99379.219:820): arch=c00000b7 syscall=5 success=no exit=-22 a0=4000903c00 a1=40007873f8 a2=40006a35c0 a3=25 items=0 ppid=1 pid=2897 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/usr/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 73.319218] audit: type=1327 audit(1734099379.219:820): proctitle=2F7573722F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 73.537213] audit: type=1400 audit(1734099379.501:821): avc: denied { mac_admin } for pid=2897 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 73.547834] audit: type=1401 audit(1734099379.501:821): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 78.663148] kauditd_printk_skb: 2 callbacks suppressed [ 78.663154] audit: type=1106 audit(1734099384.627:822): pid=2096 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 78.681826] audit: type=1104 audit(1734099384.631:823): pid=2096 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 78.699895] audit: type=1106 audit(1734099384.664:824): pid=2093 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 78.711193] audit: type=1104 audit(1734099384.665:825): pid=2093 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 78.720841] audit: type=1131 audit(1734099384.676:826): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@6-172.31.24.217:22-139.178.89.65:52148 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 81.550487] audit: type=1400 audit(1734099387.515:827): avc: denied { watch } for pid=2762 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=8272 scontext=system_u:system_r:svirt_lxc_net_t:s0:c540,c732 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 81.560189] audit: type=1300 audit(1734099387.515:827): arch=c00000b7 syscall=27 success=no exit=-13 a0=a a1=400118f280 a2=fc6 a3=0 items=0 ppid=2530 pid=2762 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c540,c732 key=(null) [ 81.572566] audit: type=1327 audit(1734099387.515:827): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 81.583920] audit: type=1400 audit(1734099387.517:828): avc: denied { watch } for pid=2762 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=8272 scontext=system_u:system_r:svirt_lxc_net_t:s0:c540,c732 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 81.593483] audit: type=1300 audit(1734099387.517:828): arch=c00000b7 syscall=27 success=no exit=-13 a0=a a1=400118f580 a2=fc6 a3=0 items=0 ppid=2530 pid=2762 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c540,c732 key=(null) [ 84.086573] kauditd_printk_skb: 7 callbacks suppressed [ 84.086579] audit: type=1400 audit(1734099390.051:831): avc: denied { watch } for pid=2762 comm="kube-controller" path="/opt/libexec/kubernetes/kubelet-plugins/volume/exec" dev="nvme0n1p9" ino=520971 scontext=system_u:system_r:svirt_lxc_net_t:s0:c540,c732 tcontext=system_u:object_r:usr_t:s0 tclass=dir permissive=0 [ 84.098360] audit: type=1300 audit(1734099390.051:831): arch=c00000b7 syscall=27 success=no exit=-13 a0=9 a1=4000bb1240 a2=fc6 a3=0 items=0 ppid=2530 pid=2762 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c540,c732 key=(null) [ 84.110509] audit: type=1327 audit(1734099390.051:831): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 86.366874] audit: type=1400 audit(1734099392.330:832): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 86.374351] audit: type=1400 audit(1734099392.330:833): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 86.382666] audit: type=1400 audit(1734099392.330:834): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 86.391405] audit: type=1400 audit(1734099392.330:835): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 86.399665] audit: type=1400 audit(1734099392.330:836): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 86.407389] audit: type=1400 audit(1734099392.330:837): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 86.420186] audit: type=1400 audit(1734099392.330:838): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 91.190938] kauditd_printk_skb: 303 callbacks suppressed [ 91.190953] audit: type=1400 audit(1734099397.155:925): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 91.199768] audit: type=1400 audit(1734099397.163:926): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 91.206708] audit: type=1400 audit(1734099397.163:927): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 91.216946] audit: type=1400 audit(1734099397.163:928): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 91.225512] audit: type=1400 audit(1734099397.163:929): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 91.232951] audit: type=1400 audit(1734099397.163:930): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 91.241944] audit: type=1400 audit(1734099397.163:931): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 91.250000] audit: type=1400 audit(1734099397.163:932): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 91.257831] audit: type=1400 audit(1734099397.163:933): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 91.270908] audit: type=1400 audit(1734099397.165:934): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 96.771397] kauditd_printk_skb: 59 callbacks suppressed [ 96.771402] audit: type=1400 audit(1734099402.736:947): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 96.783183] audit: type=1400 audit(1734099402.736:948): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 96.795176] audit: type=1400 audit(1734099402.736:949): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 96.802592] audit: type=1400 audit(1734099402.736:950): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 96.813496] audit: type=1400 audit(1734099402.736:951): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 96.821152] audit: type=1400 audit(1734099402.736:952): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 96.833203] audit: type=1400 audit(1734099402.736:953): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 96.843660] audit: type=1400 audit(1734099402.736:954): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 96.855503] audit: type=1400 audit(1734099402.736:955): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 96.866691] audit: type=1400 audit(1734099402.738:956): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 101.795328] kauditd_printk_skb: 173 callbacks suppressed [ 101.795345] audit: type=1400 audit(1734099407.760:1005): avc: denied { perfmon } for pid=3509 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 101.804263] audit: type=1300 audit(1734099407.760:1005): arch=c00000b7 syscall=280 success=yes exit=15 a0=0 a1=40001955a0 a2=3c a3=0 items=0 ppid=3307 pid=3509 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 101.815287] audit: type=1327 audit(1734099407.760:1005): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6633633835303035353230346538663837323136306136626434616535 [ 101.825530] audit: type=1400 audit(1734099407.762:1006): avc: denied { bpf } for pid=3509 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 101.833054] audit: type=1400 audit(1734099407.762:1006): avc: denied { bpf } for pid=3509 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 101.842226] audit: type=1400 audit(1734099407.762:1006): avc: denied { bpf } for pid=3509 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 101.857516] audit: type=1400 audit(1734099407.762:1006): avc: denied { perfmon } for pid=3509 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 101.865532] audit: type=1400 audit(1734099407.762:1006): avc: denied { perfmon } for pid=3509 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 101.878719] audit: type=1400 audit(1734099407.762:1006): avc: denied { perfmon } for pid=3509 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 101.904014] audit: type=1400 audit(1734099407.762:1006): avc: denied { perfmon } for pid=3509 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 108.300542] kauditd_printk_skb: 34 callbacks suppressed [ 108.300547] audit: type=1400 audit(1734099414.265:1012): avc: denied { perfmon } for pid=3594 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 108.309600] audit: type=1300 audit(1734099414.265:1012): arch=c00000b7 syscall=280 success=yes exit=15 a0=0 a1=40001955a0 a2=3c a3=0 items=0 ppid=3307 pid=3594 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 108.320304] audit: type=1327 audit(1734099414.265:1012): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3730643264303239376136303665333439386463633234336165636630 [ 108.331177] audit: type=1400 audit(1734099414.265:1013): avc: denied { bpf } for pid=3594 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 108.338827] audit: type=1400 audit(1734099414.265:1013): avc: denied { bpf } for pid=3594 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 108.346332] audit: type=1400 audit(1734099414.265:1013): avc: denied { bpf } for pid=3594 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 108.353939] audit: type=1400 audit(1734099414.265:1013): avc: denied { perfmon } for pid=3594 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 108.368036] audit: type=1400 audit(1734099414.265:1013): avc: denied { perfmon } for pid=3594 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 108.381120] audit: type=1400 audit(1734099414.265:1013): avc: denied { perfmon } for pid=3594 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 108.393244] audit: type=1400 audit(1734099414.265:1013): avc: denied { perfmon } for pid=3594 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 118.464377] kauditd_printk_skb: 34 callbacks suppressed [ 118.464384] audit: type=1130 audit(1734099424.429:1019): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@7-172.31.24.217:22-139.178.89.65:50180 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 118.648329] audit: type=1101 audit(1734099424.613:1020): pid=3958 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 118.658726] audit: type=1103 audit(1734099424.613:1021): pid=3958 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 118.668930] audit: type=1006 audit(1734099424.613:1022): pid=3958 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=8 res=1 [ 118.675246] audit: type=1300 audit(1734099424.613:1022): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffcb6cd6e0 a2=3 a3=1 items=0 ppid=1 pid=3958 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=8 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 118.686174] audit: type=1327 audit(1734099424.613:1022): proctitle=737368643A20636F7265205B707269765D [ 118.705230] audit: type=1105 audit(1734099424.670:1023): pid=3958 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 118.719189] audit: type=1103 audit(1734099424.684:1024): pid=3960 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 119.044730] audit: type=1106 audit(1734099425.007:1025): pid=3958 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 119.058096] audit: type=1104 audit(1734099425.007:1026): pid=3958 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 120.667303] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information. [ 120.670072] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld . All Rights Reserved. [ 123.596108] kauditd_printk_skb: 267 callbacks suppressed [ 123.596112] audit: type=1400 audit(1734099429.561:1075): avc: denied { bpf } for pid=4234 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 123.607406] audit: audit_backlog=65 > audit_backlog_limit=64 [ 123.609466] audit: type=1400 audit(1734099429.561:1075): avc: denied { bpf } for pid=4234 comm="bpftool" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 123.621837] audit: type=1400 audit(1734099429.561:1075): avc: denied { perfmon } for pid=4234 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 123.638902] audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=64 [ 123.643869] audit: backlog limit exceeded [ 123.644642] audit: type=1400 audit(1734099429.561:1075): avc: denied { perfmon } for pid=4234 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 123.657732] audit: type=1400 audit(1734099429.561:1075): avc: denied { perfmon } for pid=4234 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 123.667920] audit: type=1400 audit(1734099429.561:1075): avc: denied { perfmon } for pid=4234 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 123.677647] audit: type=1400 audit(1734099429.561:1075): avc: denied { perfmon } for pid=4234 comm="bpftool" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 This is ip-172-31-24-217 (Linux aarch64 5.15.173-flatcar) 14:17:10 SSH host key: SHA256:R3xkUZBdouUGlwFbH1gbup8k2Evz1Q+kshlKy+ULK7A (RSA) SSH host key: SHA256:5o33i43CSzpziHHWX58YwDEOPrSAKPan5PAIYxd8M0Y (ECDSA) SSH host key: SHA256:iuhip4aJQmK6tmuJvr+kn9oXxSJaEEMGg5I1wthIiOM (ED25519) eth0: 172.31.24.217 fe80::471:2fff:fe94:4429 ip-172-31-24-217 login: [ 125.622783] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 125.625195] IPv6: ADDRCONF(NETDEV_CHANGE): calie1d7807c7f8: link becomes ready [ 125.746225] IPv6: ADDRCONF(NETDEV_CHANGE): cali5fe6c36e5ca: link becomes ready [ 125.880509] IPv6: ADDRCONF(NETDEV_CHANGE): cali2b659a48d0f: link becomes ready [ 126.126541] IPv6: ADDRCONF(NETDEV_CHANGE): calia421194004a: link becomes ready This is ip-172-31-24-217 (Linux aarch64 5.15.173-flatcar) 14:17:12 SSH host key: SHA256:R3xkUZBdouUGlwFbH1gbup8k2Evz1Q+kshlKy+ULK7A (RSA) SSH host key: SHA256:5o33i43CSzpziHHWX58YwDEOPrSAKPan5PAIYxd8M0Y (ECDSA) SSH host key: SHA256:iuhip4aJQmK6tmuJvr+kn9oXxSJaEEMGg5I1wthIiOM (ED25519) eth0: 172.31.24.217 fe80::471:2fff:fe94:4429 ip-172-31-24-217 login: [ 127.529010] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 127.531341] IPv6: ADDRCONF(NETDEV_CHANGE): cali84fc5a9b2e7: link becomes ready This is ip-172-31-24-217 (Linux aarch64 5.15.173-flatcar) 14:17:14 SSH host key: SHA256:R3xkUZBdouUGlwFbH1gbup8k2Evz1Q+kshlKy+ULK7A (RSA) SSH host key: SHA256:5o33i43CSzpziHHWX58YwDEOPrSAKPan5PAIYxd8M0Y (ECDSA) SSH host key: SHA256:iuhip4aJQmK6tmuJvr+kn9oXxSJaEEMGg5I1wthIiOM (ED25519) eth0: 172.31.24.217 fe80::471:2fff:fe94:4429 ip-172-31-24-217 login: [ 128.358726] IPv6: ADDRCONF(NETDEV_CHANGE): calidf1dcea19f6: link becomes ready [ 128.843193] kauditd_printk_skb: 788 callbacks suppressed [ 128.843198] audit: type=1400 audit(1734099434.808:1301): avc: denied { watch } for pid=2769 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="nvme0n1p9" ino=8274 scontext=system_u:system_r:svirt_lxc_net_t:s0:c409,c857 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 128.856705] audit: type=1400 audit(1734099434.815:1302): avc: denied { watch } for pid=2769 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="nvme0n1p9" ino=8279 scontext=system_u:system_r:svirt_lxc_net_t:s0:c409,c857 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 128.866638] audit: type=1300 audit(1734099434.815:1302): arch=c00000b7 syscall=27 success=no exit=-13 a0=6d a1=40099b21e0 a2=fc6 a3=0 items=0 ppid=2499 pid=2769 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c409,c857 key=(null) [ 128.880200] audit: type=1327 audit(1734099434.815:1302): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D3137322E33312E32342E323137002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 [ 128.891685] audit: type=1300 audit(1734099434.808:1301): arch=c00000b7 syscall=27 success=no exit=-13 a0=6b a1=4004da5d70 a2=fc6 a3=0 items=0 ppid=2499 pid=2769 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c409,c857 key=(null) [ 128.905984] audit: type=1327 audit(1734099434.808:1301): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D3137322E33312E32342E323137002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 [ 128.926172] audit: type=1400 audit(1734099434.844:1303): avc: denied { watch } for pid=2769 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="nvme0n1p9" ino=8281 scontext=system_u:system_r:svirt_lxc_net_t:s0:c409,c857 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 128.936946] audit: type=1300 audit(1734099434.844:1303): arch=c00000b7 syscall=27 success=no exit=-13 a0=6b a1=4005accf00 a2=fc6 a3=0 items=0 ppid=2499 pid=2769 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c409,c857 key=(null) [ 128.949348] audit: type=1327 audit(1734099434.844:1303): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D3137322E33312E32342E323137002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 [ 128.960834] audit: type=1400 audit(1734099434.844:1304): avc: denied { watch } for pid=2769 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=8272 scontext=system_u:system_r:svirt_lxc_net_t:s0:c409,c857 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 This is ip-172-31-24-217 (Linux aarch64 5.15.173-flatcar) 14:17:15 SSH host key: SHA256:R3xkUZBdouUGlwFbH1gbup8k2Evz1Q+kshlKy+ULK7A (RSA) SSH host key: SHA256:5o33i43CSzpziHHWX58YwDEOPrSAKPan5PAIYxd8M0Y (ECDSA) SSH host key: SHA256:iuhip4aJQmK6tmuJvr+kn9oXxSJaEEMGg5I1wthIiOM (ED25519) eth0: 172.31.24.217 fe80::471:2fff:fe94:4429 ip-172-31-24-217 login: This is ip-172-31-24-217 (Linux aarch64 5.15.173-flatcar) 14:17:16 SSH host key: SHA256:R3xkUZBdouUGlwFbH1gbup8k2Evz1Q+kshlKy+ULK7A (RSA) SSH host key: SHA256:5o33i43CSzpziHHWX58YwDEOPrSAKPan5PAIYxd8M0Y (ECDSA) SSH host key: SHA256:iuhip4aJQmK6tmuJvr+kn9oXxSJaEEMGg5I1wthIiOM (ED25519) eth0: 172.31.24.217 fe80::471:2fff:fe94:4429 ip-172-31-24-217 login: This is ip-172-31-24-217 (Linux aarch64 5.15.173-flatcar) 14:17:17 SSH host key: SHA256:R3xkUZBdouUGlwFbH1gbup8k2Evz1Q+kshlKy+ULK7A (RSA) SSH host key: SHA256:5o33i43CSzpziHHWX58YwDEOPrSAKPan5PAIYxd8M0Y (ECDSA) SSH host key: SHA256:iuhip4aJQmK6tmuJvr+kn9oXxSJaEEMGg5I1wthIiOM (ED25519) eth0: 172.31.24.217 fe80::471:2fff:fe94:4429 ip-172-31-24-217 login: [ 134.550938] kauditd_printk_skb: 68 callbacks suppressed [ 134.550943] audit: type=1400 audit(1734099440.517:1324): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 134.560950] audit: type=1400 audit(1734099440.517:1325): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 134.568979] audit: type=1400 audit(1734099440.517:1326): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 134.576644] audit: type=1400 audit(1734099440.517:1327): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 134.588404] audit: type=1400 audit(1734099440.517:1328): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 134.601404] audit: type=1400 audit(1734099440.517:1329): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 134.608421] audit: type=1400 audit(1734099440.517:1330): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 134.615486] audit: type=1400 audit(1734099440.517:1331): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 134.627791] audit: type=1400 audit(1734099440.517:1332): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 134.638773] audit: type=1400 audit(1734099440.519:1333): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 140.212682] kauditd_printk_skb: 215 callbacks suppressed [ 140.212688] audit: type=1400 audit(1734099446.178:1412): avc: denied { watch } for pid=5238 comm="apiserver" path="/calico-apiserver-certs/..2024_12_13_14_16_56.1316631105/tls.crt" dev="tmpfs" ino=4 scontext=system_u:system_r:svirt_lxc_net_t:s0:c146,c386 tcontext=system_u:object_r:svirt_lxc_file_t:s0:c146,c386 tclass=file permissive=0 [ 140.231213] audit: type=1300 audit(1734099446.178:1412): arch=c00000b7 syscall=27 success=no exit=-13 a0=7 a1=4000e2eb40 a2=fc6 a3=0 items=0 ppid=4850 pid=5238 auid=4294967295 uid=10001 gid=10001 euid=10001 suid=10001 fsuid=10001 egid=10001 sgid=10001 fsgid=10001 tty=(none) ses=4294967295 comm="apiserver" exe="/code/apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c146,c386 key=(null) [ 140.247434] audit: type=1327 audit(1734099446.178:1412): proctitle=2F636F64652F617069736572766572002D2D7365637572652D706F72743D35343433002D2D746C732D707269766174652D6B65792D66696C653D2F63616C69636F2D6170697365727665722D63657274732F746C732E6B6579002D2D746C732D636572742D66696C653D2F63616C69636F2D6170697365727665722D63657274 [ 141.259695] audit: type=1400 audit(1734099447.225:1413): avc: denied { perfmon } for pid=5546 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 141.267436] audit: type=1300 audit(1734099447.225:1413): arch=c00000b7 syscall=280 success=yes exit=15 a0=0 a1=400014d5a0 a2=3c a3=0 items=0 ppid=4563 pid=5546 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 141.279104] audit: type=1327 audit(1734099447.225:1413): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3531316134303339656138366237656463393736366537336266376232 [ 141.293306] audit: type=1400 audit(1734099447.225:1414): avc: denied { bpf } for pid=5546 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 141.300796] audit: type=1400 audit(1734099447.225:1414): avc: denied { bpf } for pid=5546 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 141.308836] audit: type=1400 audit(1734099447.225:1414): avc: denied { bpf } for pid=5546 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 141.320660] audit: type=1400 audit(1734099447.225:1414): avc: denied { perfmon } for pid=5546 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 148.043483] kauditd_printk_skb: 59 callbacks suppressed [ 148.043487] audit: type=1130 audit(1734099454.009:1432): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-172.31.24.217:22-139.178.89.65:56188 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 148.222531] audit: type=1101 audit(1734099454.188:1433): pid=5625 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 148.232910] audit: type=1103 audit(1734099454.191:1434): pid=5625 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 148.242967] audit: type=1006 audit(1734099454.192:1435): pid=5625 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=15 res=1 [ 148.249468] audit: type=1300 audit(1734099454.192:1435): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffe3a2fcf0 a2=3 a3=1 items=0 ppid=1 pid=5625 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=15 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 148.260448] audit: type=1327 audit(1734099454.192:1435): proctitle=737368643A20636F7265205B707269765D [ 148.285696] audit: type=1105 audit(1734099454.251:1436): pid=5625 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 148.296547] audit: type=1103 audit(1734099454.255:1437): pid=5627 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 148.560416] audit: type=1106 audit(1734099454.526:1438): pid=5625 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 148.576152] audit: type=1104 audit(1734099454.526:1439): pid=5625 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 153.587615] kauditd_printk_skb: 1 callbacks suppressed [ 153.587621] audit: type=1130 audit(1734099459.553:1441): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-172.31.24.217:22-139.178.89.65:35058 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 153.771606] audit: type=1101 audit(1734099459.737:1442): pid=5639 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 153.784135] audit: type=1103 audit(1734099459.750:1443): pid=5639 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 153.795115] audit: type=1006 audit(1734099459.750:1444): pid=5639 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=16 res=1 [ 153.801280] audit: type=1300 audit(1734099459.750:1444): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff4dcf4e0 a2=3 a3=1 items=0 ppid=1 pid=5639 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=16 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 153.813302] audit: type=1327 audit(1734099459.750:1444): proctitle=737368643A20636F7265205B707269765D [ 153.834178] audit: type=1105 audit(1734099459.800:1445): pid=5639 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 153.844999] audit: type=1103 audit(1734099459.803:1446): pid=5641 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 154.093424] audit: type=1106 audit(1734099460.059:1447): pid=5639 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 154.106938] audit: type=1104 audit(1734099460.059:1448): pid=5639 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 159.127001] kauditd_printk_skb: 1 callbacks suppressed [ 159.127006] audit: type=1130 audit(1734099465.092:1450): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@16-172.31.24.217:22-139.178.89.65:35064 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 159.298619] audit: type=1101 audit(1734099465.264:1451): pid=5654 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 159.312188] audit: type=1103 audit(1734099465.276:1452): pid=5654 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 159.323209] audit: type=1006 audit(1734099465.276:1453): pid=5654 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=17 res=1 [ 159.330850] audit: type=1300 audit(1734099465.276:1453): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff65d3260 a2=3 a3=1 items=0 ppid=1 pid=5654 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=17 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 159.341061] audit: type=1327 audit(1734099465.276:1453): proctitle=737368643A20636F7265205B707269765D [ 159.360300] audit: type=1105 audit(1734099465.324:1454): pid=5654 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 159.378386] audit: type=1103 audit(1734099465.340:1455): pid=5656 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 159.723523] audit: type=1106 audit(1734099465.689:1456): pid=5654 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 159.746341] audit: type=1104 audit(1734099465.705:1457): pid=5654 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 164.829734] kauditd_printk_skb: 20 callbacks suppressed [ 164.829739] audit: type=1325 audit(1734099470.795:1474): table=filter:120 family=2 entries=20 op=nft_register_rule pid=5696 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 164.847755] audit: type=1300 audit(1734099470.795:1474): arch=c00000b7 syscall=211 success=yes exit=11860 a0=3 a1=ffffc55ac470 a2=0 a3=1 items=0 ppid=3062 pid=5696 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 164.863569] audit: type=1327 audit(1734099470.795:1474): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 164.868837] audit: type=1325 audit(1734099470.816:1475): table=nat:121 family=2 entries=22 op=nft_register_rule pid=5696 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 164.875752] audit: type=1300 audit(1734099470.816:1475): arch=c00000b7 syscall=211 success=yes exit=6540 a0=3 a1=ffffc55ac470 a2=0 a3=1 items=0 ppid=3062 pid=5696 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 164.894312] audit: type=1327 audit(1734099470.816:1475): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 164.910345] audit: type=1106 audit(1734099470.858:1476): pid=5678 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 164.946350] audit: type=1104 audit(1734099470.859:1477): pid=5678 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 164.960546] audit: type=1131 audit(1734099470.868:1478): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@18-172.31.24.217:22-139.178.89.65:35072 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 164.970052] audit: type=1130 audit(1734099470.905:1479): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@19-172.31.24.217:22-139.178.89.65:43466 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 171.330949] kauditd_printk_skb: 33 callbacks suppressed [ 171.330954] audit: type=1130 audit(1734099477.297:1501): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@21-172.31.24.217:22-139.178.89.65:43486 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 171.514061] audit: type=1101 audit(1734099477.480:1502): pid=5749 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 171.524703] audit: type=1103 audit(1734099477.482:1503): pid=5749 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 171.534256] audit: type=1006 audit(1734099477.482:1504): pid=5749 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=22 res=1 [ 171.540111] audit: type=1300 audit(1734099477.482:1504): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffce51f290 a2=3 a3=1 items=0 ppid=1 pid=5749 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=22 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 171.550331] audit: type=1327 audit(1734099477.482:1504): proctitle=737368643A20636F7265205B707269765D [ 171.586684] audit: type=1105 audit(1734099477.552:1505): pid=5749 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 171.598308] audit: type=1103 audit(1734099477.564:1506): pid=5751 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 171.863278] audit: type=1106 audit(1734099477.829:1507): pid=5749 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 171.874833] audit: type=1104 audit(1734099477.829:1508): pid=5749 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 176.891034] kauditd_printk_skb: 7 callbacks suppressed [ 176.891039] audit: type=1130 audit(1734099482.857:1512): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@22-172.31.24.217:22-139.178.89.65:33872 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 177.071032] audit: type=1101 audit(1734099483.037:1513): pid=5788 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 177.083287] audit: type=1103 audit(1734099483.049:1514): pid=5788 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 177.093230] audit: type=1006 audit(1734099483.049:1515): pid=5788 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=23 res=1 [ 177.099353] audit: type=1300 audit(1734099483.049:1515): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffc9809e40 a2=3 a3=1 items=0 ppid=1 pid=5788 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=23 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 177.109528] audit: type=1327 audit(1734099483.049:1515): proctitle=737368643A20636F7265205B707269765D [ 177.136749] audit: type=1105 audit(1734099483.103:1516): pid=5788 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 177.147515] audit: type=1103 audit(1734099483.103:1517): pid=5792 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 177.420351] audit: type=1106 audit(1734099483.386:1518): pid=5788 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 177.447489] audit: type=1104 audit(1734099483.387:1519): pid=5788 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 182.450315] kauditd_printk_skb: 1 callbacks suppressed [ 182.450322] audit: type=1130 audit(1734099488.416:1521): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@23-172.31.24.217:22-139.178.89.65:56702 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 182.637446] audit: type=1101 audit(1734099488.603:1522): pid=5802 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 182.649673] audit: type=1103 audit(1734099488.614:1523): pid=5802 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 182.659781] audit: type=1006 audit(1734099488.614:1524): pid=5802 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=24 res=1 [ 182.666265] audit: type=1300 audit(1734099488.614:1524): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffd9bbcab0 a2=3 a3=1 items=0 ppid=1 pid=5802 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=24 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 182.676110] audit: type=1327 audit(1734099488.614:1524): proctitle=737368643A20636F7265205B707269765D [ 182.697807] audit: type=1105 audit(1734099488.662:1525): pid=5802 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 182.710444] audit: type=1103 audit(1734099488.675:1526): pid=5804 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 183.017613] audit: type=1106 audit(1734099488.983:1527): pid=5802 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 183.028918] audit: type=1104 audit(1734099488.985:1528): pid=5802 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 188.051160] kauditd_printk_skb: 1 callbacks suppressed [ 188.051166] audit: type=1130 audit(1734099494.017:1530): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@24-172.31.24.217:22-139.178.89.65:56706 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 188.066340] audit: type=1400 audit(1734099494.031:1531): avc: denied { watch } for pid=2762 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="nvme0n1p9" ino=8279 scontext=system_u:system_r:svirt_lxc_net_t:s0:c540,c732 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 188.078063] audit: type=1300 audit(1734099494.031:1531): arch=c00000b7 syscall=27 success=no exit=-13 a0=a a1=4001995500 a2=fc6 a3=0 items=0 ppid=2530 pid=2762 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c540,c732 key=(null) [ 188.092069] audit: type=1327 audit(1734099494.031:1531): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 188.102245] audit: type=1400 audit(1734099494.031:1532): avc: denied { watch } for pid=2762 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=8272 scontext=system_u:system_r:svirt_lxc_net_t:s0:c540,c732 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 188.111411] audit: type=1300 audit(1734099494.031:1532): arch=c00000b7 syscall=27 success=no exit=-13 a0=a a1=40019dd040 a2=fc6 a3=0 items=0 ppid=2530 pid=2762 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c540,c732 key=(null) [ 188.123244] audit: type=1327 audit(1734099494.031:1532): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 188.221602] audit: type=1101 audit(1734099494.188:1533): pid=5815 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 188.236471] audit: type=1103 audit(1734099494.200:1534): pid=5815 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 188.249185] audit: type=1006 audit(1734099494.200:1535): pid=5815 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=25 res=1 [ 193.560087] kauditd_printk_skb: 25 callbacks suppressed [ 193.560095] audit: type=1130 audit(1734099499.525:1547): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@25-172.31.24.217:22-139.178.89.65:34020 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 193.759003] audit: type=1101 audit(1734099499.725:1548): pid=5829 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 193.771214] audit: type=1103 audit(1734099499.737:1549): pid=5829 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 193.781063] audit: type=1006 audit(1734099499.737:1550): pid=5829 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=26 res=1 [ 193.787634] audit: type=1300 audit(1734099499.737:1550): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffd675ca70 a2=3 a3=1 items=0 ppid=1 pid=5829 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=26 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 193.798330] audit: type=1327 audit(1734099499.737:1550): proctitle=737368643A20636F7265205B707269765D [ 193.821297] audit: type=1105 audit(1734099499.787:1551): pid=5829 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 193.833501] audit: type=1103 audit(1734099499.799:1552): pid=5831 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 194.087759] audit: type=1106 audit(1734099500.054:1553): pid=5829 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 194.098537] audit: type=1104 audit(1734099500.054:1554): pid=5829 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 198.590054] kauditd_printk_skb: 1 callbacks suppressed [ 198.590072] audit: type=1400 audit(1734099504.556:1556): avc: denied { watch } for pid=5178 comm="apiserver" path="/calico-apiserver-certs/..2024_12_13_14_16_56.709204984/tls.crt" dev="tmpfs" ino=3 scontext=system_u:system_r:svirt_lxc_net_t:s0:c346,c562 tcontext=system_u:object_r:svirt_lxc_file_t:s0:c346,c562 tclass=file permissive=0 [ 198.602372] audit: type=1300 audit(1734099504.556:1556): arch=c00000b7 syscall=27 success=no exit=-13 a0=9 a1=4001f6a680 a2=fc6 a3=0 items=0 ppid=4622 pid=5178 auid=4294967295 uid=10001 gid=10001 euid=10001 suid=10001 fsuid=10001 egid=10001 sgid=10001 fsgid=10001 tty=(none) ses=4294967295 comm="apiserver" exe="/code/apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c346,c562 key=(null) [ 198.613991] audit: type=1327 audit(1734099504.556:1556): proctitle=2F636F64652F617069736572766572002D2D7365637572652D706F72743D35343433002D2D746C732D707269766174652D6B65792D66696C653D2F63616C69636F2D6170697365727665722D63657274732F746C732E6B6579002D2D746C732D636572742D66696C653D2F63616C69636F2D6170697365727665722D63657274 [ 199.119195] audit: type=1130 audit(1734099505.085:1557): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@26-172.31.24.217:22-139.178.89.65:34036 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 199.319309] audit: type=1101 audit(1734099505.286:1558): pid=5861 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 199.329120] audit: type=1103 audit(1734099505.291:1559): pid=5861 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 199.339029] audit: type=1006 audit(1734099505.291:1560): pid=5861 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=27 res=1 [ 199.345385] audit: type=1300 audit(1734099505.291:1560): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffe4ffb550 a2=3 a3=1 items=0 ppid=1 pid=5861 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=27 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 199.355767] audit: type=1327 audit(1734099505.291:1560): proctitle=737368643A20636F7265205B707269765D [ 199.382127] audit: type=1105 audit(1734099505.348:1561): pid=5861 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 204.701027] kauditd_printk_skb: 19 callbacks suppressed [ 204.701032] audit: type=1130 audit(1734099510.667:1571): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@27-172.31.24.217:22-139.178.89.65:41130 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 204.911828] audit: type=1101 audit(1734099510.878:1572): pid=5922 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 204.922189] audit: type=1103 audit(1734099510.881:1573): pid=5922 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 204.931506] audit: type=1006 audit(1734099510.881:1574): pid=5922 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=28 res=1 [ 204.937414] audit: type=1300 audit(1734099510.881:1574): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffee0e7c20 a2=3 a3=1 items=0 ppid=1 pid=5922 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=28 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 204.947900] audit: type=1327 audit(1734099510.881:1574): proctitle=737368643A20636F7265205B707269765D [ 204.968669] audit: type=1105 audit(1734099510.935:1575): pid=5922 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 204.980098] audit: type=1103 audit(1734099510.939:1576): pid=5925 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 205.271324] audit: type=1106 audit(1734099511.238:1577): pid=5922 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 205.283439] audit: type=1104 audit(1734099511.239:1578): pid=5922 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success'