uid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c706,c842 key=(null) [ 92.720859] audit: type=1327 audit(1712946125.832:728): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D3137322E33312E32302E3430002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B7562 [ 96.776991] kauditd_printk_skb: 14 callbacks suppressed [ 96.776995] audit: type=1400 audit(1712946129.919:733): avc: denied { watch } for pid=2570 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520964 scontext=system_u:system_r:svirt_lxc_net_t:s0:c97,c907 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 96.794567] audit: type=1300 audit(1712946129.919:733): arch=c00000b7 syscall=27 success=no exit=-13 a0=a a1=4000f545c0 a2=fc6 a3=0 items=0 ppid=2437 pid=2570 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c97,c907 key=(null) [ 96.806597] audit: type=1327 audit(1712946129.919:733): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 96.816699] audit: type=1400 audit(1712946129.921:734): avc: denied { watch } for pid=2570 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520964 scontext=system_u:system_r:svirt_lxc_net_t:s0:c97,c907 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 96.827411] audit: type=1300 audit(1712946129.921:734): arch=c00000b7 syscall=27 success=no exit=-13 a0=9 a1=4000eb9fa0 a2=fc6 a3=0 items=0 ppid=2437 pid=2570 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c97,c907 key=(null) [ 96.840159] audit: type=1327 audit(1712946129.921:734): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 96.850667] audit: type=1400 audit(1712946129.921:735): avc: denied { watch } for pid=2570 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520964 scontext=system_u:system_r:svirt_lxc_net_t:s0:c97,c907 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 96.860203] audit: type=1300 audit(1712946129.921:735): arch=c00000b7 syscall=27 success=no exit=-13 a0=9 a1=40010b4700 a2=fc6 a3=0 items=0 ppid=2437 pid=2570 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c97,c907 key=(null) [ 96.873631] audit: type=1327 audit(1712946129.921:735): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 96.884492] audit: type=1400 audit(1712946129.921:736): avc: denied { watch } for pid=2570 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520964 scontext=system_u:system_r:svirt_lxc_net_t:s0:c97,c907 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 103.943059] kauditd_printk_skb: 263 callbacks suppressed [ 103.943064] audit: type=1106 audit(1712946137.085:987): pid=1951 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 103.954338] audit: type=1104 audit(1712946137.085:988): pid=1951 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 103.968757] audit: type=1106 audit(1712946137.110:989): pid=1948 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 103.982668] audit: type=1104 audit(1712946137.110:990): pid=1948 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 103.993560] audit: type=1131 audit(1712946137.125:991): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@6-172.31.20.40:22-139.178.89.65:38684 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 109.514206] audit: type=1400 audit(1712946142.656:992): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 109.523029] audit: type=1400 audit(1712946142.656:993): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 109.530651] audit: type=1400 audit(1712946142.656:994): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 109.538468] audit: type=1400 audit(1712946142.656:995): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 109.546331] audit: type=1400 audit(1712946142.656:996): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 109.555542] audit: type=1400 audit(1712946142.656:997): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 109.563861] audit: type=1400 audit(1712946142.656:998): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 109.572165] audit: type=1400 audit(1712946142.656:999): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 109.582271] audit: type=1400 audit(1712946142.656:1000): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 109.589734] audit: type=1400 audit(1712946142.656:1001): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 116.829905] kauditd_printk_skb: 357 callbacks suppressed [ 116.829910] audit: type=1325 audit(1712946149.971:1103): table=filter:89 family=2 entries=15 op=nft_register_rule pid=3167 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 116.837470] audit: type=1300 audit(1712946149.971:1103): arch=c00000b7 syscall=211 success=yes exit=5908 a0=3 a1=fffff9d9ab00 a2=0 a3=1 items=0 ppid=2950 pid=3167 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 116.848665] audit: type=1327 audit(1712946149.971:1103): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 116.856118] audit: type=1325 audit(1712946149.975:1104): table=nat:90 family=2 entries=12 op=nft_register_rule pid=3167 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 116.861684] audit: type=1300 audit(1712946149.975:1104): arch=c00000b7 syscall=211 success=yes exit=2700 a0=3 a1=fffff9d9ab00 a2=0 a3=1 items=0 ppid=2950 pid=3167 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 116.873052] audit: type=1327 audit(1712946149.975:1104): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 116.881347] audit: type=1325 audit(1712946150.023:1105): table=filter:91 family=2 entries=16 op=nft_register_rule pid=3169 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 116.887120] audit: type=1300 audit(1712946150.023:1105): arch=c00000b7 syscall=211 success=yes exit=5908 a0=3 a1=ffffcbdf53e0 a2=0 a3=1 items=0 ppid=2950 pid=3169 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 116.898306] audit: type=1327 audit(1712946150.023:1105): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 116.905854] audit: type=1325 audit(1712946150.025:1106): table=nat:92 family=2 entries=12 op=nft_register_rule pid=3169 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 121.922580] kauditd_printk_skb: 179 callbacks suppressed [ 121.922585] audit: type=1400 audit(1712946155.065:1163): avc: denied { perfmon } for pid=3401 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 121.932128] audit: type=1300 audit(1712946155.065:1163): arch=c00000b7 syscall=280 success=yes exit=15 a0=0 a1=40001455a0 a2=3c a3=0 items=0 ppid=3241 pid=3401 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 121.944282] audit: type=1327 audit(1712946155.065:1163): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6331626337633338343733643434653135663533623335343936333163 [ 121.959868] audit: type=1400 audit(1712946155.066:1164): avc: denied { bpf } for pid=3401 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 121.968886] audit: type=1400 audit(1712946155.066:1164): avc: denied { bpf } for pid=3401 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 121.980732] audit: type=1400 audit(1712946155.066:1164): avc: denied { bpf } for pid=3401 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 121.988788] audit: type=1400 audit(1712946155.066:1164): avc: denied { perfmon } for pid=3401 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 121.996398] audit: type=1400 audit(1712946155.066:1164): avc: denied { perfmon } for pid=3401 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 122.005941] audit: type=1400 audit(1712946155.066:1164): avc: denied { perfmon } for pid=3401 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 122.013425] audit: type=1400 audit(1712946155.066:1164): avc: denied { perfmon } for pid=3401 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 128.269713] kauditd_printk_skb: 34 callbacks suppressed [ 128.269717] audit: type=1400 audit(1712946161.412:1170): avc: denied { perfmon } for pid=3467 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 128.279144] audit: type=1300 audit(1712946161.412:1170): arch=c00000b7 syscall=280 success=yes exit=15 a0=0 a1=40001955a0 a2=3c a3=0 items=0 ppid=3241 pid=3467 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 128.290329] audit: type=1327 audit(1712946161.412:1170): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3830363034313830386432383961373265666333326663303231356566 [ 128.305456] audit: type=1400 audit(1712946161.412:1171): avc: denied { bpf } for pid=3467 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 128.313756] audit: type=1400 audit(1712946161.412:1171): avc: denied { bpf } for pid=3467 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 128.321271] audit: type=1400 audit(1712946161.412:1171): avc: denied { bpf } for pid=3467 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 128.330729] audit: type=1400 audit(1712946161.412:1171): avc: denied { perfmon } for pid=3467 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 128.339608] audit: type=1400 audit(1712946161.412:1171): avc: denied { perfmon } for pid=3467 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 128.348143] audit: type=1400 audit(1712946161.412:1171): avc: denied { perfmon } for pid=3467 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 128.356122] audit: type=1400 audit(1712946161.412:1171): avc: denied { perfmon } for pid=3467 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 136.664624] kauditd_printk_skb: 34 callbacks suppressed [ 136.664628] audit: type=1325 audit(1712946169.807:1177): table=filter:95 family=2 entries=15 op=nft_register_rule pid=3724 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 136.674894] audit: type=1300 audit(1712946169.807:1177): arch=c00000b7 syscall=211 success=yes exit=5164 a0=3 a1=ffffcd18fe30 a2=0 a3=1 items=0 ppid=2950 pid=3724 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 136.686924] audit: type=1327 audit(1712946169.807:1177): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 136.694031] audit: type=1325 audit(1712946169.817:1178): table=nat:96 family=2 entries=19 op=nft_register_chain pid=3724 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 136.699943] audit: type=1300 audit(1712946169.817:1178): arch=c00000b7 syscall=211 success=yes exit=6276 a0=3 a1=ffffcd18fe30 a2=0 a3=1 items=0 ppid=2950 pid=3724 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 136.712592] audit: type=1327 audit(1712946169.817:1178): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 140.380038] audit: type=1400 audit(1712946173.523:1179): avc: denied { perfmon } for pid=3739 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 140.388234] audit: type=1300 audit(1712946173.523:1179): arch=c00000b7 syscall=280 success=yes exit=15 a0=0 a1=40001c55a0 a2=3c a3=0 items=0 ppid=3241 pid=3739 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 140.399761] audit: type=1327 audit(1712946173.523:1179): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6664373035656530613538626662376136363134396539613965323830 [ 140.410375] audit: type=1400 audit(1712946173.523:1180): avc: denied { bpf } for pid=3739 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 140.571220] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information. [ 140.574037] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld . All Rights Reserved. [ 142.486152] kauditd_printk_skb: 39 callbacks suppressed [ 142.486156] audit: type=1400 audit(1712946175.629:1185): avc: denied { write } for pid=3883 comm="tee" name="fd" dev="proc" ino=20269 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 [ 142.495610] audit: type=1400 audit(1712946175.632:1186): avc: denied { write } for pid=3936 comm="tee" name="fd" dev="proc" ino=21014 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 [ 142.523337] audit: type=1300 audit(1712946175.632:1186): arch=c00000b7 syscall=56 success=yes exit=3 a0=ffffffffffffff9c a1=fffff5068987 a2=241 a3=1b6 items=1 ppid=3853 pid=3936 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) [ 142.535280] audit: type=1307 audit(1712946175.632:1186): cwd="/etc/service/enabled/felix/log" [ 142.541125] audit: type=1302 audit(1712946175.632:1186): item=0 name="/dev/fd/63" inode=20258 dev=00:0b mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 142.550648] audit: type=1327 audit(1712946175.632:1186): proctitle=2F7573722F62696E2F636F72657574696C73002D2D636F72657574696C732D70726F672D73686562616E673D746565002F7573722F62696E2F746565002F6465762F66642F3633 [ 142.560099] audit: type=1400 audit(1712946175.648:1187): avc: denied { write } for pid=3924 comm="tee" name="fd" dev="proc" ino=21018 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 [ 142.576371] audit: type=1300 audit(1712946175.648:1187): arch=c00000b7 syscall=56 success=yes exit=3 a0=ffffffffffffff9c a1=ffffcb2de987 a2=241 a3=1b6 items=1 ppid=3858 pid=3924 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) [ 142.590343] audit: type=1307 audit(1712946175.648:1187): cwd="/etc/service/enabled/bird6/log" [ 142.595290] audit: type=1302 audit(1712946175.648:1187): item=0 name="/dev/fd/63" inode=20250 dev=00:0b mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 143.763859] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 143.766191] IPv6: ADDRCONF(NETDEV_CHANGE): calibd51c6fc8db: link becomes ready [ 143.849629] IPv6: ADDRCONF(NETDEV_CHANGE): cali2cc3cd46570: link becomes ready [ 145.017169] IPv6: ADDRCONF(NETDEV_CHANGE): calie64e1bdfc90: link becomes ready This is ip-172-31-20-40 (Linux aarch64 5.15.154-flatcar) 18:22:58 SSH host key: SHA256:DDgQf79lr+tiMiFAKfU6bU3D0zH3S2/AV1h+V4psxWw (ED25519) SSH host key: SHA256:k1vfbgPcKSCNFg7WJJF6KPByVAk51dxyVMOj4oGLJB8 (RSA) SSH host key: SHA256:9IFVG/bU23/T7TFTnSws8il9hIDTaTy863NPHXXya6w (ECDSA) eth0: 172.31.20.40 fe80::43f:2eff:fe9f:f3e1 ip-172-31-20-40 login: [ 145.886990] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 145.889317] IPv6: ADDRCONF(NETDEV_CHANGE): cali75208caf67b: link becomes ready This is ip-172-31-20-40 (Linux aarch64 5.15.154-flatcar) 18:22:59 SSH host key: SHA256:DDgQf79lr+tiMiFAKfU6bU3D0zH3S2/AV1h+V4psxWw (ED25519) SSH host key: SHA256:k1vfbgPcKSCNFg7WJJF6KPByVAk51dxyVMOj4oGLJB8 (RSA) SSH host key: SHA256:9IFVG/bU23/T7TFTnSws8il9hIDTaTy863NPHXXya6w (ECDSA) eth0: 172.31.20.40 fe80::43f:2eff:fe9f:f3e1 ip-172-31-20-40 login: This is ip-172-31-20-40 (Linux aarch64 5.15.154-flatcar) 18:23:00 SSH host key: SHA256:DDgQf79lr+tiMiFAKfU6bU3D0zH3S2/AV1h+V4psxWw (ED25519) SSH host key: SHA256:k1vfbgPcKSCNFg7WJJF6KPByVAk51dxyVMOj4oGLJB8 (RSA) SSH host key: SHA256:9IFVG/bU23/T7TFTnSws8il9hIDTaTy863NPHXXya6w (ECDSA) eth0: 172.31.20.40 fe80::43f:2eff:fe9f:f3e1 ip-172-31-20-40 login: This is ip-172-31-20-40 (Linux aarch64 5.15.154-flatcar) 18:23:01 SSH host key: SHA256:DDgQf79lr+tiMiFAKfU6bU3D0zH3S2/AV1h+V4psxWw (ED25519) SSH host key: SHA256:k1vfbgPcKSCNFg7WJJF6KPByVAk51dxyVMOj4oGLJB8 (RSA) SSH host key: SHA256:9IFVG/bU23/T7TFTnSws8il9hIDTaTy863NPHXXya6w (ECDSA) eth0: 172.31.20.40 fe80::43f:2eff:fe9f:f3e1 ip-172-31-20-40 login: [ 150.418074] kauditd_printk_skb: 532 callbacks suppressed [ 150.418079] audit: type=1130 audit(1712946183.561:1337): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@7-172.31.20.40:22-139.178.89.65:56374 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 150.650868] audit: type=1101 audit(1712946183.794:1338): pid=4569 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 150.670448] audit: type=1103 audit(1712946183.804:1339): pid=4569 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 150.690300] audit: type=1006 audit(1712946183.804:1340): pid=4569 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=8 res=1 [ 150.699379] audit: type=1300 audit(1712946183.804:1340): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff4e7d6a0 a2=3 a3=1 items=0 ppid=1 pid=4569 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=8 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 150.724500] audit: type=1327 audit(1712946183.804:1340): proctitle=737368643A20636F7265205B707269765D [ 150.727790] audit: type=1105 audit(1712946183.856:1341): pid=4569 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 150.743026] audit: type=1103 audit(1712946183.859:1342): pid=4574 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 151.129442] audit: type=1400 audit(1712946184.272:1343): avc: denied { watch } for pid=2570 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520964 scontext=system_u:system_r:svirt_lxc_net_t:s0:c97,c907 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 151.149329] audit: type=1300 audit(1712946184.272:1343): arch=c00000b7 syscall=27 success=no exit=-13 a0=a a1=400278b820 a2=fc6 a3=0 items=0 ppid=2437 pid=2570 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c97,c907 key=(null) [ 156.179499] kauditd_printk_skb: 125 callbacks suppressed [ 156.179504] audit: type=1130 audit(1712946189.322:1378): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@8-172.31.20.40:22-139.178.89.65:33596 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 156.371408] audit: type=1101 audit(1712946189.514:1379): pid=4710 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 156.383569] audit: type=1103 audit(1712946189.526:1380): pid=4710 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 156.393516] audit: type=1006 audit(1712946189.526:1381): pid=4710 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=9 res=1 [ 156.399358] audit: type=1300 audit(1712946189.526:1381): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffffef4c1b0 a2=3 a3=1 items=0 ppid=1 pid=4710 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=9 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 156.410752] audit: type=1327 audit(1712946189.526:1381): proctitle=737368643A20636F7265205B707269765D [ 156.432011] audit: type=1105 audit(1712946189.573:1382): pid=4710 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 156.444286] audit: type=1103 audit(1712946189.587:1383): pid=4712 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 156.682935] audit: type=1106 audit(1712946189.826:1384): pid=4710 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 156.694208] audit: type=1104 audit(1712946189.826:1385): pid=4710 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 161.707359] kauditd_printk_skb: 13 callbacks suppressed [ 161.707363] audit: type=1130 audit(1712946194.850:1391): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@9-172.31.20.40:22-139.178.89.65:33598 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 161.884073] audit: type=1101 audit(1712946195.027:1392): pid=4946 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 161.896511] audit: type=1103 audit(1712946195.039:1393): pid=4946 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 161.906357] audit: type=1006 audit(1712946195.039:1394): pid=4946 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=10 res=1 [ 161.913039] audit: type=1300 audit(1712946195.039:1394): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffcb96b440 a2=3 a3=1 items=0 ppid=1 pid=4946 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=10 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 161.923508] audit: type=1327 audit(1712946195.039:1394): proctitle=737368643A20636F7265205B707269765D [ 161.948298] audit: type=1105 audit(1712946195.091:1395): pid=4946 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 161.960341] audit: type=1103 audit(1712946195.103:1396): pid=4948 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 162.193017] audit: type=1106 audit(1712946195.336:1397): pid=4946 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 162.205683] audit: type=1104 audit(1712946195.336:1398): pid=4946 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 168.575726] kauditd_printk_skb: 23 callbacks suppressed [ 168.575731] audit: type=1130 audit(1712946201.719:1418): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@12-172.31.20.40:22-139.178.89.65:59950 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 168.756047] audit: type=1101 audit(1712946201.899:1419): pid=4996 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 168.766682] audit: type=1103 audit(1712946201.901:1420): pid=4996 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 168.777758] audit: type=1006 audit(1712946201.901:1421): pid=4996 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=13 res=1 [ 168.783555] audit: type=1300 audit(1712946201.901:1421): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff4cc3380 a2=3 a3=1 items=0 ppid=1 pid=4996 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=13 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 168.793615] audit: type=1327 audit(1712946201.901:1421): proctitle=737368643A20636F7265205B707269765D [ 168.810947] audit: type=1105 audit(1712946201.952:1422): pid=4996 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 168.822616] audit: type=1103 audit(1712946201.966:1423): pid=4998 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 169.055163] audit: type=1106 audit(1712946202.198:1424): pid=4996 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 169.069281] audit: type=1104 audit(1712946202.198:1425): pid=4996 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 174.081553] kauditd_printk_skb: 1 callbacks suppressed [ 174.081557] audit: type=1130 audit(1712946207.225:1427): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@13-172.31.20.40:22-139.178.89.65:42022 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 174.251209] audit: type=1101 audit(1712946207.394:1428): pid=5015 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 174.262123] audit: type=1103 audit(1712946207.397:1429): pid=5015 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 174.271865] audit: type=1006 audit(1712946207.397:1430): pid=5015 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=14 res=1 [ 174.278227] audit: type=1300 audit(1712946207.397:1430): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffffe3cb30 a2=3 a3=1 items=0 ppid=1 pid=5015 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 174.288375] audit: type=1327 audit(1712946207.397:1430): proctitle=737368643A20636F7265205B707269765D [ 174.307001] audit: type=1105 audit(1712946207.450:1431): pid=5015 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 174.318104] audit: type=1103 audit(1712946207.453:1432): pid=5017 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 174.544687] audit: type=1106 audit(1712946207.688:1433): pid=5015 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 174.559029] audit: type=1104 audit(1712946207.688:1434): pid=5015 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 179.574801] kauditd_printk_skb: 1 callbacks suppressed [ 179.574806] audit: type=1130 audit(1712946212.718:1436): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-172.31.20.40:22-139.178.89.65:42026 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 179.753114] audit: type=1101 audit(1712946212.896:1437): pid=5033 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 179.766604] audit: type=1103 audit(1712946212.908:1438): pid=5033 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 179.776820] audit: type=1006 audit(1712946212.908:1439): pid=5033 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=15 res=1 [ 179.792740] audit: type=1300 audit(1712946212.908:1439): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffc0a46b90 a2=3 a3=1 items=0 ppid=1 pid=5033 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=15 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 179.811175] audit: type=1327 audit(1712946212.908:1439): proctitle=737368643A20636F7265205B707269765D [ 179.818454] audit: type=1105 audit(1712946212.954:1440): pid=5033 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 179.833445] audit: type=1103 audit(1712946212.958:1441): pid=5035 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 180.097468] audit: type=1106 audit(1712946213.239:1442): pid=5033 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 180.110061] audit: type=1104 audit(1712946213.240:1443): pid=5033 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 185.122279] kauditd_printk_skb: 1 callbacks suppressed [ 185.122284] audit: type=1130 audit(1712946218.265:1445): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-172.31.20.40:22-139.178.89.65:35632 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 185.296942] audit: type=1101 audit(1712946218.440:1446): pid=5077 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 185.309213] audit: type=1103 audit(1712946218.452:1447): pid=5077 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 185.318886] audit: type=1006 audit(1712946218.452:1448): pid=5077 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=16 res=1 [ 185.325463] audit: type=1300 audit(1712946218.452:1448): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffc3db1d80 a2=3 a3=1 items=0 ppid=1 pid=5077 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=16 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 185.335909] audit: type=1327 audit(1712946218.452:1448): proctitle=737368643A20636F7265205B707269765D [ 185.355349] audit: type=1105 audit(1712946218.498:1449): pid=5077 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 185.366547] audit: type=1103 audit(1712946218.499:1450): pid=5079 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 185.586368] audit: type=1106 audit(1712946218.729:1451): pid=5077 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 185.598196] audit: type=1104 audit(1712946218.732:1452): pid=5077 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 190.247307] kauditd_printk_skb: 1 callbacks suppressed [ 190.247312] audit: type=1325 audit(1712946223.390:1454): table=filter:112 family=2 entries=8 op=nft_register_rule pid=5110 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 190.255096] audit: type=1300 audit(1712946223.390:1454): arch=c00000b7 syscall=211 success=yes exit=2932 a0=3 a1=ffffee161a20 a2=0 a3=1 items=0 ppid=2950 pid=5110 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 190.266513] audit: type=1327 audit(1712946223.390:1454): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 190.273683] audit: type=1325 audit(1712946223.398:1455): table=nat:113 family=2 entries=20 op=nft_register_rule pid=5110 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 190.279611] audit: type=1300 audit(1712946223.398:1455): arch=c00000b7 syscall=211 success=yes exit=5772 a0=3 a1=ffffee161a20 a2=0 a3=1 items=0 ppid=2950 pid=5110 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 190.291114] audit: type=1327 audit(1712946223.398:1455): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 190.297907] audit: type=1325 audit(1712946223.437:1456): table=filter:114 family=2 entries=9 op=nft_register_rule pid=5112 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 190.303844] audit: type=1300 audit(1712946223.437:1456): arch=c00000b7 syscall=211 success=yes exit=3676 a0=3 a1=fffff816ccb0 a2=0 a3=1 items=0 ppid=2950 pid=5112 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 190.315397] audit: type=1327 audit(1712946223.437:1456): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 190.321193] audit: type=1325 audit(1712946223.443:1457): table=nat:115 family=2 entries=20 op=nft_register_rule pid=5112 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 191.440215] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 191.442524] IPv6: ADDRCONF(NETDEV_CHANGE): calic4f4434a7cd: link becomes ready This is ip-172-31-20-40 (Linux aarch64 5.15.154-flatcar) 18:23:46 SSH host key: SHA256:DDgQf79lr+tiMiFAKfU6bU3D0zH3S2/AV1h+V4psxWw (ED25519) SSH host key: SHA256:k1vfbgPcKSCNFg7WJJF6KPByVAk51dxyVMOj4oGLJB8 (RSA) SSH host key: SHA256:9IFVG/bU23/T7TFTnSws8il9hIDTaTy863NPHXXya6w (ECDSA) eth0: 172.31.20.40 fe80::43f:2eff:fe9f:f3e1 ip-172-31-20-40 login: [ 195.250276] kauditd_printk_skb: 118 callbacks suppressed [ 195.252267] audit: type=1130 audit(1712946228.393:1517): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@20-172.31.20.40:22-139.178.89.65:55448 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 195.446011] audit: type=1101 audit(1712946228.589:1518): pid=5242 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 195.456848] audit: type=1103 audit(1712946228.589:1519): pid=5242 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 195.466901] audit: type=1006 audit(1712946228.589:1520): pid=5242 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=21 res=1 [ 195.478311] audit: type=1300 audit(1712946228.589:1520): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffd6b7b020 a2=3 a3=1 items=0 ppid=1 pid=5242 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=21 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 195.491046] audit: type=1327 audit(1712946228.589:1520): proctitle=737368643A20636F7265205B707269765D [ 195.495002] audit: type=1105 audit(1712946228.621:1521): pid=5242 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 195.510137] audit: type=1103 audit(1712946228.622:1522): pid=5244 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 195.601329] audit: type=1400 audit(1712946228.742:1523): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 195.610562] audit: type=1400 audit(1712946228.742:1524): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 140.571220] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information. [ 140.574037] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld . All Rights Reserved. [ 142.486152] kauditd_printk_skb: 39 callbacks suppressed [ 142.486156] audit: type=1400 audit(1712946175.629:1185): avc: denied { write } for pid=3883 comm="tee" name="fd" dev="proc" ino=20269 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 [ 142.495610] audit: type=1400 audit(1712946175.632:1186): avc: denied { write } for pid=3936 comm="tee" name="fd" dev="proc" ino=21014 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 [ 142.523337] audit: type=1300 audit(1712946175.632:1186): arch=c00000b7 syscall=56 success=yes exit=3 a0=ffffffffffffff9c a1=fffff5068987 a2=241 a3=1b6 items=1 ppid=3853 pid=3936 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) [ 142.535280] audit: type=1307 audit(1712946175.632:1186): cwd="/etc/service/enabled/felix/log" [ 142.541125] audit: type=1302 audit(1712946175.632:1186): item=0 name="/dev/fd/63" inode=20258 dev=00:0b mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 142.550648] audit: type=1327 audit(1712946175.632:1186): proctitle=2F7573722F62696E2F636F72657574696C73002D2D636F72657574696C732D70726F672D73686562616E673D746565002F7573722F62696E2F746565002F6465762F66642F3633 [ 142.560099] audit: type=1400 audit(1712946175.648:1187): avc: denied { write } for pid=3924 comm="tee" name="fd" dev="proc" ino=21018 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 [ 142.576371] audit: type=1300 audit(1712946175.648:1187): arch=c00000b7 syscall=56 success=yes exit=3 a0=ffffffffffffff9c a1=ffffcb2de987 a2=241 a3=1b6 items=1 ppid=3858 pid=3924 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) [ 142.590343] audit: type=1307 audit(1712946175.648:1187): cwd="/etc/service/enabled/bird6/log" [ 142.595290] audit: type=1302 audit(1712946175.648:1187): item=0 name="/dev/fd/63" inode=20250 dev=00:0b mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 143.763859] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 143.766191] IPv6: ADDRCONF(NETDEV_CHANGE): calibd51c6fc8db: link becomes ready [ 143.849629] IPv6: ADDRCONF(NETDEV_CHANGE): cali2cc3cd46570: link becomes ready [ 145.017169] IPv6: ADDRCONF(NETDEV_CHANGE): calie64e1bdfc90: link becomes ready This is ip-172-31-20-40 (Linux aarch64 5.15.154-flatcar) 18:22:58 SSH host key: SHA256:DDgQf79lr+tiMiFAKfU6bU3D0zH3S2/AV1h+V4psxWw (ED25519) SSH host key: SHA256:k1vfbgPcKSCNFg7WJJF6KPByVAk51dxyVMOj4oGLJB8 (RSA) SSH host key: SHA256:9IFVG/bU23/T7TFTnSws8il9hIDTaTy863NPHXXya6w (ECDSA) eth0: 172.31.20.40 fe80::43f:2eff:fe9f:f3e1 ip-172-31-20-40 login: [ 145.886990] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 145.889317] IPv6: ADDRCONF(NETDEV_CHANGE): cali75208caf67b: link becomes ready This is ip-172-31-20-40 (Linux aarch64 5.15.154-flatcar) 18:22:59 SSH host key: SHA256:DDgQf79lr+tiMiFAKfU6bU3D0zH3S2/AV1h+V4psxWw (ED25519) SSH host key: SHA256:k1vfbgPcKSCNFg7WJJF6KPByVAk51dxyVMOj4oGLJB8 (RSA) SSH host key: SHA256:9IFVG/bU23/T7TFTnSws8il9hIDTaTy863NPHXXya6w (ECDSA) eth0: 172.31.20.40 fe80::43f:2eff:fe9f:f3e1 ip-172-31-20-40 login: This is ip-172-31-20-40 (Linux aarch64 5.15.154-flatcar) 18:23:00 SSH host key: SHA256:DDgQf79lr+tiMiFAKfU6bU3D0zH3S2/AV1h+V4psxWw (ED25519) SSH host key: SHA256:k1vfbgPcKSCNFg7WJJF6KPByVAk51dxyVMOj4oGLJB8 (RSA) SSH host key: SHA256:9IFVG/bU23/T7TFTnSws8il9hIDTaTy863NPHXXya6w (ECDSA) eth0: 172.31.20.40 fe80::43f:2eff:fe9f:f3e1 ip-172-31-20-40 login: This is ip-172-31-20-40 (Linux aarch64 5.15.154-flatcar) 18:23:01 SSH host key: SHA256:DDgQf79lr+tiMiFAKfU6bU3D0zH3S2/AV1h+V4psxWw (ED25519) SSH host key: SHA256:k1vfbgPcKSCNFg7WJJF6KPByVAk51dxyVMOj4oGLJB8 (RSA) SSH host key: SHA256:9IFVG/bU23/T7TFTnSws8il9hIDTaTy863NPHXXya6w (ECDSA) eth0: 172.31.20.40 fe80::43f:2eff:fe9f:f3e1 ip-172-31-20-40 login: [ 150.418074] kauditd_printk_skb: 532 callbacks suppressed [ 150.418079] audit: type=1130 audit(1712946183.561:1337): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@7-172.31.20.40:22-139.178.89.65:56374 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 150.650868] audit: type=1101 audit(1712946183.794:1338): pid=4569 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 150.670448] audit: type=1103 audit(1712946183.804:1339): pid=4569 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 150.690300] audit: type=1006 audit(1712946183.804:1340): pid=4569 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=8 res=1 [ 150.699379] audit: type=1300 audit(1712946183.804:1340): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff4e7d6a0 a2=3 a3=1 items=0 ppid=1 pid=4569 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=8 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 150.724500] audit: type=1327 audit(1712946183.804:1340): proctitle=737368643A20636F7265205B707269765D [ 150.727790] audit: type=1105 audit(1712946183.856:1341): pid=4569 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 150.743026] audit: type=1103 audit(1712946183.859:1342): pid=4574 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 151.129442] audit: type=1400 audit(1712946184.272:1343): avc: denied { watch } for pid=2570 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520964 scontext=system_u:system_r:svirt_lxc_net_t:s0:c97,c907 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 151.149329] audit: type=1300 audit(1712946184.272:1343): arch=c00000b7 syscall=27 success=no exit=-13 a0=a a1=400278b820 a2=fc6 a3=0 items=0 ppid=2437 pid=2570 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c97,c907 key=(null) [ 156.179499] kauditd_printk_skb: 125 callbacks suppressed [ 156.179504] audit: type=1130 audit(1712946189.322:1378): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@8-172.31.20.40:22-139.178.89.65:33596 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 156.371408] audit: type=1101 audit(1712946189.514:1379): pid=4710 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 156.383569] audit: type=1103 audit(1712946189.526:1380): pid=4710 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 156.393516] audit: type=1006 audit(1712946189.526:1381): pid=4710 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=9 res=1 [ 156.399358] audit: type=1300 audit(1712946189.526:1381): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffffef4c1b0 a2=3 a3=1 items=0 ppid=1 pid=4710 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=9 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 156.410752] audit: type=1327 audit(1712946189.526:1381): proctitle=737368643A20636F7265205B707269765D [ 156.432011] audit: type=1105 audit(1712946189.573:1382): pid=4710 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 156.444286] audit: type=1103 audit(1712946189.587:1383): pid=4712 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 156.682935] audit: type=1106 audit(1712946189.826:1384): pid=4710 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 156.694208] audit: type=1104 audit(1712946189.826:1385): pid=4710 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 161.707359] kauditd_printk_skb: 13 callbacks suppressed [ 161.707363] audit: type=1130 audit(1712946194.850:1391): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@9-172.31.20.40:22-139.178.89.65:33598 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 161.884073] audit: type=1101 audit(1712946195.027:1392): pid=4946 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 161.896511] audit: type=1103 audit(1712946195.039:1393): pid=4946 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 161.906357] audit: type=1006 audit(1712946195.039:1394): pid=4946 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=10 res=1 [ 161.913039] audit: type=1300 audit(1712946195.039:1394): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffcb96b440 a2=3 a3=1 items=0 ppid=1 pid=4946 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=10 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 161.923508] audit: type=1327 audit(1712946195.039:1394): proctitle=737368643A20636F7265205B707269765D [ 161.948298] audit: type=1105 audit(1712946195.091:1395): pid=4946 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 161.960341] audit: type=1103 audit(1712946195.103:1396): pid=4948 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 162.193017] audit: type=1106 audit(1712946195.336:1397): pid=4946 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 162.205683] audit: type=1104 audit(1712946195.336:1398): pid=4946 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 168.575726] kauditd_printk_skb: 23 callbacks suppressed [ 168.575731] audit: type=1130 audit(1712946201.719:1418): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@12-172.31.20.40:22-139.178.89.65:59950 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 168.756047] audit: type=1101 audit(1712946201.899:1419): pid=4996 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 168.766682] audit: type=1103 audit(1712946201.901:1420): pid=4996 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 168.777758] audit: type=1006 audit(1712946201.901:1421): pid=4996 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=13 res=1 [ 168.783555] audit: type=1300 audit(1712946201.901:1421): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff4cc3380 a2=3 a3=1 items=0 ppid=1 pid=4996 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=13 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 168.793615] audit: type=1327 audit(1712946201.901:1421): proctitle=737368643A20636F7265205B707269765D [ 168.810947] audit: type=1105 audit(1712946201.952:1422): pid=4996 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 168.822616] audit: type=1103 audit(1712946201.966:1423): pid=4998 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 169.055163] audit: type=1106 audit(1712946202.198:1424): pid=4996 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 169.069281] audit: type=1104 audit(1712946202.198:1425): pid=4996 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 174.081553] kauditd_printk_skb: 1 callbacks suppressed [ 174.081557] audit: type=1130 audit(1712946207.225:1427): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@13-172.31.20.40:22-139.178.89.65:42022 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 174.251209] audit: type=1101 audit(1712946207.394:1428): pid=5015 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 174.262123] audit: type=1103 audit(1712946207.397:1429): pid=5015 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 174.271865] audit: type=1006 audit(1712946207.397:1430): pid=5015 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=14 res=1 [ 174.278227] audit: type=1300 audit(1712946207.397:1430): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffffe3cb30 a2=3 a3=1 items=0 ppid=1 pid=5015 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 174.288375] audit: type=1327 audit(1712946207.397:1430): proctitle=737368643A20636F7265205B707269765D [ 174.307001] audit: type=1105 audit(1712946207.450:1431): pid=5015 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 174.318104] audit: type=1103 audit(1712946207.453:1432): pid=5017 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 174.544687] audit: type=1106 audit(1712946207.688:1433): pid=5015 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 174.559029] audit: type=1104 audit(1712946207.688:1434): pid=5015 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 179.574801] kauditd_printk_skb: 1 callbacks suppressed [ 179.574806] audit: type=1130 audit(1712946212.718:1436): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-172.31.20.40:22-139.178.89.65:42026 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 179.753114] audit: type=1101 audit(1712946212.896:1437): pid=5033 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 179.766604] audit: type=1103 audit(1712946212.908:1438): pid=5033 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 179.776820] audit: type=1006 audit(1712946212.908:1439): pid=5033 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=15 res=1 [ 179.792740] audit: type=1300 audit(1712946212.908:1439): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffc0a46b90 a2=3 a3=1 items=0 ppid=1 pid=5033 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=15 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 179.811175] audit: type=1327 audit(1712946212.908:1439): proctitle=737368643A20636F7265205B707269765D [ 179.818454] audit: type=1105 audit(1712946212.954:1440): pid=5033 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 179.833445] audit: type=1103 audit(1712946212.958:1441): pid=5035 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 180.097468] audit: type=1106 audit(1712946213.239:1442): pid=5033 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 180.110061] audit: type=1104 audit(1712946213.240:1443): pid=5033 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 185.122279] kauditd_printk_skb: 1 callbacks suppressed [ 185.122284] audit: type=1130 audit(1712946218.265:1445): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-172.31.20.40:22-139.178.89.65:35632 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 185.296942] audit: type=1101 audit(1712946218.440:1446): pid=5077 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 185.309213] audit: type=1103 audit(1712946218.452:1447): pid=5077 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 185.318886] audit: type=1006 audit(1712946218.452:1448): pid=5077 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=16 res=1 [ 185.325463] audit: type=1300 audit(1712946218.452:1448): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffc3db1d80 a2=3 a3=1 items=0 ppid=1 pid=5077 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=16 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 185.335909] audit: type=1327 audit(1712946218.452:1448): proctitle=737368643A20636F7265205B707269765D [ 185.355349] audit: type=1105 audit(1712946218.498:1449): pid=5077 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 185.366547] audit: type=1103 audit(1712946218.499:1450): pid=5079 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 185.586368] audit: type=1106 audit(1712946218.729:1451): pid=5077 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 185.598196] audit: type=1104 audit(1712946218.732:1452): pid=5077 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 190.247307] kauditd_printk_skb: 1 callbacks suppressed [ 190.247312] audit: type=1325 audit(1712946223.390:1454): table=filter:112 family=2 entries=8 op=nft_register_rule pid=5110 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 190.255096] audit: type=1300 audit(1712946223.390:1454): arch=c00000b7 syscall=211 success=yes exit=2932 a0=3 a1=ffffee161a20 a2=0 a3=1 items=0 ppid=2950 pid=5110 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 190.266513] audit: type=1327 audit(1712946223.390:1454): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 190.273683] audit: type=1325 audit(1712946223.398:1455): table=nat:113 family=2 entries=20 op=nft_register_rule pid=5110 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 190.279611] audit: type=1300 audit(1712946223.398:1455): arch=c00000b7 syscall=211 success=yes exit=5772 a0=3 a1=ffffee161a20 a2=0 a3=1 items=0 ppid=2950 pid=5110 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 190.291114] audit: type=1327 audit(1712946223.398:1455): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 190.297907] audit: type=1325 audit(1712946223.437:1456): table=filter:114 family=2 entries=9 op=nft_register_rule pid=5112 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 190.303844] audit: type=1300 audit(1712946223.437:1456): arch=c00000b7 syscall=211 success=yes exit=3676 a0=3 a1=fffff816ccb0 a2=0 a3=1 items=0 ppid=2950 pid=5112 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 190.315397] audit: type=1327 audit(1712946223.437:1456): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 190.321193] audit: type=1325 audit(1712946223.443:1457): table=nat:115 family=2 entries=20 op=nft_register_rule pid=5112 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 191.440215] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 191.442524] IPv6: ADDRCONF(NETDEV_CHANGE): calic4f4434a7cd: link becomes ready This is ip-172-31-20-40 (Linux aarch64 5.15.154-flatcar) 18:23:46 SSH host key: SHA256:DDgQf79lr+tiMiFAKfU6bU3D0zH3S2/AV1h+V4psxWw (ED25519) SSH host key: SHA256:k1vfbgPcKSCNFg7WJJF6KPByVAk51dxyVMOj4oGLJB8 (RSA) SSH host key: SHA256:9IFVG/bU23/T7TFTnSws8il9hIDTaTy863NPHXXya6w (ECDSA) eth0: 172.31.20.40 fe80::43f:2eff:fe9f:f3e1 ip-172-31-20-40 login: [ 195.250276] kauditd_printk_skb: 118 callbacks suppressed [ 195.252267] audit: type=1130 audit(1712946228.393:1517): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@20-172.31.20.40:22-139.178.89.65:55448 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 195.446011] audit: type=1101 audit(1712946228.589:1518): pid=5242 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 195.456848] audit: type=1103 audit(1712946228.589:1519): pid=5242 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 195.466901] audit: type=1006 audit(1712946228.589:1520): pid=5242 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=21 res=1 [ 195.478311] audit: type=1300 audit(1712946228.589:1520): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffd6b7b020 a2=3 a3=1 items=0 ppid=1 pid=5242 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=21 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 195.491046] audit: type=1327 audit(1712946228.589:1520): proctitle=737368643A20636F7265205B707269765D [ 195.495002] audit: type=1105 audit(1712946228.621:1521): pid=5242 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 195.510137] audit: type=1103 audit(1712946228.622:1522): pid=5244 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 195.601329] audit: type=1400 audit(1712946228.742:1523): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 195.610562] audit: type=1400 audit(1712946228.742:1524): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 200.816035] kauditd_printk_skb: 73 callbacks suppressed [ 200.816039] audit: type=1130 audit(1712946233.959:1549): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@21-172.31.20.40:22-139.178.89.65:55456 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 200.996310] audit: type=1101 audit(1712946234.140:1550): pid=5307 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 201.006352] audit: type=1103 audit(1712946234.142:1551): pid=5307 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 201.015839] audit: type=1006 audit(1712946234.142:1552): pid=5307 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=22 res=1 [ 201.022391] audit: type=1300 audit(1712946234.142:1552): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffde350e90 a2=3 a3=1 items=0 ppid=1 pid=5307 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=22 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 201.033303] audit: type=1327 audit(1712946234.142:1552): proctitle=737368643A20636F7265205B707269765D [ 201.050361] audit: type=1105 audit(1712946234.193:1553): pid=5307 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 201.063341] audit: type=1103 audit(1712946234.206:1554): pid=5309 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 201.298477] audit: type=1106 audit(1712946234.442:1555): pid=5307 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 201.311636] audit: type=1104 audit(1712946234.443:1556): pid=5307 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 206.326124] kauditd_printk_skb: 7 callbacks suppressed [ 206.326128] audit: type=1130 audit(1712946239.469:1560): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@22-172.31.20.40:22-139.178.89.65:52740 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 206.510361] audit: type=1101 audit(1712946239.654:1561): pid=5330 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 206.522770] audit: type=1103 audit(1712946239.666:1562): pid=5330 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 206.531954] audit: type=1006 audit(1712946239.666:1563): pid=5330 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=23 res=1 [ 206.538912] audit: type=1300 audit(1712946239.666:1563): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff88bcc20 a2=3 a3=1 items=0 ppid=1 pid=5330 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=23 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 206.549411] audit: type=1327 audit(1712946239.666:1563): proctitle=737368643A20636F7265205B707269765D [ 206.554020] audit: type=1105 audit(1712946239.694:1564): pid=5330 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 206.566264] audit: type=1103 audit(1712946239.709:1565): pid=5332 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 206.816256] audit: type=1106 audit(1712946239.960:1566): pid=5330 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 206.827654] audit: type=1104 audit(1712946239.960:1567): pid=5330 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 211.845986] kauditd_printk_skb: 7 callbacks suppressed [ 211.845991] audit: type=1130 audit(1712946244.989:1571): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@23-172.31.20.40:22-139.178.89.65:52754 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 212.063929] audit: type=1101 audit(1712946245.207:1572): pid=5345 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 212.074948] audit: type=1103 audit(1712946245.207:1573): pid=5345 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 212.085292] audit: type=1006 audit(1712946245.207:1574): pid=5345 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=24 res=1 [ 212.091570] audit: type=1300 audit(1712946245.207:1574): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffffeb77880 a2=3 a3=1 items=0 ppid=1 pid=5345 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=24 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 212.101971] audit: type=1327 audit(1712946245.207:1574): proctitle=737368643A20636F7265205B707269765D [ 212.107330] audit: type=1105 audit(1712946245.245:1575): pid=5345 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 212.121509] audit: type=1103 audit(1712946245.262:1576): pid=5367 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 212.399329] audit: type=1106 audit(1712946245.543:1577): pid=5345 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 212.410717] audit: type=1104 audit(1712946245.543:1578): pid=5345 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 217.427434] kauditd_printk_skb: 31 callbacks suppressed [ 217.427439] audit: type=1130 audit(1712946250.570:1590): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@24-172.31.20.40:22-139.178.89.65:60504 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 217.613369] audit: type=1101 audit(1712946250.757:1591): pid=5404 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 217.623426] audit: type=1103 audit(1712946250.760:1592): pid=5404 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 217.633970] audit: type=1006 audit(1712946250.760:1593): pid=5404 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=25 res=1 [ 217.639794] audit: type=1300 audit(1712946250.760:1593): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffd4bb1a90 a2=3 a3=1 items=0 ppid=1 pid=5404 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=25 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 217.649975] audit: type=1327 audit(1712946250.760:1593): proctitle=737368643A20636F7265205B707269765D [ 217.653996] audit: type=1105 audit(1712946250.788:1594): pid=5404 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 217.665901] audit: type=1103 audit(1712946250.797:1595): pid=5407 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 217.900988] audit: type=1106 audit(1712946251.044:1596): pid=5404 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 217.912965] audit: type=1104 audit(1712946251.045:1597): pid=5404 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 222.932142] kauditd_printk_skb: 13 callbacks suppressed [ 222.932147] audit: type=1130 audit(1712946256.076:1603): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@25-172.31.20.40:22-139.178.89.65:60514 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 223.111404] audit: type=1101 audit(1712946256.255:1604): pid=5464 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 223.123050] audit: type=1103 audit(1712946256.266:1605): pid=5464 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 223.133321] audit: type=1006 audit(1712946256.267:1606): pid=5464 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=26 res=1 [ 223.139807] audit: type=1300 audit(1712946256.267:1606): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffc4ed6b00 a2=3 a3=1 items=0 ppid=1 pid=5464 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=26 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 223.150901] audit: type=1327 audit(1712946256.267:1606): proctitle=737368643A20636F7265205B707269765D [ 223.170520] audit: type=1105 audit(1712946256.313:1607): pid=5464 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 223.182325] audit: type=1103 audit(1712946256.326:1608): pid=5466 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 223.414891] audit: type=1106 audit(1712946256.558:1609): pid=5464 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 223.426772] audit: type=1104 audit(1712946256.564:1610): pid=5464 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 228.447641] kauditd_printk_skb: 1 callbacks suppressed [ 228.447645] audit: type=1130 audit(1712946261.591:1612): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@26-172.31.20.40:22-139.178.89.65:52870 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 228.629827] audit: type=1101 audit(1712946261.773:1613): pid=5487 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 228.641608] audit: type=1103 audit(1712946261.785:1614): pid=5487 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 228.651278] audit: type=1006 audit(1712946261.786:1615): pid=5487 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=27 res=1 [ 228.657347] audit: type=1300 audit(1712946261.786:1615): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffed3dc0d0 a2=3 a3=1 items=0 ppid=1 pid=5487 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=27 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 228.667761] audit: type=1327 audit(1712946261.786:1615): proctitle=737368643A20636F7265205B707269765D [ 228.691127] audit: type=1105 audit(1712946261.835:1616): pid=5487 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 228.702509] audit: type=1103 audit(1712946261.838:1617): pid=5489 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 228.947034] audit: type=1106 audit(1712946262.091:1618): pid=5487 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 228.958472] audit: type=1104 audit(1712946262.099:1619): pid=5487 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 233.977632] kauditd_printk_skb: 1 callbacks suppressed [ 233.977637] audit: type=1130 audit(1712946267.121:1621): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@27-172.31.20.40:22-139.178.89.65:39604 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 234.166238] audit: type=1101 audit(1712946267.310:1622): pid=5504 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 234.177467] audit: type=1103 audit(1712946267.312:1623): pid=5504 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 234.188016] audit: type=1006 audit(1712946267.313:1624): pid=5504 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=28 res=1 [ 234.193855] audit: type=1300 audit(1712946267.313:1624): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffd619f710 a2=3 a3=1 items=0 ppid=1 pid=5504 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=28 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 234.205138] audit: type=1327 audit(1712946267.313:1624): proctitle=737368643A20636F7265205B707269765D [ 234.211616] audit: type=1105 audit(1712946267.354:1625): pid=5504 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 234.223686] audit: type=1103 audit(1712946267.367:1626): pid=5507 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 234.458456] audit: type=1106 audit(1712946267.602:1627): pid=5504 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 234.470382] audit: type=1104 audit(1712946267.602:1628): pid=5504 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 248.309457] kauditd_printk_skb: 1 callbacks suppressed [ 248.309462] audit: type=1334 audit(1712946281.453:1630): prog-id=85 op=UNLOAD [ 248.314646] audit: type=1334 audit(1712946281.453:1631): prog-id=103 op=UNLOAD [ 248.764340] audit: type=1334 audit(1712946281.907:1632): prog-id=126 op=UNLOAD [ 248.771191] audit: type=1334 audit(1712946281.914:1633): prog-id=129 op=UNLOAD [ 249.196087] audit: type=1400 audit(1712946282.340:1634): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 249.205796] audit: type=1400 audit(1712946282.347:1635): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 249.213507] audit: type=1400 audit(1712946282.347:1636): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 249.221250] audit: type=1400 audit(1712946282.347:1637): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 249.228827] audit: type=1400 audit(1712946282.347:1638): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 249.236920] audit: type=1400 audit(1712946282.347:1639): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 253.414265] kauditd_printk_skb: 142 callbacks suppressed [ 253.414270] audit: type=1334 audit(1712946286.558:1667): prog-id=93 op=UNLOAD [ 253.418772] audit: type=1334 audit(1712946286.558:1668): prog-id=96 op=UNLOAD [ 254.178619] audit: type=1400 audit(1712946287.322:1669): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 254.185923] audit: type=1400 audit(1712946287.324:1670): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 254.193193] audit: type=1400 audit(1712946287.324:1671): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 254.200389] audit: type=1400 audit(1712946287.324:1672): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 254.208106] audit: type=1400 audit(1712946287.324:1673): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 254.215859] audit: type=1400 audit(1712946287.324:1674): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 254.223333] audit: type=1400 audit(1712946287.324:1675): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 254.231523] audit: type=1400 audit(1712946287.324:1676): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 258.843243] kauditd_printk_skb: 49 callbacks suppressed [ 258.843248] audit: type=1400 audit(1712946291.987:1687): avc: denied { watch } for pid=5265 comm="apiserver" path="/calico-apiserver-certs/..2024_04_12_18_23_44.1997526055/tls.crt" dev="tmpfs" ino=3 scontext=system_u:system_r:svirt_lxc_net_t:s0:c14,c646 tcontext=system_u:object_r:svirt_lxc_file_t:s0:c14,c646 tclass=file permissive=0 [ 258.855729] audit: type=1300 audit(1712946291.987:1687): arch=c00000b7 syscall=27 success=no exit=-13 a0=8 a1=4001cec7a0 a2=fc6 a3=0 items=0 ppid=5168 pid=5265 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="apiserver" exe="/code/apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c14,c646 key=(null) [ 258.866886] audit: type=1327 audit(1712946291.987:1687): proctitle=2F636F64652F617069736572766572002D2D7365637572652D706F72743D35343433002D2D746C732D707269766174652D6B65792D66696C653D2F63616C69636F2D6170697365727665722D63657274732F746C732E6B6579002D2D746C732D636572742D66696C653D2F63616C69636F2D6170697365727665722D63657274 [ 259.612207] audit: type=1106 audit(1712946292.756:1688): pid=1881 uid=0 auid=500 ses=1 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 259.623456] audit: type=1104 audit(1712946292.761:1689): pid=1881 uid=0 auid=500 ses=1 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 259.632460] audit: type=1131 audit(1712946292.766:1690): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@0-172.31.20.40:22-139.178.89.65:38618 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' Stopping cri-containerd-a6…b5a896a373ecf77227260.scope... Stopping cri-containerd-de…a7358f281829f6e3b7055.scope... Stopping cri-containerd-0d…b9343b781d07382b32f38.scope... Stopping cri-containerd-11…b7427a297ab4dc979cb93.scope... Stopping cri-containerd-2a…0e7fb0b57c7ce99358eca.scope... Stopping cri-containerd-3f…29a5c71c42cfd74ffb7c8.scope... Stopping cri-containerd-43…992449737506b0e29c478.scope... Stopping cri-containerd-48…a771464e283e2b7f394fb.scope... Stopping cri-containerd-48…faa2f7a7570de1a691afc.scope... Stopping cri-containerd-55…feb950e0061d6941df179.scope... Stopping cri-containerd-60…f2034731facc2f5a2f034.scope... Stopping cri-containerd-68…5f90558b04a09fdfc86d3.scope... Stopping cri-containerd-78…17bb659731555ec0048cc.scope... Stopping cri-containerd-b9…5a5a171fdea8462b91223.scope... Stopping cri-containerd-d0…fe125530c0101b28f0cd1.scope... Stopping cri-containerd-d5…3db2f073355a65263435c.scope... Stopping cri-containerd-e9…102852ec63f017e0bb714.scope... Stopping cri-containerd-f1…9a27dfee10a87f6f722b4.scope... Stopping cri-containerd-fd…dab5cc9680cb05d6a7988.scope... [ OK ] Removed slice system-addon\x2dconfig.slice. [ OK ] Removed slice system-addon\x2drun.slice. [ OK ] Removed slice system-modprobe.slice. [ OK ] Removed slice system-sshd.slice. [ OK ] Removed slice system-system\x2dcloudinit.slice. [ OK ] Stopped target multi-user.target. [ OK ] Stopped target getty.target. [ OK ] Stopped target machines.target. [ OK ] Stopped target nss-lookup.target. [ OK ] Stopped target remote-cryptsetup.target. [ OK ] Stopped target timers.target. [ OK ] Stopped logrotate.timer. [ OK ] Stopped mdadm.timer. [ OK ] Stopped systemd-tmpfiles-clean.timer. [ OK ] Stopped target time-set.target. [ OK ] Stopped target user-config.target. [ OK ] Stopped target system-config.target. Unmounting boot.mount... Stopping amazon-ssm-agent.service... [ OK ] Stopped coreos-metadata-sshkeys@core.service. [ 260.051157] audit: type=1131 audit(1712946293.195:1691): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=coreos-metadata-sshkeys@core comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ OK ] Removed slice system-coreos\x2dmetadata\x2dsshkeys.slice. Stopping docker.service... Stopping getty@tty1.service... Stopping kubelet.service... Stopping locksmithd.service... Stopping polkit.service... [ OK ] Stopped prepare-cni-plugins.service. [ 260.072593] audit: type=1131 audit(1712946293.216:1692): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=prepare-cni-plugins comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ OK ] Stopped prepare-critools.service. [ OK ] Stopped prepare-hel[ 260.084165] audit: type=1131 audit(1712946293.227:1693): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=prepare-critools comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' m.service. Stopping serial-getty@ttyS0.service... [ OK ] Stopped sshd-keygen.service. Stopping systemd-logind.service... [ OK ] Stopped systemd-machine-id-commit.service. [ 260.104680] audit: type=1131 audit(1712946293.237:1694): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=prepare-helm comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ OK ] Stopped target first-boot-complete.target. Stopping systemd-random-seed.service... [ OK ] Stopped update-ssh-keys-after-ignition.service. Stopping user@500.service... [ OK ] Stopped polkit.service. [ OK ] Stopped getty@tty1.service. [ OK ] Stopped serial-getty@ttyS0.service. [ OK ] Stopped user@500.service. [ OK ] Stopped kubelet.service. [ OK ] Unmounted boot.mount. [ OK ] Stopped cri-containerd-48b…a6faa2f7a7570de1a691afc.scope. [ OK ] Stopped cri-containerd-d5a…f23db2f073355a65263435c.scope. [ OK ] Stopped cri-containerd-fd7…b9dab5cc9680cb05d6a7988.scope. [ OK ] Stopped cri-containerd-e92…9c102852ec63f017e0bb714.scope. [ OK ] Stopped cri-containerd-d03…b7fe125530c0101b28f0cd1.scope. [ OK ] Stopped cri-containerd-550…a4feb950e0061d6941df179.scope. [ OK ] Stopped cri-containerd-3f7…ea29a5c71c42cfd74ffb7c8.scope. [ OK ] Stopped systemd-random-seed.service. [ OK ] Stopped cri-containerd-110…a7b7427a297ab4dc979cb93.scope. [ OK ] Stopped cri-containerd-609…55f2034731facc2f5a2f034.scope. [ OK ] Stopped cri-containerd-685…7e5f90558b04a09fdfc86d3.scope. [ OK ] Stopped cri-containerd-b9a…e35a5a171fdea8462b91223.scope. [ OK ] Stopped cri-containerd-432…91992449737506b0e29c478.scope. [ OK ] Stopped cri-containerd-481…15a771464e283e2b7f394fb.scope. [ OK ] Stopped systemd-logind.service. [ OK ] Stopped cri-containerd-2ad…280e7fb0b57c7ce99358eca.scope. [ OK ] Stopped docker.service. [ OK ] Stopped cri-containerd-0da…f2b9343b781d07382b32f38.scope. [ OK ] Removed slice system-getty.slice. [ OK ] Removed slice system-serial\x2dgetty.slice. [ OK ] Removed slice kubepods-bes…_43bb_b8a0_d0ba6fb9964d.slice. [ OK ] Removed slice kubepods-bes…_4c4b_bb70_e6e173b30b27.slice. [ OK ] Removed slice kubepods-bes…_4b54_9ee5_38626784b783.slice. [ OK ] Removed slice kubepods-bes…_4a39_9228_3ff002c54734.slice. [ OK ] Removed slice kubepods-bes…_4e0e_89be_f708ba13b096.slice. Stopping containerd.service... [ OK ] Stopped systemd-fsck@dev-d…2dlabel-EFI\x2dSYSTEM.service. Stopping systemd-user-sessions.service... Stopping user-runtime-dir@500.service... [ OK ] Unmounted run-user-500.mount. [ OK ] Stopped systemd-user-sessions.service. [ OK ] Stopped target remote-fs.target. [ OK ] Stopped locksmithd.service. Stopping update-engine.service... [ OK ] Stopped user-runtime-dir@500.service. [ OK ] Removed slice user-500.slice. Stopping dbus.service... [ OK ] Stopped containerd.service. [ OK ] Stopped update-engine.service. [ OK ] Stopped dbus.service. [* ] (1 of 5) Job cri-containerd-de880af…scope/stop running (2s / 1min 30s) M [** ] (1 of 5) Job cri-containerd-de880af…scope/stop running (3s / 1min 30s) M [*** ] (1 of 5) Job cri-containerd-de880af…scope/stop running (3s / 1min 30s) M [ OK ] Stoppe[ 264.026198] kauditd_printk_skb: 45 callbacks suppressed d cri-c[ 264.026202] audit: type=1334 audit(1712946297.169:1740): prog-id=138 op=UNLOAD ontainerd-78a…c117bb659731555ec0048cc.scope. [ OK ] Removed slice kubepods-bes…_4816_a623_3e7130f1aaa3.slice. [ 264.036976] audit: type=1334 audit(1712946297.178:1741): prog-id=141 op=UNLOAD