58.233882] audit: type=1400 audit(1719907043.307:545): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 58.239636] audit: type=1400 audit(1719907043.307:546): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 58.242823] audit: type=1400 audit(1719907043.307:547): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 58.248864] audit: audit_backlog=65 > audit_backlog_limit=64 [ 58.250419] audit: audit_lost=34 audit_rate_limit=0 audit_backlog_limit=64 [ 58.250866] audit: type=1400 audit(1719907043.307:548): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 58.251531] audit: backlog limit exceeded [ 58.256148] audit: audit_backlog=65 > audit_backlog_limit=64 [ 58.256499] audit: type=1400 audit(1719907043.307:549): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 65.712844] kauditd_printk_skb: 282 callbacks suppressed [ 65.712847] audit: type=1106 audit(1719907050.781:786): pid=2003 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 65.718303] audit: type=1104 audit(1719907050.783:787): pid=2003 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 65.747605] audit: type=1106 audit(1719907050.816:788): pid=2000 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 65.753709] audit: type=1104 audit(1719907050.816:789): pid=2000 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 65.758083] audit: type=1131 audit(1719907050.819:790): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@6-172.31.21.43:22-139.178.89.65:47462 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 70.673298] audit: type=1400 audit(1719907055.734:791): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 70.676539] audit: type=1400 audit(1719907055.734:792): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 70.680955] audit: type=1400 audit(1719907055.734:793): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 70.685063] audit: type=1400 audit(1719907055.734:794): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 70.690092] audit: type=1400 audit(1719907055.734:795): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 70.829780] kauditd_printk_skb: 52 callbacks suppressed [ 70.829783] audit: type=1400 audit(1719907055.890:809): avc: denied { perfmon } for pid=2915 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 70.834320] audit: type=1300 audit(1719907055.890:809): arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c0001c76b0 a2=3c a3=7fdf5044e9c8 items=0 ppid=2872 pid=2915 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 70.839895] audit: type=1327 audit(1719907055.890:809): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6438326532333465333836636162313330383833353438666335373562 [ 70.845784] audit: type=1400 audit(1719907055.890:810): avc: denied { bpf } for pid=2915 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 70.849220] audit: type=1400 audit(1719907055.890:810): avc: denied { bpf } for pid=2915 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 70.853727] audit: type=1400 audit(1719907055.890:810): avc: denied { bpf } for pid=2915 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 70.857738] audit: type=1400 audit(1719907055.890:810): avc: denied { perfmon } for pid=2915 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 70.861596] audit: type=1400 audit(1719907055.890:810): avc: denied { perfmon } for pid=2915 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 70.866056] audit: type=1400 audit(1719907055.890:810): avc: denied { perfmon } for pid=2915 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 70.870943] audit: type=1400 audit(1719907055.890:810): avc: denied { perfmon } for pid=2915 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 77.839507] kauditd_printk_skb: 306 callbacks suppressed [ 77.839510] audit: type=1325 audit(1719907062.892:904): table=filter:91 family=2 entries=14 op=nft_register_rule pid=3148 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 77.843250] audit: type=1300 audit(1719907062.892:904): arch=c000003e syscall=46 success=yes exit=5164 a0=3 a1=7fff8c6de600 a2=0 a3=7fff8c6de5ec items=0 ppid=2928 pid=3148 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 77.849186] audit: type=1327 audit(1719907062.892:904): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 77.852928] audit: type=1325 audit(1719907062.892:905): table=nat:92 family=2 entries=12 op=nft_register_rule pid=3148 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 77.856485] audit: type=1300 audit(1719907062.892:905): arch=c000003e syscall=46 success=yes exit=2700 a0=3 a1=7fff8c6de600 a2=0 a3=0 items=0 ppid=2928 pid=3148 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 77.863033] audit: type=1327 audit(1719907062.892:905): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 77.866263] audit: type=1325 audit(1719907062.913:906): table=filter:93 family=2 entries=15 op=nft_register_rule pid=3150 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 77.869249] audit: type=1300 audit(1719907062.913:906): arch=c000003e syscall=46 success=yes exit=5908 a0=3 a1=7ffd94e4bbe0 a2=0 a3=7ffd94e4bbcc items=0 ppid=2928 pid=3150 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 77.875109] audit: type=1327 audit(1719907062.913:906): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 77.878652] audit: type=1325 audit(1719907062.920:907): table=nat:94 family=2 entries=12 op=nft_register_rule pid=3150 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 82.916376] kauditd_printk_skb: 179 callbacks suppressed [ 82.916379] audit: type=1400 audit(1719907067.966:964): avc: denied { perfmon } for pid=3386 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 82.922844] audit: type=1300 audit(1719907067.966:964): arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c0001456b0 a2=3c a3=7f0fd411f6d8 items=0 ppid=3273 pid=3386 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 82.934022] audit: type=1327 audit(1719907067.966:964): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6638396263323033333363656364323032363333353865653064323631 [ 82.949349] audit: type=1400 audit(1719907067.966:965): avc: denied { bpf } for pid=3386 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 82.960252] audit: type=1400 audit(1719907067.966:965): avc: denied { bpf } for pid=3386 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 82.977552] audit: type=1400 audit(1719907067.966:965): avc: denied { bpf } for pid=3386 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 82.986419] audit: type=1400 audit(1719907067.966:965): avc: denied { perfmon } for pid=3386 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 82.991116] audit: type=1400 audit(1719907067.966:965): avc: denied { perfmon } for pid=3386 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 82.996679] audit: type=1400 audit(1719907067.966:965): avc: denied { perfmon } for pid=3386 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 83.009911] audit: type=1400 audit(1719907067.966:965): avc: denied { perfmon } for pid=3386 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 88.738787] kauditd_printk_skb: 34 callbacks suppressed [ 88.738791] audit: type=1400 audit(1719907073.785:971): avc: denied { perfmon } for pid=3449 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 88.743443] audit: type=1300 audit(1719907073.785:971): arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c00014d6b0 a2=3c a3=7f1fec694718 items=0 ppid=3273 pid=3449 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 88.749170] audit: type=1327 audit(1719907073.785:971): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3730663539376136623533393461323839643630396433376537373665 [ 88.762073] audit: type=1400 audit(1719907073.785:972): avc: denied { bpf } for pid=3449 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 88.771614] audit: type=1400 audit(1719907073.785:972): avc: denied { bpf } for pid=3449 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 88.779833] audit: type=1400 audit(1719907073.785:972): avc: denied { bpf } for pid=3449 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 88.786446] audit: type=1400 audit(1719907073.785:972): avc: denied { perfmon } for pid=3449 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 88.792911] audit: type=1400 audit(1719907073.785:972): avc: denied { perfmon } for pid=3449 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 88.796313] audit: type=1400 audit(1719907073.785:972): avc: denied { perfmon } for pid=3449 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 88.799819] audit: type=1400 audit(1719907073.785:972): avc: denied { perfmon } for pid=3449 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 97.990538] kauditd_printk_skb: 34 callbacks suppressed [ 97.990541] audit: type=1400 audit(1719907083.034:978): avc: denied { perfmon } for pid=3722 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 97.994809] audit: type=1300 audit(1719907083.034:978): arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c00011f6b0 a2=3c a3=7f8809800dc8 items=0 ppid=3273 pid=3722 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 98.003260] audit: type=1327 audit(1719907083.034:978): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6633653232396263366630346535623135353439366634613238373032 [ 98.008473] audit: type=1400 audit(1719907083.034:979): avc: denied { bpf } for pid=3722 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 98.012484] audit: type=1400 audit(1719907083.034:979): avc: denied { bpf } for pid=3722 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 98.027413] audit: type=1400 audit(1719907083.034:979): avc: denied { bpf } for pid=3722 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 98.033203] audit: type=1400 audit(1719907083.034:979): avc: denied { perfmon } for pid=3722 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 98.038973] audit: type=1400 audit(1719907083.034:979): avc: denied { perfmon } for pid=3722 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 98.043816] audit: type=1400 audit(1719907083.034:979): avc: denied { perfmon } for pid=3722 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 98.047269] audit: type=1400 audit(1719907083.034:979): avc: denied { perfmon } for pid=3722 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 98.217149] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information. [ 98.218907] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld . All Rights Reserved. This is ip-172-31-21-43 (Linux x86_64 5.15.161-flatcar) 07:58:07 SSH host key: SHA256:/FbZtPv/P4LOY1O8vxU2SuySpoCxkQRg1tYIoS+BhmQ (ECDSA) SSH host key: SHA256:GOI7kAHTZNgYKwx6RUU8foQfrqvvcXrSbUAT128xWJ0 (RSA) SSH host key: SHA256:lpr49OIWIJTif0RDaerwUC/JSqtSm8XfI0TfvakJxZc (ED25519) eth0: 172.31.21.43 fe80::4b9:19ff:fe86:60bb ip-172-31-21-43 login: [ 103.831556] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 103.832651] IPv6: ADDRCONF(NETDEV_CHANGE): cali3c716abaf2a: link becomes ready [ 103.881507] kauditd_printk_skb: 163 callbacks suppressed [ 103.881510] audit: type=1325 audit(1719907088.923:1013): table=filter:103 family=2 entries=34 op=nft_register_chain pid=4133 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" [ 103.886106] audit: type=1300 audit(1719907088.923:1013): arch=c000003e syscall=46 success=yes exit=19148 a0=3 a1=7fffae84a780 a2=0 a3=7fffae84a76c items=0 ppid=3955 pid=4133 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 103.896318] audit: type=1327 audit(1719907088.923:1013): proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 [ 103.960608] audit: type=1400 audit(1719907089.002:1014): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 103.963857] audit: type=1400 audit(1719907089.002:1015): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 103.967741] audit: type=1400 audit(1719907089.002:1016): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 103.970893] audit: type=1400 audit(1719907089.002:1017): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 103.974392] audit: type=1400 audit(1719907089.002:1018): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 103.977877] audit: type=1400 audit(1719907089.002:1019): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 103.980972] audit: type=1400 audit(1719907089.002:1020): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 This is ip-172-31-21-43 (Linux x86_64 5.15.161-flatcar) 07:58:09 SSH host key: SHA256:/FbZtPv/P4LOY1O8vxU2SuySpoCxkQRg1tYIoS+BhmQ (ECDSA) SSH host key: SHA256:GOI7kAHTZNgYKwx6RUU8foQfrqvvcXrSbUAT128xWJ0 (RSA) SSH host key: SHA256:lpr49OIWIJTif0RDaerwUC/JSqtSm8XfI0TfvakJxZc (ED25519) eth0: 172.31.21.43 fe80::4b9:19ff:fe86:60bb ip-172-31-21-43 login: [ 104.588981] IPv6: ADDRCONF(NETDEV_CHANGE): cali255b46fc789: link becomes ready This is ip-172-31-21-43 (Linux x86_64 5.15.161-flatcar) 07:58:11 SSH host key: SHA256:/FbZtPv/P4LOY1O8vxU2SuySpoCxkQRg1tYIoS+BhmQ (ECDSA) SSH host key: SHA256:GOI7kAHTZNgYKwx6RUU8foQfrqvvcXrSbUAT128xWJ0 (RSA) SSH host key: SHA256:lpr49OIWIJTif0RDaerwUC/JSqtSm8XfI0TfvakJxZc (ED25519) eth0: 172.31.21.43 fe80::4b9:19ff:fe86:60bb ip-172-31-21-43 login: [ 106.625923] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 106.627167] IPv6: ADDRCONF(NETDEV_CHANGE): calice716c8d827: link becomes ready [ 106.749486] IPv6: ADDRCONF(NETDEV_CHANGE): cali9ec2584604a: link becomes ready This is ip-172-31-21-43 (Linux x86_64 5.15.161-flatcar) 07:58:12 SSH host key: SHA256:/FbZtPv/P4LOY1O8vxU2SuySpoCxkQRg1tYIoS+BhmQ (ECDSA) SSH host key: SHA256:GOI7kAHTZNgYKwx6RUU8foQfrqvvcXrSbUAT128xWJ0 (RSA) SSH host key: SHA256:lpr49OIWIJTif0RDaerwUC/JSqtSm8XfI0TfvakJxZc (ED25519) eth0: 172.31.21.43 fe80::4b9:19ff:fe86:60bb ip-172-31-21-43 login: This is ip-172-31-21-43 (Linux x86_64 5.15.161-flatcar) 07:58:14 SSH host key: SHA256:/FbZtPv/P4LOY1O8vxU2SuySpoCxkQRg1tYIoS+BhmQ (ECDSA) SSH host key: SHA256:GOI7kAHTZNgYKwx6RUU8foQfrqvvcXrSbUAT128xWJ0 (RSA) SSH host key: SHA256:lpr49OIWIJTif0RDaerwUC/JSqtSm8XfI0TfvakJxZc (ED25519) eth0: 172.31.21.43 fe80::4b9:19ff:fe86:60bb ip-172-31-21-43 login: This is ip-172-31-21-43 (Linux x86_64 5.15.161-flatcar) 07:58:15 SSH host key: SHA256:/FbZtPv/P4LOY1O8vxU2SuySpoCxkQRg1tYIoS+BhmQ (ECDSA) SSH host key: SHA256:GOI7kAHTZNgYKwx6RUU8foQfrqvvcXrSbUAT128xWJ0 (RSA) SSH host key: SHA256:lpr49OIWIJTif0RDaerwUC/JSqtSm8XfI0TfvakJxZc (ED25519) eth0: 172.31.21.43 fe80::4b9:19ff:fe86:60bb ip-172-31-21-43 login: [ 111.030382] kauditd_printk_skb: 454 callbacks suppressed [ 111.030385] audit: type=1400 audit(1719907096.071:1145): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 111.035061] audit: type=1400 audit(1719907096.071:1146): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 111.041288] audit: type=1400 audit(1719907096.071:1147): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 111.045323] audit: type=1400 audit(1719907096.071:1148): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 111.049767] audit: type=1400 audit(1719907096.071:1149): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 111.054059] audit: type=1400 audit(1719907096.071:1150): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 111.058087] audit: type=1400 audit(1719907096.071:1151): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 111.062445] audit: type=1400 audit(1719907096.071:1152): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 111.071279] audit: type=1400 audit(1719907096.071:1153): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 111.077102] audit: type=1400 audit(1719907096.072:1154): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 118.092402] kauditd_printk_skb: 82 callbacks suppressed [ 118.092405] audit: type=1130 audit(1719907103.133:1180): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@8-172.31.21.43:22-139.178.89.65:41594 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 118.274445] audit: type=1101 audit(1719907103.315:1181): pid=4726 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 118.289069] audit: type=1103 audit(1719907103.330:1182): pid=4726 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 118.296418] audit: type=1006 audit(1719907103.330:1183): pid=4726 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=9 res=1 [ 118.301071] audit: type=1300 audit(1719907103.330:1183): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd61d80230 a2=3 a3=0 items=0 ppid=1 pid=4726 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=9 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 118.310795] audit: type=1327 audit(1719907103.330:1183): proctitle=737368643A20636F7265205B707269765D [ 118.318200] audit: type=1105 audit(1719907103.359:1184): pid=4726 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 118.324175] audit: type=1103 audit(1719907103.365:1185): pid=4728 uid=0 auid=500 ses=9 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 118.423154] audit: type=1400 audit(1719907103.462:1186): avc: denied { watch } for pid=2561 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=6336 scontext=system_u:system_r:svirt_lxc_net_t:s0:c336,c519 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 118.436839] audit: type=1300 audit(1719907103.462:1186): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c00245f020 a2=fc6 a3=0 items=0 ppid=2423 pid=2561 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c336,c519 key=(null) [ 123.666824] kauditd_printk_skb: 13 callbacks suppressed [ 123.666827] audit: type=1130 audit(1719907108.708:1193): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@9-172.31.21.43:22-139.178.89.65:38852 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 123.862513] audit: type=1101 audit(1719907108.903:1194): pid=4977 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 123.871070] audit: type=1103 audit(1719907108.912:1195): pid=4977 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 123.886190] audit: type=1006 audit(1719907108.912:1196): pid=4977 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=10 res=1 [ 123.889498] audit: type=1300 audit(1719907108.912:1196): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe916b3ff0 a2=3 a3=0 items=0 ppid=1 pid=4977 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=10 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 123.902362] audit: type=1327 audit(1719907108.912:1196): proctitle=737368643A20636F7265205B707269765D [ 123.924452] audit: type=1105 audit(1719907108.965:1197): pid=4977 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 123.931555] audit: type=1103 audit(1719907108.972:1198): pid=4979 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 124.159167] audit: type=1106 audit(1719907109.200:1199): pid=4977 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 124.164460] audit: type=1104 audit(1719907109.200:1200): pid=4977 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 130.371326] kauditd_printk_skb: 23 callbacks suppressed [ 130.371330] audit: type=1130 audit(1719907115.414:1220): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@12-172.31.21.43:22-139.178.89.65:38882 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 130.578877] audit: type=1101 audit(1719907115.622:1221): pid=5035 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 130.584708] audit: type=1103 audit(1719907115.628:1222): pid=5035 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 130.590171] audit: type=1006 audit(1719907115.628:1223): pid=5035 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=13 res=1 [ 130.596333] audit: type=1300 audit(1719907115.628:1223): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff8617ddc0 a2=3 a3=0 items=0 ppid=1 pid=5035 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=13 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 130.603980] audit: type=1327 audit(1719907115.628:1223): proctitle=737368643A20636F7265205B707269765D [ 130.618913] audit: type=1105 audit(1719907115.662:1224): pid=5035 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 130.625637] audit: type=1103 audit(1719907115.665:1225): pid=5037 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 130.850324] audit: type=1106 audit(1719907115.893:1226): pid=5035 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 130.856872] audit: type=1104 audit(1719907115.893:1227): pid=5035 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 135.875847] kauditd_printk_skb: 1 callbacks suppressed [ 135.875850] audit: type=1130 audit(1719907120.921:1229): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@13-172.31.21.43:22-139.178.89.65:37670 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 136.048395] audit: type=1101 audit(1719907121.093:1230): pid=5059 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 136.054412] audit: type=1103 audit(1719907121.099:1231): pid=5059 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 136.060540] audit: type=1006 audit(1719907121.100:1232): pid=5059 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=14 res=1 [ 136.066073] audit: type=1300 audit(1719907121.100:1232): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd1cc0f6f0 a2=3 a3=0 items=0 ppid=1 pid=5059 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 136.071823] audit: type=1327 audit(1719907121.100:1232): proctitle=737368643A20636F7265205B707269765D [ 136.076509] audit: type=1105 audit(1719907121.121:1233): pid=5059 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 136.083853] audit: type=1103 audit(1719907121.129:1234): pid=5061 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 136.299474] audit: type=1106 audit(1719907121.344:1235): pid=5059 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 136.311811] audit: type=1104 audit(1719907121.344:1236): pid=5059 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 141.326370] kauditd_printk_skb: 1 callbacks suppressed [ 141.326372] audit: type=1130 audit(1719907126.372:1238): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-172.31.21.43:22-139.178.89.65:37680 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 141.496897] audit: type=1101 audit(1719907126.542:1239): pid=5071 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 141.511081] audit: type=1103 audit(1719907126.554:1240): pid=5071 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 141.519347] audit: type=1006 audit(1719907126.554:1241): pid=5071 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=15 res=1 [ 141.532356] audit: type=1300 audit(1719907126.554:1241): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffffbf4c510 a2=3 a3=0 items=0 ppid=1 pid=5071 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=15 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 141.550932] audit: type=1327 audit(1719907126.554:1241): proctitle=737368643A20636F7265205B707269765D [ 141.555392] audit: type=1105 audit(1719907126.600:1242): pid=5071 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 141.563936] audit: type=1103 audit(1719907126.603:1243): pid=5073 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 141.838590] audit: type=1106 audit(1719907126.885:1244): pid=5071 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 141.844524] audit: type=1104 audit(1719907126.885:1245): pid=5071 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 146.866616] kauditd_printk_skb: 1 callbacks suppressed [ 146.866619] audit: type=1130 audit(1719907131.915:1247): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-172.31.21.43:22-139.178.89.65:44916 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 147.051637] audit: type=1101 audit(1719907132.100:1248): pid=5096 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 147.059639] audit: type=1103 audit(1719907132.108:1249): pid=5096 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 147.066068] audit: type=1006 audit(1719907132.108:1250): pid=5096 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=16 res=1 [ 147.071409] audit: type=1300 audit(1719907132.108:1250): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffc1648320 a2=3 a3=0 items=0 ppid=1 pid=5096 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=16 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 147.080981] audit: type=1327 audit(1719907132.108:1250): proctitle=737368643A20636F7265205B707269765D [ 147.084150] audit: type=1105 audit(1719907132.128:1251): pid=5096 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 147.091912] audit: type=1103 audit(1719907132.132:1252): pid=5098 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 147.307844] audit: type=1106 audit(1719907132.356:1253): pid=5096 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 147.315201] audit: type=1104 audit(1719907132.358:1254): pid=5096 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 152.331464] kauditd_printk_skb: 1 callbacks suppressed [ 152.331467] audit: type=1130 audit(1719907137.380:1256): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@16-172.31.21.43:22-139.178.89.65:44924 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 152.514707] audit: type=1101 audit(1719907137.563:1257): pid=5127 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 152.521410] audit: type=1103 audit(1719907137.570:1258): pid=5127 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 152.527960] audit: type=1006 audit(1719907137.570:1259): pid=5127 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=17 res=1 [ 152.531905] audit: type=1300 audit(1719907137.570:1259): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc17647aa0 a2=3 a3=0 items=0 ppid=1 pid=5127 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=17 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 152.542360] audit: type=1327 audit(1719907137.570:1259): proctitle=737368643A20636F7265205B707269765D [ 152.557852] audit: type=1105 audit(1719907137.606:1260): pid=5127 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 152.564792] audit: type=1103 audit(1719907137.611:1261): pid=5129 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 152.840908] audit: type=1106 audit(1719907137.889:1262): pid=5127 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 152.857070] audit: type=1104 audit(1719907137.889:1263): pid=5127 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 162.011155] kauditd_printk_skb: 57 callbacks suppressed [ 162.011158] audit: type=1130 audit(1719907147.062:1305): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@21-172.31.21.43:22-139.178.89.65:53302 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 162.188606] audit: type=1101 audit(1719907147.239:1306): pid=5236 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 162.200117] audit: type=1103 audit(1719907147.240:1307): pid=5236 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 162.213059] audit: type=1006 audit(1719907147.240:1308): pid=5236 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=22 res=1 [ 162.221130] audit: type=1300 audit(1719907147.240:1308): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff38bf9010 a2=3 a3=0 items=0 ppid=1 pid=5236 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=22 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 162.245600] audit: type=1327 audit(1719907147.240:1308): proctitle=737368643A20636F7265205B707269765D [ 162.267582] audit: type=1105 audit(1719907147.318:1309): pid=5236 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 162.275476] audit: type=1103 audit(1719907147.325:1310): pid=5238 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 162.522567] audit: type=1106 audit(1719907147.571:1311): pid=5236 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 162.534679] audit: type=1104 audit(1719907147.571:1312): pid=5236 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 164.591989] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 164.593432] IPv6: ADDRCONF(NETDEV_CHANGE): cali88c64a9f7ef: link becomes ready [ 167.555208] kauditd_printk_skb: 79 callbacks suppressed [ 167.555211] audit: type=1130 audit(1719907152.607:1339): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@22-172.31.21.43:22-139.178.89.65:56298 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' This is ip-172-31-21-43 (Linux x86_64 5.15.161-flatcar) 07:59:12 SSH host key: SHA256:/FbZtPv/P4LOY1O8vxU2SuySpoCxkQRg1tYIoS+BhmQ (ECDSA) SSH host key: SHA256:GOI7kAHTZNgYKwx6RUU8foQfrqvvcXrSbUAT128xWJ0 (RSA) SSH host key: SHA256:lpr49OIWIJTif0RDaerwUC/JSqtSm8XfI0TfvakJxZc (ED25519) eth0: 172.31.21.43 fe80::4b9:19ff:fe86:60bb ip-172-31-21-43 login: [ 167.844161] audit: type=1101 audit(1719907152.896:1340): pid=5336 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 167.853480] audit: type=1103 audit(1719907152.905:1341): pid=5336 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 167.870711] audit: type=1006 audit(1719907152.905:1342): pid=5336 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=23 res=1 [ 167.881604] audit: type=1300 audit(1719907152.905:1342): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc64f8ed20 a2=3 a3=0 items=0 ppid=1 pid=5336 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=23 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 167.912461] audit: type=1327 audit(1719907152.905:1342): proctitle=737368643A20636F7265205B707269765D [ 167.928235] audit: type=1105 audit(1719907152.980:1343): pid=5336 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 167.938378] audit: type=1103 audit(1719907152.990:1344): pid=5338 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 168.614188] audit: type=1325 audit(1719907153.664:1345): table=filter:126 family=2 entries=10 op=nft_register_rule pid=5347 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 168.618085] audit: type=1300 audit(1719907153.664:1345): arch=c000003e syscall=46 success=yes exit=3676 a0=3 a1=7ffc45ff5a20 a2=0 a3=7ffc45ff5a0c items=0 ppid=2928 pid=5347 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 172.894680] kauditd_printk_skb: 79 callbacks suppressed [ 172.894682] audit: type=1400 audit(1719907157.947:1374): avc: denied { watch } for pid=2561 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=6336 scontext=system_u:system_r:svirt_lxc_net_t:s0:c336,c519 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 172.902159] audit: type=1400 audit(1719907157.947:1373): avc: denied { watch } for pid=2561 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="nvme0n1p9" ino=6355 scontext=system_u:system_r:svirt_lxc_net_t:s0:c336,c519 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 172.908807] audit: type=1300 audit(1719907157.947:1374): arch=c000003e syscall=254 success=no exit=-13 a0=b a1=c001ba0300 a2=fc6 a3=0 items=0 ppid=2423 pid=2561 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c336,c519 key=(null) [ 172.914319] audit: type=1327 audit(1719907157.947:1374): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 172.918820] audit: type=1300 audit(1719907157.947:1373): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001b2abd0 a2=fc6 a3=0 items=0 ppid=2423 pid=2561 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c336,c519 key=(null) [ 172.925464] audit: type=1327 audit(1719907157.947:1373): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 173.655403] audit: type=1130 audit(1719907158.708:1375): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@23-172.31.21.43:22-139.178.89.65:34440 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 173.873611] audit: type=1101 audit(1719907158.926:1376): pid=5395 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 173.878257] audit: type=1103 audit(1719907158.931:1377): pid=5395 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 173.882793] audit: type=1006 audit(1719907158.931:1378): pid=5395 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=24 res=1 [ 178.410581] kauditd_printk_skb: 25 callbacks suppressed [ 178.410583] audit: type=1400 audit(1719907163.463:1390): avc: denied { watch } for pid=2561 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=6336 scontext=system_u:system_r:svirt_lxc_net_t:s0:c336,c519 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 178.416406] audit: type=1300 audit(1719907163.463:1390): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001ba1a60 a2=fc6 a3=0 items=0 ppid=2423 pid=2561 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c336,c519 key=(null) [ 178.422545] audit: type=1327 audit(1719907163.463:1390): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 178.427838] audit: type=1400 audit(1719907163.471:1391): avc: denied { watch } for pid=2561 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=6336 scontext=system_u:system_r:svirt_lxc_net_t:s0:c336,c519 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 178.432082] audit: type=1300 audit(1719907163.471:1391): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0022c5420 a2=fc6 a3=0 items=0 ppid=2423 pid=2561 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c336,c519 key=(null) [ 178.438444] audit: type=1327 audit(1719907163.471:1391): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 178.444551] audit: type=1400 audit(1719907163.472:1392): avc: denied { watch } for pid=2561 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=6336 scontext=system_u:system_r:svirt_lxc_net_t:s0:c336,c519 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 178.448578] audit: type=1300 audit(1719907163.472:1392): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0022c55c0 a2=fc6 a3=0 items=0 ppid=2423 pid=2561 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c336,c519 key=(null) [ 178.453527] audit: type=1327 audit(1719907163.472:1392): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 178.458836] audit: type=1400 audit(1719907163.473:1393): avc: denied { watch } for pid=2561 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=6336 scontext=system_u:system_r:svirt_lxc_net_t:s0:c336,c519 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 184.782188] kauditd_printk_skb: 19 callbacks suppressed [ 184.782191] audit: type=1130 audit(1719907169.835:1405): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@25-172.31.21.43:22-139.178.89.65:55878 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 184.976505] audit: type=1101 audit(1719907170.030:1406): pid=5457 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 184.988334] audit: type=1103 audit(1719907170.040:1407): pid=5457 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 184.998995] audit: type=1006 audit(1719907170.040:1408): pid=5457 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=26 res=1 [ 185.011938] audit: type=1300 audit(1719907170.040:1408): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffeadad8920 a2=3 a3=0 items=0 ppid=1 pid=5457 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=26 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 185.029844] audit: type=1327 audit(1719907170.040:1408): proctitle=737368643A20636F7265205B707269765D [ 185.075590] audit: type=1105 audit(1719907170.129:1409): pid=5457 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 185.090430] audit: type=1103 audit(1719907170.144:1410): pid=5459 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 185.396840] audit: type=1106 audit(1719907170.450:1411): pid=5457 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 185.404046] audit: type=1104 audit(1719907170.455:1412): pid=5457 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 190.430668] kauditd_printk_skb: 1 callbacks suppressed [ 190.430671] audit: type=1130 audit(1719907175.485:1414): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@26-172.31.21.43:22-139.178.89.65:55888 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 190.711127] audit: type=1101 audit(1719907175.766:1415): pid=5496 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 190.720539] audit: type=1103 audit(1719907175.774:1416): pid=5496 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 190.730780] audit: type=1006 audit(1719907175.774:1417): pid=5496 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=27 res=1 [ 190.735038] audit: type=1300 audit(1719907175.774:1417): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe52478590 a2=3 a3=0 items=0 ppid=1 pid=5496 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=27 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 190.745102] audit: type=1327 audit(1719907175.774:1417): proctitle=737368643A20636F7265205B707269765D [ 190.758106] audit: type=1105 audit(1719907175.812:1418): pid=5496 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 190.767419] audit: type=1103 audit(1719907175.820:1419): pid=5498 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 191.199827] audit: type=1106 audit(1719907176.255:1420): pid=5496 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 191.206375] audit: type=1104 audit(1719907176.255:1421): pid=5496 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 205.468972] kauditd_printk_skb: 1 callbacks suppressed [ 205.468975] audit: type=1334 audit(1719907190.525:1423): prog-id=83 op=UNLOAD [ 205.471291] audit: type=1334 audit(1719907190.525:1424): prog-id=105 op=UNLOAD [ 205.982771] audit: type=1400 audit(1719907191.037:1425): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 205.986220] audit: type=1400 audit(1719907191.037:1426): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 205.989499] audit: type=1400 audit(1719907191.037:1427): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 205.993470] audit: type=1400 audit(1719907191.037:1428): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 205.997699] audit: type=1400 audit(1719907191.037:1429): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 206.001852] audit: type=1400 audit(1719907191.037:1430): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 206.005181] audit: type=1400 audit(1719907191.037:1431): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 206.008718] audit: type=1400 audit(1719907191.037:1432): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0