=3 a1=fffffba08a10 a2=0 a3=ffff85b8a6c0 items=0 ppid=2989 pid=3213 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 94.800104] audit: type=1327 audit(1707506290.798:1098): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 94.805755] audit: type=1325 audit(1707506290.799:1099): table=nat:92 family=2 entries=12 op=nft_register_rule pid=3213 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 99.900410] kauditd_printk_skb: 179 callbacks suppressed [ 99.900414] audit: type=1400 audit(1707506295.915:1156): avc: denied { perfmon } for pid=3436 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 99.912106] audit: type=1300 audit(1707506295.915:1156): arch=c00000b7 syscall=280 success=yes exit=15 a0=0 a1=400014d5a0 a2=3c a3=0 items=0 ppid=3283 pid=3436 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 99.925075] audit: type=1327 audit(1707506295.915:1156): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6461366132613230373538396338643066613737313030323061396365 [ 99.938012] audit: type=1400 audit(1707506295.915:1157): avc: denied { bpf } for pid=3436 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 99.946420] audit: type=1400 audit(1707506295.915:1157): avc: denied { bpf } for pid=3436 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 99.957222] audit: type=1400 audit(1707506295.915:1157): avc: denied { bpf } for pid=3436 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 99.967533] audit: type=1400 audit(1707506295.915:1157): avc: denied { perfmon } for pid=3436 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 99.979008] audit: type=1400 audit(1707506295.915:1157): avc: denied { perfmon } for pid=3436 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 99.986567] audit: type=1400 audit(1707506295.915:1157): avc: denied { perfmon } for pid=3436 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 99.994155] audit: type=1400 audit(1707506295.915:1157): avc: denied { perfmon } for pid=3436 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 105.928253] kauditd_printk_skb: 34 callbacks suppressed [ 105.928257] audit: type=1400 audit(1707506301.943:1163): avc: denied { perfmon } for pid=3505 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 105.937630] audit: type=1300 audit(1707506301.943:1163): arch=c00000b7 syscall=280 success=yes exit=15 a0=0 a1=40001955a0 a2=3c a3=0 items=0 ppid=3283 pid=3505 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 105.948880] audit: type=1327 audit(1707506301.943:1163): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3430356338333033643638393266376534613131383839636262386230 [ 105.959196] audit: type=1400 audit(1707506301.943:1164): avc: denied { bpf } for pid=3505 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 105.968446] audit: type=1400 audit(1707506301.943:1164): avc: denied { bpf } for pid=3505 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 105.980783] audit: type=1400 audit(1707506301.943:1164): avc: denied { bpf } for pid=3505 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 105.989465] audit: type=1400 audit(1707506301.943:1164): avc: denied { perfmon } for pid=3505 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 105.999550] audit: type=1400 audit(1707506301.943:1164): avc: denied { perfmon } for pid=3505 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 106.011420] audit: type=1400 audit(1707506301.943:1164): avc: denied { perfmon } for pid=3505 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 106.023595] audit: type=1400 audit(1707506301.943:1164): avc: denied { perfmon } for pid=3505 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 111.103204] kauditd_printk_skb: 34 callbacks suppressed [ 111.103208] audit: type=1325 audit(1707506307.118:1170): table=filter:95 family=2 entries=15 op=nft_register_rule pid=3766 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 111.113310] audit: type=1300 audit(1707506307.118:1170): arch=c00000b7 syscall=211 success=yes exit=4956 a0=3 a1=ffffec893da0 a2=0 a3=ffffa3dab6c0 items=0 ppid=2989 pid=3766 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 111.133245] audit: type=1327 audit(1707506307.118:1170): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 111.139796] audit: type=1325 audit(1707506307.147:1171): table=nat:96 family=2 entries=19 op=nft_register_chain pid=3766 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 111.146449] audit: type=1300 audit(1707506307.147:1171): arch=c00000b7 syscall=211 success=yes exit=6068 a0=3 a1=ffffec893da0 a2=0 a3=ffffa3dab6c0 items=0 ppid=2989 pid=3766 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 111.159652] audit: type=1327 audit(1707506307.147:1171): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 117.820686] audit: type=1400 audit(1707506313.836:1172): avc: denied { perfmon } for pid=3779 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 117.830631] audit: type=1300 audit(1707506313.836:1172): arch=c00000b7 syscall=280 success=yes exit=15 a0=0 a1=40001955a0 a2=3c a3=0 items=0 ppid=3283 pid=3779 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 117.842805] audit: type=1327 audit(1707506313.836:1172): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3737316235366530616461613336626564623661643634373863393130 [ 117.854209] audit: type=1400 audit(1707506313.836:1173): avc: denied { bpf } for pid=3779 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 117.865635] audit: type=1400 audit(1707506313.836:1173): avc: denied { bpf } for pid=3779 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 117.873206] audit: type=1400 audit(1707506313.836:1173): avc: denied { bpf } for pid=3779 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 117.880735] audit: type=1400 audit(1707506313.836:1173): avc: denied { perfmon } for pid=3779 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 117.888549] audit: type=1400 audit(1707506313.836:1173): avc: denied { perfmon } for pid=3779 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 117.896226] audit: type=1400 audit(1707506313.836:1173): avc: denied { perfmon } for pid=3779 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 117.904393] audit: type=1400 audit(1707506313.836:1173): avc: denied { perfmon } for pid=3779 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 118.052782] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information. [ 118.055609] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld . All Rights Reserved. [ 120.372514] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 120.376865] IPv6: ADDRCONF(NETDEV_CHANGE): cali95fe637b96f: link becomes ready [ 121.402666] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 121.405011] IPv6: ADDRCONF(NETDEV_CHANGE): cali3c366aee51b: link becomes ready [ 122.360324] IPv6: ADDRCONF(NETDEV_CHANGE): cali7827b56b7f3: link becomes ready This is ip-172-31-25-191 (Linux aarch64 5.15.148-flatcar) 19:18:38 SSH host key: SHA256:96wFvagVmZqthe8jY3e9RhZ1zYYifRdTDC5KK9Pf/hs (RSA) SSH host key: SHA256:GJbOAa3K2Wznjlupyiy9X3Ed43nRUl12KP+vSg53+q0 (ED25519) SSH host key: SHA256:+tSd/JUUQBkbiRgN+IxqEGkitJwXCcqNqU/CcRGI3hw (ECDSA) eth0: 172.31.25.191 fe80::47e:ebff:fe2c:cf97 ip-172-31-25-191 login: [ 123.149806] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 123.152197] IPv6: ADDRCONF(NETDEV_CHANGE): cali7913b7dcde8: link becomes ready [ 123.271615] kauditd_printk_skb: 435 callbacks suppressed [ 123.271620] audit: type=1325 audit(1707506319.286:1295): table=filter:108 family=2 entries=8 op=nft_register_rule pid=4535 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 123.297137] audit: type=1300 audit(1707506319.286:1295): arch=c00000b7 syscall=211 success=yes exit=2844 a0=3 a1=ffffe88867d0 a2=0 a3=ffffad0916c0 items=0 ppid=2989 pid=4535 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 123.310279] audit: type=1327 audit(1707506319.286:1295): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 123.326955] audit: type=1325 audit(1707506319.341:1296): table=nat:109 family=2 entries=56 op=nft_register_chain pid=4535 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 123.339133] audit: type=1300 audit(1707506319.341:1296): arch=c00000b7 syscall=211 success=yes exit=19452 a0=3 a1=ffffe88867d0 a2=0 a3=ffffad0916c0 items=0 ppid=2989 pid=4535 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 123.363861] audit: type=1327 audit(1707506319.341:1296): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 123.378791] audit: type=1400 audit(1707506319.393:1297): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 123.390934] audit: type=1400 audit(1707506319.393:1298): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 123.406062] audit: type=1400 audit(1707506319.393:1299): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 123.413926] audit: type=1400 audit(1707506319.393:1300): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 This is ip-172-31-25-191 (Linux aarch64 5.15.148-flatcar) 19:18:39 SSH host key: SHA256:96wFvagVmZqthe8jY3e9RhZ1zYYifRdTDC5KK9Pf/hs (RSA) SSH host key: SHA256:GJbOAa3K2Wznjlupyiy9X3Ed43nRUl12KP+vSg53+q0 (ED25519) SSH host key: SHA256:+tSd/JUUQBkbiRgN+IxqEGkitJwXCcqNqU/CcRGI3hw (ECDSA) eth0: 172.31.25.191 fe80::47e:ebff:fe2c:cf97 ip-172-31-25-191 login: This is ip-172-31-25-191 (Linux aarch64 5.15.148-flatcar) 19:18:40 SSH host key: SHA256:96wFvagVmZqthe8jY3e9RhZ1zYYifRdTDC5KK9Pf/hs (RSA) SSH host key: SHA256:GJbOAa3K2Wznjlupyiy9X3Ed43nRUl12KP+vSg53+q0 (ED25519) SSH host key: SHA256:+tSd/JUUQBkbiRgN+IxqEGkitJwXCcqNqU/CcRGI3hw (ECDSA) eth0: 172.31.25.191 fe80::47e:ebff:fe2c:cf97 ip-172-31-25-191 login: This is ip-172-31-25-191 (Linux aarch64 5.15.148-flatcar) 19:18:41 SSH host key: SHA256:96wFvagVmZqthe8jY3e9RhZ1zYYifRdTDC5KK9Pf/hs (RSA) SSH host key: SHA256:GJbOAa3K2Wznjlupyiy9X3Ed43nRUl12KP+vSg53+q0 (ED25519) SSH host key: SHA256:+tSd/JUUQBkbiRgN+IxqEGkitJwXCcqNqU/CcRGI3hw (ECDSA) eth0: 172.31.25.191 fe80::47e:ebff:fe2c:cf97 ip-172-31-25-191 login: This is ip-172-31-25-191 (Linux aarch64 5.15.148-flatcar) 19:18:42 SSH host key: SHA256:96wFvagVmZqthe8jY3e9RhZ1zYYifRdTDC5KK9Pf/hs (RSA) SSH host key: SHA256:GJbOAa3K2Wznjlupyiy9X3Ed43nRUl12KP+vSg53+q0 (ED25519) SSH host key: SHA256:+tSd/JUUQBkbiRgN+IxqEGkitJwXCcqNqU/CcRGI3hw (ECDSA) eth0: 172.31.25.191 fe80::47e:ebff:fe2c:cf97 ip-172-31-25-191 login: [ 128.322636] kauditd_printk_skb: 164 callbacks suppressed [ 128.322642] audit: type=1106 audit(1707506324.335:1346): pid=4642 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 128.342803] audit: type=1104 audit(1707506324.335:1347): pid=4642 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 128.352179] audit: type=1131 audit(1707506324.354:1348): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@7-172.31.25.191:22-147.75.109.163:52688 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 128.527174] audit: type=1400 audit(1707506324.542:1349): avc: denied { watch } for pid=2549 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520981 scontext=system_u:system_r:svirt_lxc_net_t:s0:c84,c928 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 128.539266] audit: type=1300 audit(1707506324.542:1349): arch=c00000b7 syscall=27 success=no exit=-13 a0=a a1=4001220780 a2=fc6 a3=0 items=0 ppid=2375 pid=2549 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c84,c928 key=(null) [ 128.552040] audit: type=1327 audit(1707506324.542:1349): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 128.564118] audit: type=1400 audit(1707506324.542:1350): avc: denied { watch } for pid=2549 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="nvme0n1p9" ino=520996 scontext=system_u:system_r:svirt_lxc_net_t:s0:c84,c928 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 128.576224] audit: type=1300 audit(1707506324.542:1350): arch=c00000b7 syscall=27 success=no exit=-13 a0=a a1=4001cf90b0 a2=fc6 a3=0 items=0 ppid=2375 pid=2549 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c84,c928 key=(null) [ 128.589448] audit: type=1327 audit(1707506324.542:1350): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 129.312625] audit: type=1400 audit(1707506325.327:1351): avc: denied { perfmon } for pid=4683 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 133.347552] kauditd_printk_skb: 60 callbacks suppressed [ 133.347556] audit: type=1130 audit(1707506329.362:1363): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@8-172.31.25.191:22-147.75.109.163:41248 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 133.526148] audit: type=1101 audit(1707506329.541:1364): pid=4721 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 133.540095] audit: type=1103 audit(1707506329.547:1365): pid=4721 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 133.550204] audit: type=1006 audit(1707506329.547:1366): pid=4721 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=9 res=1 [ 133.557034] audit: type=1300 audit(1707506329.547:1366): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffffc22f430 a2=3 a3=1 items=0 ppid=1 pid=4721 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=9 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 133.567264] audit: type=1327 audit(1707506329.547:1366): proctitle=737368643A20636F7265205B707269765D [ 133.586914] audit: type=1105 audit(1707506329.601:1367): pid=4721 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 133.599238] audit: type=1103 audit(1707506329.614:1368): pid=4725 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 133.930497] audit: type=1106 audit(1707506329.945:1369): pid=4721 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 133.946088] audit: type=1104 audit(1707506329.945:1370): pid=4721 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 138.954915] kauditd_printk_skb: 13 callbacks suppressed [ 138.954920] audit: type=1130 audit(1707506334.970:1376): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@9-172.31.25.191:22-147.75.109.163:40934 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 139.140453] audit: type=1101 audit(1707506335.156:1377): pid=4955 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 139.152375] audit: type=1103 audit(1707506335.168:1378): pid=4955 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 139.162122] audit: type=1006 audit(1707506335.168:1379): pid=4955 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=10 res=1 [ 139.168585] audit: type=1300 audit(1707506335.168:1379): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff9906ce0 a2=3 a3=1 items=0 ppid=1 pid=4955 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=10 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 139.179086] audit: type=1327 audit(1707506335.168:1379): proctitle=737368643A20636F7265205B707269765D [ 139.201267] audit: type=1105 audit(1707506335.217:1380): pid=4955 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 139.213381] audit: type=1103 audit(1707506335.229:1381): pid=4957 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 139.447865] audit: type=1106 audit(1707506335.463:1382): pid=4955 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 139.460386] audit: type=1104 audit(1707506335.463:1383): pid=4955 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 144.473919] kauditd_printk_skb: 1 callbacks suppressed [ 144.473923] audit: type=1130 audit(1707506340.489:1385): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@10-172.31.25.191:22-147.75.109.163:40950 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 144.654763] audit: type=1101 audit(1707506340.670:1386): pid=5000 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 144.668600] audit: type=1103 audit(1707506340.683:1387): pid=5000 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 144.678700] audit: type=1006 audit(1707506340.683:1388): pid=5000 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=11 res=1 [ 144.684944] audit: type=1300 audit(1707506340.683:1388): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffd953e2b0 a2=3 a3=1 items=0 ppid=1 pid=5000 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=11 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 144.695647] audit: type=1327 audit(1707506340.683:1388): proctitle=737368643A20636F7265205B707269765D [ 144.719363] audit: type=1105 audit(1707506340.735:1389): pid=5000 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 144.731125] audit: type=1103 audit(1707506340.746:1390): pid=5002 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 144.970985] audit: type=1106 audit(1707506340.986:1391): pid=5000 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 144.982981] audit: type=1104 audit(1707506340.987:1392): pid=5000 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 149.999161] kauditd_printk_skb: 1 callbacks suppressed [ 149.999166] audit: type=1130 audit(1707506346.013:1394): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@11-172.31.25.191:22-147.75.109.163:56078 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 150.179610] audit: type=1101 audit(1707506346.194:1395): pid=5016 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 150.192677] audit: type=1103 audit(1707506346.206:1396): pid=5016 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 150.202466] audit: type=1006 audit(1707506346.206:1397): pid=5016 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=12 res=1 [ 150.208659] audit: type=1300 audit(1707506346.206:1397): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffea018780 a2=3 a3=1 items=0 ppid=1 pid=5016 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=12 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 150.219560] audit: type=1327 audit(1707506346.206:1397): proctitle=737368643A20636F7265205B707269765D [ 150.241101] audit: type=1105 audit(1707506346.255:1398): pid=5016 uid=0 auid=500 ses=12 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 150.253483] audit: type=1103 audit(1707506346.268:1399): pid=5018 uid=0 auid=500 ses=12 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 150.498383] audit: type=1106 audit(1707506346.512:1400): pid=5016 uid=0 auid=500 ses=12 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 150.509974] audit: type=1104 audit(1707506346.512:1401): pid=5016 uid=0 auid=500 ses=12 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 158.038947] kauditd_printk_skb: 23 callbacks suppressed [ 158.038952] audit: type=1130 audit(1707506354.053:1421): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-172.31.25.191:22-147.75.109.163:56114 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 158.219015] audit: type=1101 audit(1707506354.231:1422): pid=5052 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 158.235566] audit: type=1103 audit(1707506354.244:1423): pid=5052 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 158.245356] audit: type=1006 audit(1707506354.244:1424): pid=5052 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=15 res=1 [ 158.263360] audit: type=1300 audit(1707506354.244:1424): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff2157c60 a2=3 a3=1 items=0 ppid=1 pid=5052 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=15 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 158.282075] audit: type=1327 audit(1707506354.244:1424): proctitle=737368643A20636F7265205B707269765D [ 158.291161] audit: type=1105 audit(1707506354.303:1425): pid=5052 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 158.303066] audit: type=1103 audit(1707506354.305:1426): pid=5054 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 158.528093] audit: type=1106 audit(1707506354.542:1427): pid=5052 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 158.539832] audit: type=1104 audit(1707506354.542:1428): pid=5052 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 163.560452] kauditd_printk_skb: 1 callbacks suppressed [ 163.560456] audit: type=1130 audit(1707506359.575:1430): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-172.31.25.191:22-147.75.109.163:51238 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 163.737642] audit: type=1101 audit(1707506359.752:1431): pid=5072 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 163.748198] audit: type=1103 audit(1707506359.753:1432): pid=5072 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 163.757955] audit: type=1006 audit(1707506359.753:1433): pid=5072 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=16 res=1 [ 163.764403] audit: type=1300 audit(1707506359.753:1433): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffec7db1f0 a2=3 a3=1 items=0 ppid=1 pid=5072 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=16 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 163.777183] audit: type=1327 audit(1707506359.753:1433): proctitle=737368643A20636F7265205B707269765D [ 163.796409] audit: type=1105 audit(1707506359.810:1434): pid=5072 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 163.807603] audit: type=1103 audit(1707506359.813:1435): pid=5074 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 164.086549] audit: type=1106 audit(1707506360.101:1436): pid=5072 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 164.098994] audit: type=1104 audit(1707506360.103:1437): pid=5072 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 169.113900] kauditd_printk_skb: 1 callbacks suppressed [ 169.113905] audit: type=1130 audit(1707506365.128:1439): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@16-172.31.25.191:22-147.75.109.163:46250 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 169.289258] audit: type=1101 audit(1707506365.303:1440): pid=5107 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 169.301077] audit: type=1103 audit(1707506365.315:1441): pid=5107 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 169.310873] audit: type=1006 audit(1707506365.316:1442): pid=5107 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=17 res=1 [ 169.316922] audit: type=1300 audit(1707506365.316:1442): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffcce30f80 a2=3 a3=1 items=0 ppid=1 pid=5107 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=17 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 169.327243] audit: type=1327 audit(1707506365.316:1442): proctitle=737368643A20636F7265205B707269765D [ 169.347787] audit: type=1105 audit(1707506365.362:1443): pid=5107 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 169.359597] audit: type=1103 audit(1707506365.374:1444): pid=5109 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 169.654750] audit: type=1106 audit(1707506365.669:1445): pid=5107 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 169.667459] audit: type=1104 audit(1707506365.669:1446): pid=5107 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 174.679485] kauditd_printk_skb: 1 callbacks suppressed [ 174.679489] audit: type=1130 audit(1707506370.694:1448): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@17-172.31.25.191:22-147.75.109.163:46264 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 174.856036] audit: type=1101 audit(1707506370.870:1449): pid=5143 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 174.868488] audit: type=1103 audit(1707506370.882:1450): pid=5143 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 174.878059] audit: type=1006 audit(1707506370.882:1451): pid=5143 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=18 res=1 [ 174.884302] audit: type=1300 audit(1707506370.882:1451): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff5bca770 a2=3 a3=1 items=0 ppid=1 pid=5143 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=18 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 174.894811] audit: type=1327 audit(1707506370.882:1451): proctitle=737368643A20636F7265205B707269765D [ 174.914786] audit: type=1105 audit(1707506370.929:1452): pid=5143 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 174.926903] audit: type=1103 audit(1707506370.941:1453): pid=5145 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 175.179584] audit: type=1106 audit(1707506371.194:1454): pid=5143 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 175.191179] audit: type=1104 audit(1707506371.195:1455): pid=5143 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 183.380166] kauditd_printk_skb: 57 callbacks suppressed [ 183.380171] audit: type=1325 audit(1707506379.394:1497): table=filter:115 family=2 entries=33 op=nft_register_rule pid=5226 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 183.390694] audit: type=1300 audit(1707506379.394:1497): arch=c00000b7 syscall=211 success=yes exit=11996 a0=3 a1=fffffa0668a0 a2=0 a3=ffffb39ad6c0 items=0 ppid=2989 pid=5226 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 183.402752] audit: type=1327 audit(1707506379.394:1497): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 183.409776] audit: type=1325 audit(1707506379.405:1498): table=nat:116 family=2 entries=20 op=nft_register_rule pid=5226 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 183.415656] audit: type=1300 audit(1707506379.405:1498): arch=c00000b7 syscall=211 success=yes exit=5484 a0=3 a1=fffffa0668a0 a2=0 a3=ffffb39ad6c0 items=0 ppid=2989 pid=5226 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 183.428247] audit: type=1327 audit(1707506379.405:1498): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 183.462840] audit: type=1325 audit(1707506379.477:1499): table=filter:117 family=2 entries=34 op=nft_register_rule pid=5228 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 183.469037] audit: type=1300 audit(1707506379.477:1499): arch=c00000b7 syscall=211 success=yes exit=11996 a0=3 a1=ffffef794c10 a2=0 a3=ffffad67f6c0 items=0 ppid=2989 pid=5228 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 183.481416] audit: type=1327 audit(1707506379.477:1499): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 183.492077] audit: type=1325 audit(1707506379.483:1500): table=nat:118 family=2 entries=20 op=nft_register_rule pid=5228 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 184.900929] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 184.903460] IPv6: ADDRCONF(NETDEV_CHANGE): califae1f80f898: link becomes ready This is ip-172-31-25-191 (Linux aarch64 5.15.148-flatcar) 19:19:43 SSH host key: SHA256:96wFvagVmZqthe8jY3e9RhZ1zYYifRdTDC5KK9Pf/hs (RSA) SSH host key: SHA256:GJbOAa3K2Wznjlupyiy9X3Ed43nRUl12KP+vSg53+q0 (ED25519) SSH host key: SHA256:+tSd/JUUQBkbiRgN+IxqEGkitJwXCcqNqU/CcRGI3hw (ECDSA) eth0: 172.31.25.191 fe80::47e:ebff:fe2c:cf97 ip-172-31-25-191 login: [ 188.380283] kauditd_printk_skb: 98 callbacks suppressed [ 188.380288] audit: type=1400 audit(1707506384.394:1544): avc: denied { bpf } for pid=5333 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 188.391333] audit: type=1400 audit(1707506384.394:1544): avc: denied { perfmon } for pid=5333 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 188.399845] audit: type=1400 audit(1707506384.394:1544): avc: denied { perfmon } for pid=5333 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 188.407700] audit: type=1400 audit(1707506384.394:1544): avc: denied { perfmon } for pid=5333 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 188.418936] audit: type=1400 audit(1707506384.394:1544): avc: denied { perfmon } for pid=5333 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 188.427527] audit: type=1400 audit(1707506384.394:1544): avc: denied { perfmon } for pid=5333 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 188.435154] audit: type=1400 audit(1707506384.394:1544): avc: denied { bpf } for pid=5333 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 188.442814] audit: type=1400 audit(1707506384.394:1544): avc: denied { bpf } for pid=5333 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 188.450412] audit: type=1334 audit(1707506384.394:1544): prog-id=193 op=LOAD [ 188.454446] audit: type=1300 audit(1707506384.394:1544): arch=c00000b7 syscall=280 success=yes exit=16 a0=5 a1=40001458e0 a2=78 a3=0 items=0 ppid=5285 pid=5333 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 194.176436] kauditd_printk_skb: 78 callbacks suppressed [ 194.176441] audit: type=1400 audit(1707506390.191:1571): avc: denied { watch } for pid=2549 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520981 scontext=system_u:system_r:svirt_lxc_net_t:s0:c84,c928 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 194.188100] audit: type=1300 audit(1707506390.191:1571): arch=c00000b7 syscall=27 success=no exit=-13 a0=a a1=40026be6e0 a2=fc6 a3=0 items=0 ppid=2375 pid=2549 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c84,c928 key=(null) [ 194.204501] audit: type=1327 audit(1707506390.191:1571): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 194.215039] audit: type=1400 audit(1707506390.198:1572): avc: denied { watch } for pid=2549 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520981 scontext=system_u:system_r:svirt_lxc_net_t:s0:c84,c928 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 194.224558] audit: type=1300 audit(1707506390.198:1572): arch=c00000b7 syscall=27 success=no exit=-13 a0=a a1=40026be700 a2=fc6 a3=0 items=0 ppid=2375 pid=2549 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c84,c928 key=(null) [ 194.236957] audit: type=1327 audit(1707506390.198:1572): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 194.247340] audit: type=1400 audit(1707506390.204:1573): avc: denied { watch } for pid=2549 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520981 scontext=system_u:system_r:svirt_lxc_net_t:s0:c84,c928 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 194.256953] audit: type=1300 audit(1707506390.204:1573): arch=c00000b7 syscall=27 success=no exit=-13 a0=a a1=40026be720 a2=fc6 a3=0 items=0 ppid=2375 pid=2549 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c84,c928 key=(null) [ 194.269368] audit: type=1327 audit(1707506390.204:1573): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 194.279739] audit: type=1400 audit(1707506390.209:1574): avc: denied { watch } for pid=2549 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520981 scontext=system_u:system_r:svirt_lxc_net_t:s0:c84,c928 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 200.812535] kauditd_printk_skb: 13 callbacks suppressed [ 200.812540] audit: type=1130 audit(1707506396.828:1584): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@25-172.31.25.191:22-147.75.109.163:60348 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 200.999980] audit: type=1101 audit(1707506397.015:1585): pid=5438 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 201.011585] audit: type=1103 audit(1707506397.021:1586): pid=5438 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 201.021208] audit: type=1006 audit(1707506397.021:1587): pid=5438 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=26 res=1 [ 201.027046] audit: type=1300 audit(1707506397.021:1587): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffc0a98840 a2=3 a3=1 items=0 ppid=1 pid=5438 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=26 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 201.037074] audit: type=1327 audit(1707506397.021:1587): proctitle=737368643A20636F7265205B707269765D [ 201.058479] audit: type=1105 audit(1707506397.073:1588): pid=5438 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 201.069562] audit: type=1103 audit(1707506397.076:1589): pid=5440 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 201.301912] audit: type=1106 audit(1707506397.317:1590): pid=5438 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 201.315580] audit: type=1104 audit(1707506397.317:1591): pid=5438 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 206.327888] kauditd_printk_skb: 1 callbacks suppressed [ 206.327892] audit: type=1130 audit(1707506402.343:1593): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@26-172.31.25.191:22-147.75.109.163:60356 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 206.505113] audit: type=1101 audit(1707506402.521:1594): pid=5458 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 206.515074] audit: type=1103 audit(1707506402.523:1595): pid=5458 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 206.524673] audit: type=1006 audit(1707506402.523:1596): pid=5458 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=27 res=1 [ 206.530844] audit: type=1300 audit(1707506402.523:1596): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffffb0cf290 a2=3 a3=1 items=0 ppid=1 pid=5458 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=27 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 206.541784] audit: type=1327 audit(1707506402.523:1596): proctitle=737368643A20636F7265205B707269765D [ 206.560512] audit: type=1105 audit(1707506402.576:1597): pid=5458 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 206.572467] audit: type=1103 audit(1707506402.588:1598): pid=5461 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 206.809179] audit: type=1106 audit(1707506402.825:1599): pid=5458 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 206.823075] audit: type=1104 audit(1707506402.825:1600): pid=5458 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 211.837970] kauditd_printk_skb: 1 callbacks suppressed [ 211.837975] audit: type=1130 audit(1707506407.854:1602): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@27-172.31.25.191:22-147.75.109.163:43866 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 212.020292] audit: type=1101 audit(1707506408.036:1603): pid=5475 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 212.030369] audit: type=1103 audit(1707506408.039:1604): pid=5475 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 212.040579] audit: type=1006 audit(1707506408.039:1605): pid=5475 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=28 res=1 [ 212.047216] audit: type=1300 audit(1707506408.039:1605): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffffd236100 a2=3 a3=1 items=0 ppid=1 pid=5475 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=28 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 212.057617] audit: type=1327 audit(1707506408.039:1605): proctitle=737368643A20636F7265205B707269765D [ 212.091697] audit: type=1105 audit(1707506408.107:1606): pid=5475 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 212.106921] audit: type=1103 audit(1707506408.119:1607): pid=5477 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 212.360877] audit: type=1106 audit(1707506408.376:1608): pid=5475 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 212.376229] audit: type=1104 audit(1707506408.376:1609): pid=5475 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 217.386991] kauditd_printk_skb: 13 callbacks suppressed [ 217.386996] audit: type=1130 audit(1707506413.403:1615): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@28-172.31.25.191:22-147.75.109.163:43874 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 217.572078] audit: type=1101 audit(1707506413.588:1616): pid=5513 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 217.583124] audit: type=1103 audit(1707506413.590:1617): pid=5513 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 217.593942] audit: type=1006 audit(1707506413.590:1618): pid=5513 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=29 res=1 [ 217.601026] audit: type=1300 audit(1707506413.590:1618): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffd604ca90 a2=3 a3=1 items=0 ppid=1 pid=5513 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=29 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 217.618875] audit: type=1327 audit(1707506413.590:1618): proctitle=737368643A20636F7265205B707269765D [ 217.629472] audit: type=1105 audit(1707506413.645:1619): pid=5513 uid=0 auid=500 ses=29 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 217.641110] audit: type=1103 audit(1707506413.648:1620): pid=5516 uid=0 auid=500 ses=29 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 217.889542] audit: type=1106 audit(1707506413.905:1621): pid=5513 uid=0 auid=500 ses=29 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 217.904577] audit: type=1104 audit(1707506413.905:1622): pid=5513 uid=0 auid=500 ses=29 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 232.687866] kauditd_printk_skb: 1 callbacks suppressed [ 232.687871] audit: type=1334 audit(1707506428.703:1624): prog-id=89 op=UNLOAD [ 232.692648] audit: type=1334 audit(1707506428.703:1625): prog-id=102 op=UNLOAD [ 233.158769] audit: type=1334 audit(1707506429.174:1626): prog-id=126 op=UNLOAD [ 233.163794] audit: type=1334 audit(1707506429.179:1627): prog-id=129 op=UNLOAD [ 233.694562] audit: type=1400 audit(1707506429.709:1628): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 233.703905] audit: type=1400 audit(1707506429.710:1629): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 233.711944] audit: type=1400 audit(1707506429.710:1630): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 233.719569] audit: type=1400 audit(1707506429.710:1631): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 233.738311] audit: type=1400 audit(1707506429.710:1632): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 233.746062] audit: type=1400 audit(1707506429.710:1633): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 238.190638] kauditd_printk_skb: 114 callbacks suppressed [ 238.190643] audit: type=1334 audit(1707506434.206:1666): prog-id=85 op=UNLOAD [ 238.195266] audit: type=1334 audit(1707506434.206:1667): prog-id=110 op=UNLOAD [ 238.694475] audit: type=1400 audit(1707506434.709:1668): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 238.701918] audit: type=1400 audit(1707506434.709:1669): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 238.709318] audit: type=1400 audit(1707506434.709:1670): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 238.716833] audit: type=1400 audit(1707506434.709:1671): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 238.724533] audit: type=1400 audit(1707506434.709:1672): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 238.732461] audit: type=1400 audit(1707506434.709:1673): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 238.740448] audit: type=1400 audit(1707506434.709:1674): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 238.748594] audit: type=1400 audit(1707506434.709:1675): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0