit(1707482689.188:2368): pid=8504 uid=0 auid=500 ses=77 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:49.188000 audit[8504]: CRED_DISP pid=8504 uid=0 auid=500 ses=77 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:49.189000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@164-86.109.11.101:22-147.75.109.163:37792 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:53.134528 systemd[1]: Started sshd@165-86.109.11.101:22-160.242.48.130:39382.service. Feb 9 12:44:53.134000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@165-86.109.11.101:22-160.242.48.130:39382 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:53.161060 sshd[8582]: kex_exchange_identification: Connection closed by remote host Feb 9 12:44:53.161060 sshd[8582]: Connection closed by 160.242.48.130 port 39382 Feb 9 12:44:53.162345 systemd[1]: sshd@165-86.109.11.101:22-160.242.48.130:39382.service: Deactivated successfully. Feb 9 12:44:53.162000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@165-86.109.11.101:22-160.242.48.130:39382 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:54.195004 systemd[1]: Started sshd@166-86.109.11.101:22-147.75.109.163:37806.service. Feb 9 12:44:54.194000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@166-86.109.11.101:22-147.75.109.163:37806 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:54.222328 kernel: kauditd_printk_skb: 3 callbacks suppressed Feb 9 12:44:54.222420 kernel: audit: type=1130 audit(1707482694.194:2372): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@166-86.109.11.101:22-147.75.109.163:37806 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:54.339000 audit[8585]: USER_ACCT pid=8585 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:54.339783 sshd[8585]: Accepted publickey for core from 147.75.109.163 port 37806 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:44:54.340901 sshd[8585]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:44:54.343457 systemd-logind[1465]: New session 78 of user core. Feb 9 12:44:54.343893 systemd[1]: Started session-78.scope. Feb 9 12:44:54.421545 sshd[8585]: pam_unix(sshd:session): session closed for user core Feb 9 12:44:54.422926 systemd[1]: sshd@166-86.109.11.101:22-147.75.109.163:37806.service: Deactivated successfully. Feb 9 12:44:54.423377 systemd[1]: session-78.scope: Deactivated successfully. Feb 9 12:44:54.423800 systemd-logind[1465]: Session 78 logged out. Waiting for processes to exit. Feb 9 12:44:54.424296 systemd-logind[1465]: Removed session 78. Feb 9 12:44:54.340000 audit[8585]: CRED_ACQ pid=8585 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:54.431312 kernel: audit: type=1101 audit(1707482694.339:2373): pid=8585 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:54.431353 kernel: audit: type=1103 audit(1707482694.340:2374): pid=8585 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:54.580121 kernel: audit: type=1006 audit(1707482694.340:2375): pid=8585 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=78 res=1 Feb 9 12:44:54.580213 kernel: audit: type=1300 audit(1707482694.340:2375): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffabb49a10 a2=3 a3=0 items=0 ppid=1 pid=8585 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=78 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:54.340000 audit[8585]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffabb49a10 a2=3 a3=0 items=0 ppid=1 pid=8585 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=78 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:54.340000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:54.702727 kernel: audit: type=1327 audit(1707482694.340:2375): proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:54.702795 kernel: audit: type=1105 audit(1707482694.345:2376): pid=8585 uid=0 auid=500 ses=78 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:54.345000 audit[8585]: USER_START pid=8585 uid=0 auid=500 ses=78 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:54.346000 audit[8587]: CRED_ACQ pid=8587 uid=0 auid=500 ses=78 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:54.886697 kernel: audit: type=1103 audit(1707482694.346:2377): pid=8587 uid=0 auid=500 ses=78 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:54.886760 kernel: audit: type=1106 audit(1707482694.421:2378): pid=8585 uid=0 auid=500 ses=78 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:54.421000 audit[8585]: USER_END pid=8585 uid=0 auid=500 ses=78 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:54.982241 kernel: audit: type=1104 audit(1707482694.422:2379): pid=8585 uid=0 auid=500 ses=78 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:54.422000 audit[8585]: CRED_DISP pid=8585 uid=0 auid=500 ses=78 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:54.422000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@166-86.109.11.101:22-147.75.109.163:37806 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:59.431491 systemd[1]: Started sshd@167-86.109.11.101:22-147.75.109.163:55628.service. Feb 9 12:44:59.431000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@167-86.109.11.101:22-147.75.109.163:55628 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:59.458264 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:44:59.458317 kernel: audit: type=1130 audit(1707482699.431:2381): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@167-86.109.11.101:22-147.75.109.163:55628 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:44:59.584000 audit[8623]: USER_ACCT pid=8623 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:59.584586 sshd[8623]: Accepted publickey for core from 147.75.109.163 port 55628 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:44:59.586329 sshd[8623]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:44:59.589084 systemd-logind[1465]: New session 79 of user core. Feb 9 12:44:59.589653 systemd[1]: Started session-79.scope. Feb 9 12:44:59.668409 sshd[8623]: pam_unix(sshd:session): session closed for user core Feb 9 12:44:59.669890 systemd[1]: sshd@167-86.109.11.101:22-147.75.109.163:55628.service: Deactivated successfully. Feb 9 12:44:59.670374 systemd[1]: session-79.scope: Deactivated successfully. Feb 9 12:44:59.670724 systemd-logind[1465]: Session 79 logged out. Waiting for processes to exit. Feb 9 12:44:59.671127 systemd-logind[1465]: Removed session 79. Feb 9 12:44:59.585000 audit[8623]: CRED_ACQ pid=8623 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:59.769100 kernel: audit: type=1101 audit(1707482699.584:2382): pid=8623 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:59.769141 kernel: audit: type=1103 audit(1707482699.585:2383): pid=8623 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:59.769162 kernel: audit: type=1006 audit(1707482699.585:2384): pid=8623 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=79 res=1 Feb 9 12:44:59.827698 kernel: audit: type=1300 audit(1707482699.585:2384): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff8947a2a0 a2=3 a3=0 items=0 ppid=1 pid=8623 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=79 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:59.585000 audit[8623]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff8947a2a0 a2=3 a3=0 items=0 ppid=1 pid=8623 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=79 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:44:59.920169 kernel: audit: type=1327 audit(1707482699.585:2384): proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:59.585000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:44:59.950837 kernel: audit: type=1105 audit(1707482699.591:2385): pid=8623 uid=0 auid=500 ses=79 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:59.591000 audit[8623]: USER_START pid=8623 uid=0 auid=500 ses=79 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:00.045499 kernel: audit: type=1103 audit(1707482699.592:2386): pid=8625 uid=0 auid=500 ses=79 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:59.592000 audit[8625]: CRED_ACQ pid=8625 uid=0 auid=500 ses=79 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:00.134762 kernel: audit: type=1106 audit(1707482699.668:2387): pid=8623 uid=0 auid=500 ses=79 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:59.668000 audit[8623]: USER_END pid=8623 uid=0 auid=500 ses=79 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:00.230310 kernel: audit: type=1104 audit(1707482699.669:2388): pid=8623 uid=0 auid=500 ses=79 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:59.669000 audit[8623]: CRED_DISP pid=8623 uid=0 auid=500 ses=79 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:44:59.669000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@167-86.109.11.101:22-147.75.109.163:55628 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:04.678349 systemd[1]: Started sshd@168-86.109.11.101:22-147.75.109.163:37928.service. Feb 9 12:45:04.677000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@168-86.109.11.101:22-147.75.109.163:37928 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:04.705132 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:45:04.705204 kernel: audit: type=1130 audit(1707482704.677:2390): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@168-86.109.11.101:22-147.75.109.163:37928 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:04.824000 audit[8666]: USER_ACCT pid=8666 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:04.824522 sshd[8666]: Accepted publickey for core from 147.75.109.163 port 37928 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:45:04.826308 sshd[8666]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:45:04.828672 systemd-logind[1465]: New session 80 of user core. Feb 9 12:45:04.829135 systemd[1]: Started session-80.scope. Feb 9 12:45:04.908219 sshd[8666]: pam_unix(sshd:session): session closed for user core Feb 9 12:45:04.909904 systemd[1]: sshd@168-86.109.11.101:22-147.75.109.163:37928.service: Deactivated successfully. Feb 9 12:45:04.910428 systemd[1]: session-80.scope: Deactivated successfully. Feb 9 12:45:04.910835 systemd-logind[1465]: Session 80 logged out. Waiting for processes to exit. Feb 9 12:45:04.911369 systemd-logind[1465]: Removed session 80. Feb 9 12:45:04.825000 audit[8666]: CRED_ACQ pid=8666 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:05.008701 kernel: audit: type=1101 audit(1707482704.824:2391): pid=8666 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:05.008746 kernel: audit: type=1103 audit(1707482704.825:2392): pid=8666 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:05.008764 kernel: audit: type=1006 audit(1707482704.825:2393): pid=8666 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=80 res=1 Feb 9 12:45:05.067313 kernel: audit: type=1300 audit(1707482704.825:2393): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff975cdae0 a2=3 a3=0 items=0 ppid=1 pid=8666 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=80 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:04.825000 audit[8666]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff975cdae0 a2=3 a3=0 items=0 ppid=1 pid=8666 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=80 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:05.159302 kernel: audit: type=1327 audit(1707482704.825:2393): proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:04.825000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:05.189789 kernel: audit: type=1105 audit(1707482704.830:2394): pid=8666 uid=0 auid=500 ses=80 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:04.830000 audit[8666]: USER_START pid=8666 uid=0 auid=500 ses=80 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:04.830000 audit[8668]: CRED_ACQ pid=8668 uid=0 auid=500 ses=80 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:05.373633 kernel: audit: type=1103 audit(1707482704.830:2395): pid=8668 uid=0 auid=500 ses=80 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:05.373660 kernel: audit: type=1106 audit(1707482704.907:2396): pid=8666 uid=0 auid=500 ses=80 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:04.907000 audit[8666]: USER_END pid=8666 uid=0 auid=500 ses=80 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:05.469134 kernel: audit: type=1104 audit(1707482704.907:2397): pid=8666 uid=0 auid=500 ses=80 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:04.907000 audit[8666]: CRED_DISP pid=8666 uid=0 auid=500 ses=80 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:04.908000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@168-86.109.11.101:22-147.75.109.163:37928 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:09.917897 systemd[1]: Started sshd@169-86.109.11.101:22-147.75.109.163:37938.service. Feb 9 12:45:09.916000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@169-86.109.11.101:22-147.75.109.163:37938 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:09.944943 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:45:09.945012 kernel: audit: type=1130 audit(1707482709.916:2399): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@169-86.109.11.101:22-147.75.109.163:37938 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:10.063357 sshd[8691]: Accepted publickey for core from 147.75.109.163 port 37938 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:45:10.062000 audit[8691]: USER_ACCT pid=8691 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:10.064869 sshd[8691]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:45:10.067180 systemd-logind[1465]: New session 81 of user core. Feb 9 12:45:10.067684 systemd[1]: Started session-81.scope. Feb 9 12:45:10.146211 sshd[8691]: pam_unix(sshd:session): session closed for user core Feb 9 12:45:10.147643 systemd[1]: sshd@169-86.109.11.101:22-147.75.109.163:37938.service: Deactivated successfully. Feb 9 12:45:10.148086 systemd[1]: session-81.scope: Deactivated successfully. Feb 9 12:45:10.148525 systemd-logind[1465]: Session 81 logged out. Waiting for processes to exit. Feb 9 12:45:10.149031 systemd-logind[1465]: Removed session 81. Feb 9 12:45:10.063000 audit[8691]: CRED_ACQ pid=8691 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:10.245306 kernel: audit: type=1101 audit(1707482710.062:2400): pid=8691 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:10.245356 kernel: audit: type=1103 audit(1707482710.063:2401): pid=8691 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:10.245378 kernel: audit: type=1006 audit(1707482710.063:2402): pid=8691 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=81 res=1 Feb 9 12:45:10.304083 kernel: audit: type=1300 audit(1707482710.063:2402): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe333ef080 a2=3 a3=0 items=0 ppid=1 pid=8691 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=81 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:10.063000 audit[8691]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe333ef080 a2=3 a3=0 items=0 ppid=1 pid=8691 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=81 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:10.396058 kernel: audit: type=1327 audit(1707482710.063:2402): proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:10.063000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:10.426547 kernel: audit: type=1105 audit(1707482710.068:2403): pid=8691 uid=0 auid=500 ses=81 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:10.068000 audit[8691]: USER_START pid=8691 uid=0 auid=500 ses=81 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:10.521001 kernel: audit: type=1103 audit(1707482710.069:2404): pid=8693 uid=0 auid=500 ses=81 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:10.069000 audit[8693]: CRED_ACQ pid=8693 uid=0 auid=500 ses=81 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:10.610189 kernel: audit: type=1106 audit(1707482710.145:2405): pid=8691 uid=0 auid=500 ses=81 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:10.145000 audit[8691]: USER_END pid=8691 uid=0 auid=500 ses=81 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:10.705674 kernel: audit: type=1104 audit(1707482710.145:2406): pid=8691 uid=0 auid=500 ses=81 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:10.145000 audit[8691]: CRED_DISP pid=8691 uid=0 auid=500 ses=81 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:10.718058 systemd[1]: Started sshd@170-86.109.11.101:22-106.54.212.205:36328.service. Feb 9 12:45:10.146000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@169-86.109.11.101:22-147.75.109.163:37938 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:10.716000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@170-86.109.11.101:22-106.54.212.205:36328 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:12.198048 sshd[8715]: Invalid user msv from 106.54.212.205 port 36328 Feb 9 12:45:12.203727 sshd[8715]: pam_faillock(sshd:auth): User unknown Feb 9 12:45:12.204613 sshd[8715]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:45:12.204698 sshd[8715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.212.205 Feb 9 12:45:12.205539 sshd[8715]: pam_faillock(sshd:auth): User unknown Feb 9 12:45:12.204000 audit[8715]: USER_AUTH pid=8715 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="msv" exe="/usr/sbin/sshd" hostname=106.54.212.205 addr=106.54.212.205 terminal=ssh res=failed' Feb 9 12:45:13.564927 sshd[8715]: Failed password for invalid user msv from 106.54.212.205 port 36328 ssh2 Feb 9 12:45:14.118797 sshd[8715]: Received disconnect from 106.54.212.205 port 36328:11: Bye Bye [preauth] Feb 9 12:45:14.118797 sshd[8715]: Disconnected from invalid user msv 106.54.212.205 port 36328 [preauth] Feb 9 12:45:14.121315 systemd[1]: sshd@170-86.109.11.101:22-106.54.212.205:36328.service: Deactivated successfully. Feb 9 12:45:14.120000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@170-86.109.11.101:22-106.54.212.205:36328 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:15.156238 systemd[1]: Started sshd@171-86.109.11.101:22-147.75.109.163:53004.service. Feb 9 12:45:15.155000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@171-86.109.11.101:22-147.75.109.163:53004 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:15.183053 kernel: kauditd_printk_skb: 4 callbacks suppressed Feb 9 12:45:15.183126 kernel: audit: type=1130 audit(1707482715.155:2411): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@171-86.109.11.101:22-147.75.109.163:53004 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:15.299000 audit[8721]: USER_ACCT pid=8721 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:15.300831 sshd[8721]: Accepted publickey for core from 147.75.109.163 port 53004 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:45:15.301556 sshd[8721]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:45:15.304207 systemd-logind[1465]: New session 82 of user core. Feb 9 12:45:15.304781 systemd[1]: Started session-82.scope. Feb 9 12:45:15.384015 sshd[8721]: pam_unix(sshd:session): session closed for user core Feb 9 12:45:15.385459 systemd[1]: sshd@171-86.109.11.101:22-147.75.109.163:53004.service: Deactivated successfully. Feb 9 12:45:15.385888 systemd[1]: session-82.scope: Deactivated successfully. Feb 9 12:45:15.386159 systemd-logind[1465]: Session 82 logged out. Waiting for processes to exit. Feb 9 12:45:15.386675 systemd-logind[1465]: Removed session 82. Feb 9 12:45:15.300000 audit[8721]: CRED_ACQ pid=8721 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:15.482511 kernel: audit: type=1101 audit(1707482715.299:2412): pid=8721 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:15.482563 kernel: audit: type=1103 audit(1707482715.300:2413): pid=8721 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:15.482582 kernel: audit: type=1006 audit(1707482715.300:2414): pid=8721 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=82 res=1 Feb 9 12:45:15.541064 kernel: audit: type=1300 audit(1707482715.300:2414): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc137ebef0 a2=3 a3=0 items=0 ppid=1 pid=8721 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=82 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:15.300000 audit[8721]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc137ebef0 a2=3 a3=0 items=0 ppid=1 pid=8721 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=82 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:15.632989 kernel: audit: type=1327 audit(1707482715.300:2414): proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:15.300000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:15.663498 kernel: audit: type=1105 audit(1707482715.305:2415): pid=8721 uid=0 auid=500 ses=82 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:15.305000 audit[8721]: USER_START pid=8721 uid=0 auid=500 ses=82 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:15.757913 kernel: audit: type=1103 audit(1707482715.306:2416): pid=8723 uid=0 auid=500 ses=82 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:15.306000 audit[8723]: CRED_ACQ pid=8723 uid=0 auid=500 ses=82 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:15.847017 kernel: audit: type=1106 audit(1707482715.383:2417): pid=8721 uid=0 auid=500 ses=82 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:15.383000 audit[8721]: USER_END pid=8721 uid=0 auid=500 ses=82 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:15.942581 kernel: audit: type=1104 audit(1707482715.383:2418): pid=8721 uid=0 auid=500 ses=82 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:15.383000 audit[8721]: CRED_DISP pid=8721 uid=0 auid=500 ses=82 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:15.384000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@171-86.109.11.101:22-147.75.109.163:53004 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:19.619067 systemd[1]: Started sshd@172-86.109.11.101:22-218.92.0.24:31347.service. Feb 9 12:45:19.618000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@172-86.109.11.101:22-218.92.0.24:31347 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:20.391370 systemd[1]: Started sshd@173-86.109.11.101:22-147.75.109.163:53008.service. Feb 9 12:45:20.390000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@173-86.109.11.101:22-147.75.109.163:53008 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:20.427201 kernel: kauditd_printk_skb: 2 callbacks suppressed Feb 9 12:45:20.427305 kernel: audit: type=1130 audit(1707482720.390:2421): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@173-86.109.11.101:22-147.75.109.163:53008 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:20.543000 audit[8750]: USER_ACCT pid=8750 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:20.544716 sshd[8750]: Accepted publickey for core from 147.75.109.163 port 53008 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:45:20.545536 sshd[8750]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:45:20.547972 systemd-logind[1465]: New session 83 of user core. Feb 9 12:45:20.548477 systemd[1]: Started session-83.scope. Feb 9 12:45:20.627124 sshd[8750]: pam_unix(sshd:session): session closed for user core Feb 9 12:45:20.628576 systemd[1]: sshd@173-86.109.11.101:22-147.75.109.163:53008.service: Deactivated successfully. Feb 9 12:45:20.629009 systemd[1]: session-83.scope: Deactivated successfully. Feb 9 12:45:20.629388 systemd-logind[1465]: Session 83 logged out. Waiting for processes to exit. Feb 9 12:45:20.630010 systemd-logind[1465]: Removed session 83. Feb 9 12:45:20.544000 audit[8750]: CRED_ACQ pid=8750 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:20.726368 kernel: audit: type=1101 audit(1707482720.543:2422): pid=8750 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:20.726419 kernel: audit: type=1103 audit(1707482720.544:2423): pid=8750 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:20.726438 kernel: audit: type=1006 audit(1707482720.544:2424): pid=8750 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=83 res=1 Feb 9 12:45:20.785002 kernel: audit: type=1300 audit(1707482720.544:2424): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffdc2db5130 a2=3 a3=0 items=0 ppid=1 pid=8750 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=83 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:20.544000 audit[8750]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffdc2db5130 a2=3 a3=0 items=0 ppid=1 pid=8750 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=83 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:20.877017 kernel: audit: type=1327 audit(1707482720.544:2424): proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:20.544000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:20.907519 kernel: audit: type=1105 audit(1707482720.549:2425): pid=8750 uid=0 auid=500 ses=83 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:20.549000 audit[8750]: USER_START pid=8750 uid=0 auid=500 ses=83 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:21.001970 kernel: audit: type=1103 audit(1707482720.550:2426): pid=8752 uid=0 auid=500 ses=83 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:20.550000 audit[8752]: CRED_ACQ pid=8752 uid=0 auid=500 ses=83 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:20.626000 audit[8750]: USER_END pid=8750 uid=0 auid=500 ses=83 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:21.186888 kernel: audit: type=1106 audit(1707482720.626:2427): pid=8750 uid=0 auid=500 ses=83 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:21.186939 kernel: audit: type=1104 audit(1707482720.626:2428): pid=8750 uid=0 auid=500 ses=83 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:20.626000 audit[8750]: CRED_DISP pid=8750 uid=0 auid=500 ses=83 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:20.627000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@173-86.109.11.101:22-147.75.109.163:53008 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:23.332000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:45:23.332000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c00142d2e0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:45:23.332000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:45:23.333000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:45:23.333000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c002630720 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:45:23.333000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:45:23.464000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:45:23.464000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=67 a1=c007274570 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:45:23.464000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:45:23.465000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:45:23.465000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=67 a1=c006e27220 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:45:23.465000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:45:23.465000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="sda9" ino=521011 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:45:23.465000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=68 a1=c0044bd710 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:45:23.465000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:45:23.465000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="sda9" ino=521007 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:45:23.465000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=67 a1=c014a875c0 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:45:23.465000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:45:23.465000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:45:23.465000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=69 a1=c006e27240 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:45:23.465000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:45:23.465000 audit[2440]: AVC avc: denied { watch } for pid=2440 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="sda9" ino=521013 scontext=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:45:23.465000 audit[2440]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=68 a1=c013e85230 a2=fc6 a3=0 items=0 ppid=2277 pid=2440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c470,c671 key=(null) Feb 9 12:45:23.465000 audit: PROCTITLE proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D38362E3130392E31312E313031002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 Feb 9 12:45:25.638466 systemd[1]: Started sshd@174-86.109.11.101:22-147.75.109.163:60940.service. Feb 9 12:45:25.637000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@174-86.109.11.101:22-147.75.109.163:60940 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:25.666290 kernel: kauditd_printk_skb: 25 callbacks suppressed Feb 9 12:45:25.666359 kernel: audit: type=1130 audit(1707482725.637:2438): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@174-86.109.11.101:22-147.75.109.163:60940 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:25.783000 audit[8804]: USER_ACCT pid=8804 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:25.784674 sshd[8804]: Accepted publickey for core from 147.75.109.163 port 60940 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:45:25.786309 sshd[8804]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:45:25.788837 systemd-logind[1465]: New session 84 of user core. Feb 9 12:45:25.789387 systemd[1]: Started session-84.scope. Feb 9 12:45:25.868054 sshd[8804]: pam_unix(sshd:session): session closed for user core Feb 9 12:45:25.869455 systemd[1]: sshd@174-86.109.11.101:22-147.75.109.163:60940.service: Deactivated successfully. Feb 9 12:45:25.869881 systemd[1]: session-84.scope: Deactivated successfully. Feb 9 12:45:25.870155 systemd-logind[1465]: Session 84 logged out. Waiting for processes to exit. Feb 9 12:45:25.870671 systemd-logind[1465]: Removed session 84. Feb 9 12:45:25.784000 audit[8804]: CRED_ACQ pid=8804 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:25.966492 kernel: audit: type=1101 audit(1707482725.783:2439): pid=8804 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:25.966534 kernel: audit: type=1103 audit(1707482725.784:2440): pid=8804 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:25.966552 kernel: audit: type=1006 audit(1707482725.784:2441): pid=8804 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=84 res=1 Feb 9 12:45:26.025121 kernel: audit: type=1300 audit(1707482725.784:2441): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff460c5240 a2=3 a3=0 items=0 ppid=1 pid=8804 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=84 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:25.784000 audit[8804]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff460c5240 a2=3 a3=0 items=0 ppid=1 pid=8804 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=84 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:26.117203 kernel: audit: type=1327 audit(1707482725.784:2441): proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:25.784000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:26.147744 kernel: audit: type=1105 audit(1707482725.790:2442): pid=8804 uid=0 auid=500 ses=84 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:25.790000 audit[8804]: USER_START pid=8804 uid=0 auid=500 ses=84 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:26.242452 kernel: audit: type=1103 audit(1707482725.790:2443): pid=8806 uid=0 auid=500 ses=84 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:25.790000 audit[8806]: CRED_ACQ pid=8806 uid=0 auid=500 ses=84 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:26.331755 kernel: audit: type=1106 audit(1707482725.867:2444): pid=8804 uid=0 auid=500 ses=84 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:25.867000 audit[8804]: USER_END pid=8804 uid=0 auid=500 ses=84 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:26.427311 kernel: audit: type=1104 audit(1707482725.867:2445): pid=8804 uid=0 auid=500 ses=84 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:25.867000 audit[8804]: CRED_DISP pid=8804 uid=0 auid=500 ses=84 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:25.868000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@174-86.109.11.101:22-147.75.109.163:60940 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:30.784986 sshd[8747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.24 user=root Feb 9 12:45:30.784000 audit[8747]: USER_AUTH pid=8747 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=218.92.0.24 addr=218.92.0.24 terminal=ssh res=failed' Feb 9 12:45:30.811870 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:45:30.811904 kernel: audit: type=1100 audit(1707482730.784:2447): pid=8747 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=218.92.0.24 addr=218.92.0.24 terminal=ssh res=failed' Feb 9 12:45:30.871381 systemd[1]: Started sshd@175-86.109.11.101:22-147.75.109.163:60944.service. Feb 9 12:45:30.870000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@175-86.109.11.101:22-147.75.109.163:60944 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:30.992252 kernel: audit: type=1130 audit(1707482730.870:2448): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@175-86.109.11.101:22-147.75.109.163:60944 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:31.019000 audit[8831]: USER_ACCT pid=8831 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:31.021131 sshd[8831]: Accepted publickey for core from 147.75.109.163 port 60944 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:45:31.022533 sshd[8831]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:45:31.024750 systemd-logind[1465]: New session 85 of user core. Feb 9 12:45:31.025280 systemd[1]: Started session-85.scope. Feb 9 12:45:31.105925 sshd[8831]: pam_unix(sshd:session): session closed for user core Feb 9 12:45:31.107309 systemd[1]: sshd@175-86.109.11.101:22-147.75.109.163:60944.service: Deactivated successfully. Feb 9 12:45:31.107762 systemd[1]: session-85.scope: Deactivated successfully. Feb 9 12:45:31.108136 systemd-logind[1465]: Session 85 logged out. Waiting for processes to exit. Feb 9 12:45:31.108644 systemd-logind[1465]: Removed session 85. Feb 9 12:45:31.113274 kernel: audit: type=1101 audit(1707482731.019:2449): pid=8831 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:31.113316 kernel: audit: type=1103 audit(1707482731.021:2450): pid=8831 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:31.021000 audit[8831]: CRED_ACQ pid=8831 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:31.204308 kernel: audit: type=1006 audit(1707482731.021:2451): pid=8831 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=85 res=1 Feb 9 12:45:31.021000 audit[8831]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff45192510 a2=3 a3=0 items=0 ppid=1 pid=8831 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=85 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:31.354719 kernel: audit: type=1300 audit(1707482731.021:2451): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff45192510 a2=3 a3=0 items=0 ppid=1 pid=8831 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=85 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:31.354755 kernel: audit: type=1327 audit(1707482731.021:2451): proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:31.021000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:31.385222 kernel: audit: type=1105 audit(1707482731.026:2452): pid=8831 uid=0 auid=500 ses=85 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:31.026000 audit[8831]: USER_START pid=8831 uid=0 auid=500 ses=85 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:31.480621 kernel: audit: type=1103 audit(1707482731.026:2453): pid=8833 uid=0 auid=500 ses=85 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:31.026000 audit[8833]: CRED_ACQ pid=8833 uid=0 auid=500 ses=85 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:31.569863 kernel: audit: type=1106 audit(1707482731.105:2454): pid=8831 uid=0 auid=500 ses=85 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:31.105000 audit[8831]: USER_END pid=8831 uid=0 auid=500 ses=85 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:31.105000 audit[8831]: CRED_DISP pid=8831 uid=0 auid=500 ses=85 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:31.106000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@175-86.109.11.101:22-147.75.109.163:60944 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:32.279499 sshd[8747]: Failed password for root from 218.92.0.24 port 31347 ssh2 Feb 9 12:45:34.091000 audit[8747]: USER_AUTH pid=8747 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=218.92.0.24 addr=218.92.0.24 terminal=ssh res=failed' Feb 9 12:45:36.093984 systemd[1]: Started sshd@176-86.109.11.101:22-43.153.64.49:57870.service. Feb 9 12:45:36.092000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@176-86.109.11.101:22-43.153.64.49:57870 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:36.108386 systemd[1]: Started sshd@177-86.109.11.101:22-147.75.109.163:42904.service. Feb 9 12:45:36.121433 kernel: kauditd_printk_skb: 3 callbacks suppressed Feb 9 12:45:36.121515 kernel: audit: type=1130 audit(1707482736.092:2458): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@176-86.109.11.101:22-43.153.64.49:57870 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:36.138368 sshd[8747]: Failed password for root from 218.92.0.24 port 31347 ssh2 Feb 9 12:45:36.107000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@177-86.109.11.101:22-147.75.109.163:42904 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:36.241585 sshd[8899]: Accepted publickey for core from 147.75.109.163 port 42904 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:45:36.242717 sshd[8899]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:45:36.244977 systemd-logind[1465]: New session 86 of user core. Feb 9 12:45:36.245433 systemd[1]: Started session-86.scope. Feb 9 12:45:36.277922 sshd[8896]: Invalid user msv from 43.153.64.49 port 57870 Feb 9 12:45:36.279049 sshd[8896]: pam_faillock(sshd:auth): User unknown Feb 9 12:45:36.279232 sshd[8896]: pam_unix(sshd:auth): check pass; user unknown Feb 9 12:45:36.279247 sshd[8896]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.153.64.49 Feb 9 12:45:36.279469 sshd[8896]: pam_faillock(sshd:auth): User unknown Feb 9 12:45:36.301141 kernel: audit: type=1130 audit(1707482736.107:2459): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@177-86.109.11.101:22-147.75.109.163:42904 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:36.301213 kernel: audit: type=1101 audit(1707482736.240:2460): pid=8899 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:36.240000 audit[8899]: USER_ACCT pid=8899 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:36.324347 sshd[8899]: pam_unix(sshd:session): session closed for user core Feb 9 12:45:36.325845 systemd[1]: sshd@177-86.109.11.101:22-147.75.109.163:42904.service: Deactivated successfully. Feb 9 12:45:36.326295 systemd[1]: session-86.scope: Deactivated successfully. Feb 9 12:45:36.326706 systemd-logind[1465]: Session 86 logged out. Waiting for processes to exit. Feb 9 12:45:36.327176 systemd-logind[1465]: Removed session 86. Feb 9 12:45:36.393588 kernel: audit: type=1103 audit(1707482736.241:2461): pid=8899 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:36.241000 audit[8899]: CRED_ACQ pid=8899 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:36.484503 kernel: audit: type=1006 audit(1707482736.241:2462): pid=8899 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=86 res=1 Feb 9 12:45:36.241000 audit[8899]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff979c5f20 a2=3 a3=0 items=0 ppid=1 pid=8899 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=86 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:36.635737 kernel: audit: type=1300 audit(1707482736.241:2462): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff979c5f20 a2=3 a3=0 items=0 ppid=1 pid=8899 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=86 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:36.635774 kernel: audit: type=1327 audit(1707482736.241:2462): proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:36.241000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:36.666363 kernel: audit: type=1105 audit(1707482736.246:2463): pid=8899 uid=0 auid=500 ses=86 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:36.246000 audit[8899]: USER_START pid=8899 uid=0 auid=500 ses=86 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:36.762098 kernel: audit: type=1103 audit(1707482736.246:2464): pid=8901 uid=0 auid=500 ses=86 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:36.246000 audit[8901]: CRED_ACQ pid=8901 uid=0 auid=500 ses=86 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:36.851768 kernel: audit: type=1100 audit(1707482736.278:2465): pid=8896 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="msv" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:45:36.278000 audit[8896]: USER_AUTH pid=8896 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="msv" exe="/usr/sbin/sshd" hostname=43.153.64.49 addr=43.153.64.49 terminal=ssh res=failed' Feb 9 12:45:36.323000 audit[8899]: USER_END pid=8899 uid=0 auid=500 ses=86 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:36.323000 audit[8899]: CRED_DISP pid=8899 uid=0 auid=500 ses=86 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:36.324000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@177-86.109.11.101:22-147.75.109.163:42904 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:37.400000 audit[8747]: USER_AUTH pid=8747 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=218.92.0.24 addr=218.92.0.24 terminal=ssh res=failed' Feb 9 12:45:37.934511 sshd[8896]: Failed password for invalid user msv from 43.153.64.49 port 57870 ssh2 Feb 9 12:45:38.068140 sshd[8896]: Received disconnect from 43.153.64.49 port 57870:11: Bye Bye [preauth] Feb 9 12:45:38.068140 sshd[8896]: Disconnected from invalid user msv 43.153.64.49 port 57870 [preauth] Feb 9 12:45:38.069062 systemd[1]: sshd@176-86.109.11.101:22-43.153.64.49:57870.service: Deactivated successfully. Feb 9 12:45:38.067000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@176-86.109.11.101:22-43.153.64.49:57870 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:39.192267 sshd[8747]: Failed password for root from 218.92.0.24 port 31347 ssh2 Feb 9 12:45:39.226000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:45:39.226000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001f16680 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:45:39.226000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:45:39.226000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:45:39.226000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001f166a0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:45:39.226000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:45:39.226000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:45:39.226000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c00142db40 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:45:39.226000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:45:39.229000 audit[2396]: AVC avc: denied { watch } for pid=2396 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="sda9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 Feb 9 12:45:39.229000 audit[2396]: SYSCALL arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001f167e0 a2=fc6 a3=0 items=0 ppid=2278 pid=2396 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c49,c630 key=(null) Feb 9 12:45:39.229000 audit: PROCTITLE proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 Feb 9 12:45:40.705203 sshd[8747]: Received disconnect from 218.92.0.24 port 31347:11: [preauth] Feb 9 12:45:40.705203 sshd[8747]: Disconnected from authenticating user root 218.92.0.24 port 31347 [preauth] Feb 9 12:45:40.705778 sshd[8747]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.24 user=root Feb 9 12:45:40.708010 systemd[1]: sshd@172-86.109.11.101:22-218.92.0.24:31347.service: Deactivated successfully. Feb 9 12:45:40.707000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@172-86.109.11.101:22-218.92.0.24:31347 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:41.336127 systemd[1]: Started sshd@178-86.109.11.101:22-147.75.109.163:42916.service. Feb 9 12:45:41.335000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@178-86.109.11.101:22-147.75.109.163:42916 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:41.363995 kernel: kauditd_printk_skb: 18 callbacks suppressed Feb 9 12:45:41.364048 kernel: audit: type=1130 audit(1707482741.335:2476): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@178-86.109.11.101:22-147.75.109.163:42916 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:41.482000 audit[8928]: USER_ACCT pid=8928 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:41.484050 sshd[8928]: Accepted publickey for core from 147.75.109.163 port 42916 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:45:41.485537 sshd[8928]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:45:41.487939 systemd-logind[1465]: New session 87 of user core. Feb 9 12:45:41.488385 systemd[1]: Started session-87.scope. Feb 9 12:45:41.566861 sshd[8928]: pam_unix(sshd:session): session closed for user core Feb 9 12:45:41.568336 systemd[1]: sshd@178-86.109.11.101:22-147.75.109.163:42916.service: Deactivated successfully. Feb 9 12:45:41.568765 systemd[1]: session-87.scope: Deactivated successfully. Feb 9 12:45:41.569127 systemd-logind[1465]: Session 87 logged out. Waiting for processes to exit. Feb 9 12:45:41.569773 systemd-logind[1465]: Removed session 87. Feb 9 12:45:41.484000 audit[8928]: CRED_ACQ pid=8928 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:41.665982 kernel: audit: type=1101 audit(1707482741.482:2477): pid=8928 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:41.666032 kernel: audit: type=1103 audit(1707482741.484:2478): pid=8928 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:41.666051 kernel: audit: type=1006 audit(1707482741.484:2479): pid=8928 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=87 res=1 Feb 9 12:45:41.724850 kernel: audit: type=1300 audit(1707482741.484:2479): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd922c8410 a2=3 a3=0 items=0 ppid=1 pid=8928 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=87 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:41.484000 audit[8928]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd922c8410 a2=3 a3=0 items=0 ppid=1 pid=8928 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=87 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:41.817242 kernel: audit: type=1327 audit(1707482741.484:2479): proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:41.484000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:41.847906 kernel: audit: type=1105 audit(1707482741.489:2480): pid=8928 uid=0 auid=500 ses=87 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:41.489000 audit[8928]: USER_START pid=8928 uid=0 auid=500 ses=87 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:41.942835 kernel: audit: type=1103 audit(1707482741.490:2481): pid=8932 uid=0 auid=500 ses=87 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:41.490000 audit[8932]: CRED_ACQ pid=8932 uid=0 auid=500 ses=87 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:42.032025 kernel: audit: type=1106 audit(1707482741.566:2482): pid=8928 uid=0 auid=500 ses=87 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:41.566000 audit[8928]: USER_END pid=8928 uid=0 auid=500 ses=87 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:42.127502 kernel: audit: type=1104 audit(1707482741.566:2483): pid=8928 uid=0 auid=500 ses=87 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:41.566000 audit[8928]: CRED_DISP pid=8928 uid=0 auid=500 ses=87 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:41.567000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@178-86.109.11.101:22-147.75.109.163:42916 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:46.576615 systemd[1]: Started sshd@179-86.109.11.101:22-147.75.109.163:52148.service. Feb 9 12:45:46.575000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@179-86.109.11.101:22-147.75.109.163:52148 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:46.603287 kernel: kauditd_printk_skb: 1 callbacks suppressed Feb 9 12:45:46.603329 kernel: audit: type=1130 audit(1707482746.575:2485): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@179-86.109.11.101:22-147.75.109.163:52148 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:46.736000 audit[8954]: USER_ACCT pid=8954 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:46.738028 sshd[8954]: Accepted publickey for core from 147.75.109.163 port 52148 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:45:46.741016 sshd[8954]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:45:46.746231 systemd-logind[1465]: New session 88 of user core. Feb 9 12:45:46.746828 systemd[1]: Started session-88.scope. Feb 9 12:45:46.738000 audit[8954]: CRED_ACQ pid=8954 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:46.920537 kernel: audit: type=1101 audit(1707482746.736:2486): pid=8954 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:46.920574 kernel: audit: type=1103 audit(1707482746.738:2487): pid=8954 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:46.920589 kernel: audit: type=1006 audit(1707482746.739:2488): pid=8954 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=88 res=1 Feb 9 12:45:46.979148 kernel: audit: type=1300 audit(1707482746.739:2488): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffecb3f2b30 a2=3 a3=0 items=0 ppid=1 pid=8954 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=88 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:46.739000 audit[8954]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffecb3f2b30 a2=3 a3=0 items=0 ppid=1 pid=8954 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=88 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:47.071214 kernel: audit: type=1327 audit(1707482746.739:2488): proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:46.739000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:47.071426 sshd[8954]: pam_unix(sshd:session): session closed for user core Feb 9 12:45:47.072883 systemd[1]: sshd@179-86.109.11.101:22-147.75.109.163:52148.service: Deactivated successfully. Feb 9 12:45:47.073326 systemd[1]: session-88.scope: Deactivated successfully. Feb 9 12:45:47.073724 systemd-logind[1465]: Session 88 logged out. Waiting for processes to exit. Feb 9 12:45:47.074120 systemd-logind[1465]: Removed session 88. Feb 9 12:45:47.101776 kernel: audit: type=1105 audit(1707482746.748:2489): pid=8954 uid=0 auid=500 ses=88 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:46.748000 audit[8954]: USER_START pid=8954 uid=0 auid=500 ses=88 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:46.748000 audit[8956]: CRED_ACQ pid=8956 uid=0 auid=500 ses=88 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:47.285712 kernel: audit: type=1103 audit(1707482746.748:2490): pid=8956 uid=0 auid=500 ses=88 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:47.285794 kernel: audit: type=1106 audit(1707482747.070:2491): pid=8954 uid=0 auid=500 ses=88 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:47.070000 audit[8954]: USER_END pid=8954 uid=0 auid=500 ses=88 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:47.381399 kernel: audit: type=1104 audit(1707482747.070:2492): pid=8954 uid=0 auid=500 ses=88 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:47.070000 audit[8954]: CRED_DISP pid=8954 uid=0 auid=500 ses=88 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:47.071000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@179-86.109.11.101:22-147.75.109.163:52148 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:48.470075 systemd[1]: Started sshd@180-86.109.11.101:22-218.92.0.24:56498.service. Feb 9 12:45:48.468000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@180-86.109.11.101:22-218.92.0.24:56498 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:52.021699 systemd[1]: Started sshd@181-86.109.11.101:22-147.75.109.163:52150.service. Feb 9 12:45:52.020000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@181-86.109.11.101:22-147.75.109.163:52150 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:52.048942 kernel: kauditd_printk_skb: 2 callbacks suppressed Feb 9 12:45:52.049039 kernel: audit: type=1130 audit(1707482752.020:2495): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@181-86.109.11.101:22-147.75.109.163:52150 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:52.167000 audit[8985]: USER_ACCT pid=8985 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:52.169474 sshd[8985]: Accepted publickey for core from 147.75.109.163 port 52150 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:45:52.171695 sshd[8985]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:45:52.174121 systemd-logind[1465]: New session 89 of user core. Feb 9 12:45:52.174593 systemd[1]: Started session-89.scope. Feb 9 12:45:52.253264 sshd[8985]: pam_unix(sshd:session): session closed for user core Feb 9 12:45:52.254756 systemd[1]: sshd@181-86.109.11.101:22-147.75.109.163:52150.service: Deactivated successfully. Feb 9 12:45:52.255261 systemd[1]: session-89.scope: Deactivated successfully. Feb 9 12:45:52.255665 systemd-logind[1465]: Session 89 logged out. Waiting for processes to exit. Feb 9 12:45:52.256120 systemd-logind[1465]: Removed session 89. Feb 9 12:45:52.170000 audit[8985]: CRED_ACQ pid=8985 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:52.351320 kernel: audit: type=1101 audit(1707482752.167:2496): pid=8985 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:52.351397 kernel: audit: type=1103 audit(1707482752.170:2497): pid=8985 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:52.351417 kernel: audit: type=1006 audit(1707482752.170:2498): pid=8985 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=89 res=1 Feb 9 12:45:52.409965 kernel: audit: type=1300 audit(1707482752.170:2498): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff7caf1320 a2=3 a3=0 items=0 ppid=1 pid=8985 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=89 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:52.170000 audit[8985]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff7caf1320 a2=3 a3=0 items=0 ppid=1 pid=8985 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=89 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:52.502374 kernel: audit: type=1327 audit(1707482752.170:2498): proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:52.170000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:52.532884 kernel: audit: type=1105 audit(1707482752.175:2499): pid=8985 uid=0 auid=500 ses=89 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:52.175000 audit[8985]: USER_START pid=8985 uid=0 auid=500 ses=89 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:52.627423 kernel: audit: type=1103 audit(1707482752.176:2500): pid=8987 uid=0 auid=500 ses=89 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:52.176000 audit[8987]: CRED_ACQ pid=8987 uid=0 auid=500 ses=89 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:52.252000 audit[8985]: USER_END pid=8985 uid=0 auid=500 ses=89 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:52.812224 kernel: audit: type=1106 audit(1707482752.252:2501): pid=8985 uid=0 auid=500 ses=89 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:52.812285 kernel: audit: type=1104 audit(1707482752.252:2502): pid=8985 uid=0 auid=500 ses=89 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:52.252000 audit[8985]: CRED_DISP pid=8985 uid=0 auid=500 ses=89 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:52.253000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@181-86.109.11.101:22-147.75.109.163:52150 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:54.445089 sshd[8982]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.24 user=root Feb 9 12:45:54.444000 audit[8982]: USER_AUTH pid=8982 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=218.92.0.24 addr=218.92.0.24 terminal=ssh res=failed' Feb 9 12:45:56.571636 sshd[8982]: Failed password for root from 218.92.0.24 port 56498 ssh2 Feb 9 12:45:57.262968 systemd[1]: Started sshd@182-86.109.11.101:22-147.75.109.163:49846.service. Feb 9 12:45:57.261000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@182-86.109.11.101:22-147.75.109.163:49846 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:57.289945 kernel: kauditd_printk_skb: 2 callbacks suppressed Feb 9 12:45:57.290099 kernel: audit: type=1130 audit(1707482757.261:2505): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@182-86.109.11.101:22-147.75.109.163:49846 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:57.409398 sshd[9064]: Accepted publickey for core from 147.75.109.163 port 49846 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:45:57.408000 audit[9064]: USER_ACCT pid=9064 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:57.410856 sshd[9064]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:45:57.413415 systemd-logind[1465]: New session 90 of user core. Feb 9 12:45:57.413961 systemd[1]: Started session-90.scope. Feb 9 12:45:57.493852 sshd[9064]: pam_unix(sshd:session): session closed for user core Feb 9 12:45:57.495141 systemd[1]: sshd@182-86.109.11.101:22-147.75.109.163:49846.service: Deactivated successfully. Feb 9 12:45:57.495573 systemd[1]: session-90.scope: Deactivated successfully. Feb 9 12:45:57.495990 systemd-logind[1465]: Session 90 logged out. Waiting for processes to exit. Feb 9 12:45:57.496470 systemd-logind[1465]: Removed session 90. Feb 9 12:45:57.409000 audit[9064]: CRED_ACQ pid=9064 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:57.591445 kernel: audit: type=1101 audit(1707482757.408:2506): pid=9064 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:57.591487 kernel: audit: type=1103 audit(1707482757.409:2507): pid=9064 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:57.591504 kernel: audit: type=1006 audit(1707482757.409:2508): pid=9064 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=90 res=1 Feb 9 12:45:57.650044 kernel: audit: type=1300 audit(1707482757.409:2508): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff0e6081e0 a2=3 a3=0 items=0 ppid=1 pid=9064 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=90 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:57.409000 audit[9064]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff0e6081e0 a2=3 a3=0 items=0 ppid=1 pid=9064 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=90 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:45:57.742089 kernel: audit: type=1327 audit(1707482757.409:2508): proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:57.409000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:45:57.772626 kernel: audit: type=1105 audit(1707482757.415:2509): pid=9064 uid=0 auid=500 ses=90 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:57.415000 audit[9064]: USER_START pid=9064 uid=0 auid=500 ses=90 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:57.777169 sshd[8982]: pam_faillock(sshd:auth): Consecutive login failures for user root account temporarily locked Feb 9 12:45:57.867142 kernel: audit: type=1103 audit(1707482757.415:2510): pid=9066 uid=0 auid=500 ses=90 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:57.415000 audit[9066]: CRED_ACQ pid=9066 uid=0 auid=500 ses=90 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:57.956390 kernel: audit: type=1106 audit(1707482757.493:2511): pid=9064 uid=0 auid=500 ses=90 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:57.493000 audit[9064]: USER_END pid=9064 uid=0 auid=500 ses=90 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:58.051933 kernel: audit: type=1104 audit(1707482757.493:2512): pid=9064 uid=0 auid=500 ses=90 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:57.493000 audit[9064]: CRED_DISP pid=9064 uid=0 auid=500 ses=90 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:45:57.494000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@182-86.109.11.101:22-147.75.109.163:49846 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:57.775000 audit[8982]: ANOM_LOGIN_FAILURES pid=8982 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='pam_faillock uid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success' Feb 9 12:45:57.775000 audit[8982]: USER_AUTH pid=8982 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=218.92.0.24 addr=218.92.0.24 terminal=ssh res=failed' Feb 9 12:45:59.648104 sshd[8982]: Failed password for root from 218.92.0.24 port 56498 ssh2 Feb 9 12:46:02.503198 systemd[1]: Started sshd@183-86.109.11.101:22-147.75.109.163:49854.service. Feb 9 12:46:02.502000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@183-86.109.11.101:22-147.75.109.163:49854 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:46:02.530233 kernel: kauditd_printk_skb: 3 callbacks suppressed Feb 9 12:46:02.530335 kernel: audit: type=1130 audit(1707482762.502:2516): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@183-86.109.11.101:22-147.75.109.163:49854 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:46:02.648000 audit[9108]: USER_ACCT pid=9108 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:02.649449 sshd[9108]: Accepted publickey for core from 147.75.109.163 port 49854 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:46:02.651565 sshd[9108]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:46:02.654040 systemd-logind[1465]: New session 91 of user core. Feb 9 12:46:02.654642 systemd[1]: Started session-91.scope. Feb 9 12:46:02.732867 sshd[9108]: pam_unix(sshd:session): session closed for user core Feb 9 12:46:02.734279 systemd[1]: sshd@183-86.109.11.101:22-147.75.109.163:49854.service: Deactivated successfully. Feb 9 12:46:02.734719 systemd[1]: session-91.scope: Deactivated successfully. Feb 9 12:46:02.735082 systemd-logind[1465]: Session 91 logged out. Waiting for processes to exit. Feb 9 12:46:02.735558 systemd-logind[1465]: Removed session 91. Feb 9 12:46:02.650000 audit[9108]: CRED_ACQ pid=9108 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:02.832712 kernel: audit: type=1101 audit(1707482762.648:2517): pid=9108 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:02.832787 kernel: audit: type=1103 audit(1707482762.650:2518): pid=9108 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:02.832826 kernel: audit: type=1006 audit(1707482762.650:2519): pid=9108 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=91 res=1 Feb 9 12:46:02.650000 audit[9108]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc43d8e480 a2=3 a3=0 items=0 ppid=1 pid=9108 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=91 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:46:02.983463 kernel: audit: type=1300 audit(1707482762.650:2519): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc43d8e480 a2=3 a3=0 items=0 ppid=1 pid=9108 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=91 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:46:02.983523 kernel: audit: type=1327 audit(1707482762.650:2519): proctitle=737368643A20636F7265205B707269765D Feb 9 12:46:02.650000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:46:02.655000 audit[9108]: USER_START pid=9108 uid=0 auid=500 ses=91 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:03.108607 kernel: audit: type=1105 audit(1707482762.655:2520): pid=9108 uid=0 auid=500 ses=91 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:03.108704 kernel: audit: type=1103 audit(1707482762.656:2521): pid=9110 uid=0 auid=500 ses=91 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:02.656000 audit[9110]: CRED_ACQ pid=9110 uid=0 auid=500 ses=91 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:02.711000 audit[8982]: USER_AUTH pid=8982 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=218.92.0.24 addr=218.92.0.24 terminal=ssh res=failed' Feb 9 12:46:03.286016 kernel: audit: type=1100 audit(1707482762.711:2522): pid=8982 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=218.92.0.24 addr=218.92.0.24 terminal=ssh res=failed' Feb 9 12:46:03.286070 kernel: audit: type=1106 audit(1707482762.732:2523): pid=9108 uid=0 auid=500 ses=91 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:02.732000 audit[9108]: USER_END pid=9108 uid=0 auid=500 ses=91 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:02.732000 audit[9108]: CRED_DISP pid=9108 uid=0 auid=500 ses=91 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:02.733000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@183-86.109.11.101:22-147.75.109.163:49854 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:46:04.267481 sshd[8982]: Failed password for root from 218.92.0.24 port 56498 ssh2 Feb 9 12:46:07.741804 systemd[1]: Started sshd@184-86.109.11.101:22-147.75.109.163:33718.service. Feb 9 12:46:07.740000 audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@184-86.109.11.101:22-147.75.109.163:33718 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:46:07.768958 kernel: kauditd_printk_skb: 2 callbacks suppressed Feb 9 12:46:07.769133 kernel: audit: type=1130 audit(1707482767.740:2526): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@184-86.109.11.101:22-147.75.109.163:33718 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Feb 9 12:46:07.888687 sshd[9133]: Accepted publickey for core from 147.75.109.163 port 33718 ssh2: RSA SHA256:64VUfRXiMosPxVXfALumiHZVs3BYorCRVSgPBbg6OcI Feb 9 12:46:07.887000 audit[9133]: USER_ACCT pid=9133 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:07.889524 sshd[9133]: pam_unix(sshd:session): session opened for user core(uid=500) by (uid=0) Feb 9 12:46:07.891773 systemd-logind[1465]: New session 92 of user core. Feb 9 12:46:07.892237 systemd[1]: Started session-92.scope. Feb 9 12:46:07.973824 sshd[9133]: pam_unix(sshd:session): session closed for user core Feb 9 12:46:07.975283 systemd[1]: sshd@184-86.109.11.101:22-147.75.109.163:33718.service: Deactivated successfully. Feb 9 12:46:07.975731 systemd[1]: session-92.scope: Deactivated successfully. Feb 9 12:46:07.976109 systemd-logind[1465]: Session 92 logged out. Waiting for processes to exit. Feb 9 12:46:07.976783 systemd-logind[1465]: Removed session 92. Feb 9 12:46:07.888000 audit[9133]: CRED_ACQ pid=9133 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:08.073933 kernel: audit: type=1101 audit(1707482767.887:2527): pid=9133 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:08.074003 kernel: audit: type=1103 audit(1707482767.888:2528): pid=9133 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:08.074030 kernel: audit: type=1006 audit(1707482767.888:2529): pid=9133 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=92 res=1 Feb 9 12:46:07.888000 audit[9133]: SYSCALL arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffefdc31db0 a2=3 a3=0 items=0 ppid=1 pid=9133 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=92 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:46:08.225342 kernel: audit: type=1300 audit(1707482767.888:2529): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffefdc31db0 a2=3 a3=0 items=0 ppid=1 pid=9133 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=92 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) Feb 9 12:46:08.225405 kernel: audit: type=1327 audit(1707482767.888:2529): proctitle=737368643A20636F7265205B707269765D Feb 9 12:46:07.888000 audit: PROCTITLE proctitle=737368643A20636F7265205B707269765D Feb 9 12:46:07.893000 audit[9133]: USER_START pid=9133 uid=0 auid=500 ses=92 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:08.351048 kernel: audit: type=1105 audit(1707482767.893:2530): pid=9133 uid=0 auid=500 ses=92 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:08.351104 kernel: audit: type=1103 audit(1707482767.894:2531): pid=9135 uid=0 auid=500 ses=92 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:07.894000 audit[9135]: CRED_ACQ pid=9135 uid=0 auid=500 ses=92 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:07.973000 audit[9133]: USER_END pid=9133 uid=0 auid=500 ses=92 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:08.536784 kernel: audit: type=1106 audit(1707482767.973:2532): pid=9133 uid=0 auid=500 ses=92 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:08.536834 kernel: audit: type=1104 audit(1707482767.973:2533): pid=9133 uid=0 auid=500 ses=92 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:07.973000 audit[9133]: CRED_DISP pid=9133 uid=0 auid=500 ses=92 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' Feb 9 12:46:07.974000 audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@184-86.109.11.101:22-147.75.109.163:33718 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'