_backlog=65 > audit_backlog_limit=64 [ 56.823826] audit: type=1400 audit(1734099383.052:265): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 62.673604] kauditd_printk_skb: 617 callbacks suppressed [ 62.673608] audit: type=1400 audit(1734099388.938:527): avc: denied { watch } for pid=2591 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="nvme0n1p9" ino=7330 scontext=system_u:system_r:svirt_lxc_net_t:s0:c605,c707 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 62.687079] audit: type=1300 audit(1734099388.938:527): arch=c00000b7 syscall=27 success=no exit=-13 a0=43 a1=4007089440 a2=fc6 a3=0 items=0 ppid=2420 pid=2591 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c605,c707 key=(null) [ 62.702783] audit: type=1327 audit(1734099388.938:527): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D3137322E33312E33312E313231002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 [ 62.716079] audit: type=1400 audit(1734099388.949:528): avc: denied { watch } for pid=2591 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=7326 scontext=system_u:system_r:svirt_lxc_net_t:s0:c605,c707 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 62.728596] audit: type=1300 audit(1734099388.949:528): arch=c00000b7 syscall=27 success=no exit=-13 a0=43 a1=4006cd7e60 a2=fc6 a3=0 items=0 ppid=2420 pid=2591 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c605,c707 key=(null) [ 62.741476] audit: type=1327 audit(1734099388.949:528): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D3137322E33312E33312E313231002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 [ 62.764351] audit: type=1400 audit(1734099388.963:529): avc: denied { watch } for pid=2591 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="nvme0n1p9" ino=7328 scontext=system_u:system_r:svirt_lxc_net_t:s0:c605,c707 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 62.781342] audit: type=1300 audit(1734099388.963:529): arch=c00000b7 syscall=27 success=no exit=-13 a0=42 a1=4007089bc0 a2=fc6 a3=0 items=0 ppid=2420 pid=2591 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c605,c707 key=(null) [ 62.794785] audit: type=1327 audit(1734099388.963:529): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D3137322E33312E33312E313231002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 [ 62.805613] audit: type=1400 audit(1734099388.966:530): avc: denied { watch } for pid=2591 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="nvme0n1p9" ino=7332 scontext=system_u:system_r:svirt_lxc_net_t:s0:c605,c707 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 73.097207] kauditd_printk_skb: 287 callbacks suppressed [ 73.097212] audit: type=1400 audit(1734099399.361:789): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 73.106045] audit: type=1400 audit(1734099399.361:790): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 73.112878] audit: type=1400 audit(1734099399.362:791): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 73.120766] audit: type=1400 audit(1734099399.362:792): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 73.130069] audit: type=1400 audit(1734099399.362:793): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 73.137133] audit: type=1400 audit(1734099399.362:794): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 73.144225] audit: type=1400 audit(1734099399.362:795): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 73.151073] audit: type=1400 audit(1734099399.362:796): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 73.158334] audit: type=1400 audit(1734099399.362:797): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 73.165304] audit: type=1400 audit(1734099399.364:798): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 80.608107] kauditd_printk_skb: 362 callbacks suppressed [ 80.608112] audit: type=1325 audit(1734099406.872:905): table=filter:89 family=2 entries=14 op=nft_register_rule pid=3338 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 80.617787] audit: type=1300 audit(1734099406.872:905): arch=c00000b7 syscall=211 success=yes exit=5248 a0=3 a1=ffffecf6cf00 a2=0 a3=1 items=0 ppid=3137 pid=3338 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 80.631817] audit: type=1327 audit(1734099406.872:905): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 80.639308] audit: type=1325 audit(1734099406.895:906): table=nat:90 family=2 entries=12 op=nft_register_rule pid=3338 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 80.647539] audit: type=1300 audit(1734099406.895:906): arch=c00000b7 syscall=211 success=yes exit=2700 a0=3 a1=ffffecf6cf00 a2=0 a3=1 items=0 ppid=3137 pid=3338 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 80.663343] audit: type=1327 audit(1734099406.895:906): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 80.699279] audit: type=1325 audit(1734099406.963:907): table=filter:91 family=2 entries=15 op=nft_register_rule pid=3340 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 80.704812] audit: type=1300 audit(1734099406.963:907): arch=c00000b7 syscall=211 success=yes exit=5992 a0=3 a1=ffffc046e6c0 a2=0 a3=1 items=0 ppid=3137 pid=3340 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 80.715528] audit: type=1327 audit(1734099406.963:907): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 80.723148] audit: type=1325 audit(1734099406.987:908): table=nat:92 family=2 entries=12 op=nft_register_rule pid=3340 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 86.397619] kauditd_printk_skb: 179 callbacks suppressed [ 86.397624] audit: type=1400 audit(1734099412.662:965): avc: denied { perfmon } for pid=3566 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 86.406854] audit: type=1300 audit(1734099412.662:965): arch=c00000b7 syscall=280 success=yes exit=15 a0=0 a1=40001955a0 a2=3c a3=0 items=0 ppid=3424 pid=3566 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 86.417655] audit: type=1327 audit(1734099412.662:965): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6135633238333933656465376539363736316537363238363835346664 [ 86.427594] audit: type=1400 audit(1734099412.662:966): avc: denied { bpf } for pid=3566 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 86.434603] audit: type=1400 audit(1734099412.662:966): avc: denied { bpf } for pid=3566 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 86.442181] audit: type=1400 audit(1734099412.662:966): avc: denied { bpf } for pid=3566 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 86.449240] audit: type=1400 audit(1734099412.662:966): avc: denied { perfmon } for pid=3566 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 86.457912] audit: type=1400 audit(1734099412.662:966): avc: denied { perfmon } for pid=3566 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 86.467613] audit: type=1400 audit(1734099412.662:966): avc: denied { perfmon } for pid=3566 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 86.481883] audit: type=1400 audit(1734099412.662:966): avc: denied { perfmon } for pid=3566 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 93.143666] kauditd_printk_skb: 40 callbacks suppressed [ 93.143670] audit: type=1400 audit(1734099419.408:974): avc: denied { perfmon } for pid=3648 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 93.152390] audit: type=1300 audit(1734099419.408:974): arch=c00000b7 syscall=280 success=yes exit=15 a0=0 a1=40001955a0 a2=3c a3=0 items=0 ppid=3424 pid=3648 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 93.163062] audit: type=1327 audit(1734099419.408:974): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6437393032356139666565313937306436383739343339356564353463 [ 93.173699] audit: type=1400 audit(1734099419.408:975): avc: denied { bpf } for pid=3648 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 93.181642] audit: type=1400 audit(1734099419.408:975): avc: denied { bpf } for pid=3648 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 93.189373] audit: type=1400 audit(1734099419.408:975): avc: denied { bpf } for pid=3648 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 93.197609] audit: type=1400 audit(1734099419.408:975): avc: denied { perfmon } for pid=3648 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 93.205315] audit: type=1400 audit(1734099419.408:975): avc: denied { perfmon } for pid=3648 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 93.213116] audit: type=1400 audit(1734099419.408:975): avc: denied { perfmon } for pid=3648 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 93.220530] audit: type=1400 audit(1734099419.408:975): avc: denied { perfmon } for pid=3648 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 104.435721] kauditd_printk_skb: 34 callbacks suppressed [ 104.435725] audit: type=1400 audit(1734099430.700:981): avc: denied { perfmon } for pid=4022 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 104.450016] audit: type=1300 audit(1734099430.700:981): arch=c00000b7 syscall=280 success=yes exit=15 a0=0 a1=40001455a0 a2=3c a3=0 items=0 ppid=3424 pid=4022 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 104.461815] audit: type=1327 audit(1734099430.700:981): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3231373234303038663732643131356130623435343933393261356233 [ 104.472399] audit: type=1400 audit(1734099430.711:982): avc: denied { bpf } for pid=4022 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 104.479832] audit: type=1400 audit(1734099430.711:982): avc: denied { bpf } for pid=4022 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 104.487202] audit: type=1400 audit(1734099430.711:982): avc: denied { bpf } for pid=4022 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 104.496757] audit: type=1400 audit(1734099430.711:982): avc: denied { perfmon } for pid=4022 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 104.504186] audit: type=1400 audit(1734099430.711:982): avc: denied { perfmon } for pid=4022 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 104.512436] audit: type=1400 audit(1734099430.711:982): avc: denied { perfmon } for pid=4022 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 104.520315] audit: type=1400 audit(1734099430.711:982): avc: denied { perfmon } for pid=4022 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 104.667294] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information. [ 104.669884] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld . All Rights Reserved. [ 108.231477] IPv6: ADDRCONF(NETDEV_CHANGE): cali512a23e0207: link becomes ready This is ip-172-31-31-121 (Linux aarch64 5.15.173-flatcar) 14:17:14 SSH host key: SHA256:KXFuxeJczyGsGLIZWhVgoP7GK/RVEnxN23AXeZyuV8g (RSA) SSH host key: SHA256:Tq9t/YnPhamKBwtfbbJV6wwSbQsIaQEkZruK8g+g1Dk (ECDSA) SSH host key: SHA256:FwtOfhKdOb8A6GHA4Oodr8ljo634TsLMmTEzcCEGHv4 (ED25519) eth0: 172.31.31.121 fe80::429:31ff:fe4b:2773 ip-172-31-31-121 login: [ 108.954937] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 108.957229] IPv6: ADDRCONF(NETDEV_CHANGE): cali796a79abca2: link becomes ready This is ip-172-31-31-121 (Linux aarch64 5.15.173-flatcar) 14:17:16 SSH host key: SHA256:KXFuxeJczyGsGLIZWhVgoP7GK/RVEnxN23AXeZyuV8g (RSA) SSH host key: SHA256:Tq9t/YnPhamKBwtfbbJV6wwSbQsIaQEkZruK8g+g1Dk (ECDSA) SSH host key: SHA256:FwtOfhKdOb8A6GHA4Oodr8ljo634TsLMmTEzcCEGHv4 (ED25519) eth0: 172.31.31.121 fe80::429:31ff:fe4b:2773 ip-172-31-31-121 login: [ 111.009976] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 111.012309] IPv6: ADDRCONF(NETDEV_CHANGE): cali79b013e6e71: link becomes ready [ 111.249443] kauditd_printk_skb: 674 callbacks suppressed [ 111.249448] audit: type=1325 audit(1734099437.513:1127): table=filter:103 family=2 entries=44 op=nft_register_chain pid=4599 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" [ 111.260310] audit: type=1300 audit(1734099437.513:1127): arch=c00000b7 syscall=211 success=yes exit=22680 a0=3 a1=ffffd1fd0be0 a2=0 a3=ffff8172bfa8 items=0 ppid=4133 pid=4599 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 111.275253] audit: type=1327 audit(1734099437.513:1127): proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 [ 111.339299] audit: type=1400 audit(1734099437.603:1128): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 111.347710] audit: type=1400 audit(1734099437.603:1129): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 111.357647] audit: type=1400 audit(1734099437.603:1130): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 111.370292] audit: type=1400 audit(1734099437.603:1131): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 111.380524] audit: type=1400 audit(1734099437.603:1132): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 111.396593] audit: type=1400 audit(1734099437.603:1133): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 111.406212] audit: type=1400 audit(1734099437.603:1134): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 This is ip-172-31-31-121 (Linux aarch64 5.15.173-flatcar) 14:17:17 SSH host key: SHA256:KXFuxeJczyGsGLIZWhVgoP7GK/RVEnxN23AXeZyuV8g (RSA) SSH host key: SHA256:Tq9t/YnPhamKBwtfbbJV6wwSbQsIaQEkZruK8g+g1Dk (ECDSA) SSH host key: SHA256:FwtOfhKdOb8A6GHA4Oodr8ljo634TsLMmTEzcCEGHv4 (ED25519) eth0: 172.31.31.121 fe80::429:31ff:fe4b:2773 ip-172-31-31-121 login: [ 112.730846] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 112.733322] IPv6: ADDRCONF(NETDEV_CHANGE): cali5a2ce9bda3e: link becomes ready [ 112.830848] IPv6: ADDRCONF(NETDEV_CHANGE): calibe6a33d8242: link becomes ready [ 113.035079] IPv6: ADDRCONF(NETDEV_CHANGE): calic2011824c8e: link becomes ready This is ip-172-31-31-121 (Linux aarch64 5.15.173-flatcar) 14:17:19 SSH host key: SHA256:KXFuxeJczyGsGLIZWhVgoP7GK/RVEnxN23AXeZyuV8g (RSA) SSH host key: SHA256:Tq9t/YnPhamKBwtfbbJV6wwSbQsIaQEkZruK8g+g1Dk (ECDSA) SSH host key: SHA256:FwtOfhKdOb8A6GHA4Oodr8ljo634TsLMmTEzcCEGHv4 (ED25519) eth0: 172.31.31.121 fe80::429:31ff:fe4b:2773 ip-172-31-31-121 login: This is ip-172-31-31-121 (Linux aarch64 5.15.173-flatcar) 14:17:21 SSH host key: SHA256:KXFuxeJczyGsGLIZWhVgoP7GK/RVEnxN23AXeZyuV8g (RSA) SSH host key: SHA256:Tq9t/YnPhamKBwtfbbJV6wwSbQsIaQEkZruK8g+g1Dk (ECDSA) SSH host key: SHA256:FwtOfhKdOb8A6GHA4Oodr8ljo634TsLMmTEzcCEGHv4 (ED25519) eth0: 172.31.31.121 fe80::429:31ff:fe4b:2773 ip-172-31-31-121 login: This is ip-172-31-31-121 (Linux aarch64 5.15.173-flatcar) 14:17:22 SSH host key: SHA256:KXFuxeJczyGsGLIZWhVgoP7GK/RVEnxN23AXeZyuV8g (RSA) SSH host key: SHA256:Tq9t/YnPhamKBwtfbbJV6wwSbQsIaQEkZruK8g+g1Dk (ECDSA) SSH host key: SHA256:FwtOfhKdOb8A6GHA4Oodr8ljo634TsLMmTEzcCEGHv4 (ED25519) eth0: 172.31.31.121 fe80::429:31ff:fe4b:2773 ip-172-31-31-121 login: This is ip-172-31-31-121 (Linux aarch64 5.15.173-flatcar) 14:17:23 SSH host key: SHA256:KXFuxeJczyGsGLIZWhVgoP7GK/RVEnxN23AXeZyuV8g (RSA) SSH host key: SHA256:Tq9t/YnPhamKBwtfbbJV6wwSbQsIaQEkZruK8g+g1Dk (ECDSA) SSH host key: SHA256:FwtOfhKdOb8A6GHA4Oodr8ljo634TsLMmTEzcCEGHv4 (ED25519) eth0: 172.31.31.121 fe80::429:31ff:fe4b:2773 ip-172-31-31-121 login: [ 117.165657] kauditd_printk_skb: 413 callbacks suppressed [ 117.165662] audit: type=1400 audit(1734099443.430:1261): avc: denied { watch } for pid=5019 comm="apiserver" path="/calico-apiserver-certs/..2024_12_13_14_17_01.3740626422/tls.crt" dev="tmpfs" ino=3 scontext=system_u:system_r:svirt_lxc_net_t:s0:c215,c884 tcontext=system_u:object_r:svirt_lxc_file_t:s0:c215,c884 tclass=file permissive=0 [ 117.181974] audit: type=1300 audit(1734099443.430:1261): arch=c00000b7 syscall=27 success=no exit=-13 a0=7 a1=40017266c0 a2=fc6 a3=0 items=0 ppid=4375 pid=5019 auid=4294967295 uid=10001 gid=10001 euid=10001 suid=10001 fsuid=10001 egid=10001 sgid=10001 fsgid=10001 tty=(none) ses=4294967295 comm="apiserver" exe="/code/apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c215,c884 key=(null) [ 117.203768] audit: type=1327 audit(1734099443.430:1261): proctitle=2F636F64652F617069736572766572002D2D7365637572652D706F72743D35343433002D2D746C732D707269766174652D6B65792D66696C653D2F63616C69636F2D6170697365727665722D63657274732F746C732E6B6579002D2D746C732D636572742D66696C653D2F63616C69636F2D6170697365727665722D63657274 [ 118.479946] audit: type=1130 audit(1734099444.744:1262): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@7-172.31.31.121:22-139.178.89.65:35154 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 118.534653] audit: type=1400 audit(1734099444.799:1263): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 118.543927] audit: type=1400 audit(1734099444.799:1264): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 118.552527] audit: type=1400 audit(1734099444.799:1265): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 118.560834] audit: type=1400 audit(1734099444.799:1266): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 118.584072] audit: type=1400 audit(1734099444.799:1267): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 118.595047] audit: type=1400 audit(1734099444.799:1268): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 122.687914] kauditd_printk_skb: 210 callbacks suppressed [ 122.687919] audit: type=1400 audit(1734099448.952:1321): avc: denied { watch } for pid=2591 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="nvme0n1p9" ino=7330 scontext=system_u:system_r:svirt_lxc_net_t:s0:c605,c707 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 122.701120] audit: type=1300 audit(1734099448.952:1321): arch=c00000b7 syscall=27 success=no exit=-13 a0=70 a1=40089f0540 a2=fc6 a3=0 items=0 ppid=2420 pid=2591 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c605,c707 key=(null) [ 122.712820] audit: type=1327 audit(1734099448.952:1321): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D3137322E33312E33312E313231002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 [ 122.722733] audit: type=1400 audit(1734099448.955:1322): avc: denied { watch } for pid=2591 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=7326 scontext=system_u:system_r:svirt_lxc_net_t:s0:c605,c707 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 122.731743] audit: type=1300 audit(1734099448.955:1322): arch=c00000b7 syscall=27 success=no exit=-13 a0=6e a1=400d913d40 a2=fc6 a3=0 items=0 ppid=2420 pid=2591 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c605,c707 key=(null) [ 122.745129] audit: type=1327 audit(1734099448.955:1322): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D3137322E33312E33312E313231002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 [ 122.755128] audit: type=1400 audit(1734099448.966:1323): avc: denied { watch } for pid=2591 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="nvme0n1p9" ino=7328 scontext=system_u:system_r:svirt_lxc_net_t:s0:c605,c707 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 122.764252] audit: type=1300 audit(1734099448.966:1323): arch=c00000b7 syscall=27 success=no exit=-13 a0=6e a1=40089f05a0 a2=fc6 a3=0 items=0 ppid=2420 pid=2591 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c605,c707 key=(null) [ 122.775825] audit: type=1327 audit(1734099448.966:1323): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D3137322E33312E33312E313231002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 [ 122.923540] audit: type=1400 audit(1734099449.188:1324): avc: denied { watch } for pid=2591 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="nvme0n1p9" ino=7332 scontext=system_u:system_r:svirt_lxc_net_t:s0:c605,c707 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 129.843075] kauditd_printk_skb: 40 callbacks suppressed [ 129.843079] audit: type=1130 audit(1734099456.107:1343): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@9-172.31.31.121:22-139.178.89.65:51150 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 130.033698] audit: type=1101 audit(1734099456.298:1344): pid=5583 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 130.045416] audit: type=1103 audit(1734099456.309:1345): pid=5583 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 130.054576] audit: type=1006 audit(1734099456.310:1346): pid=5583 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=10 res=1 [ 130.060280] audit: type=1300 audit(1734099456.310:1346): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffe8c9eaf0 a2=3 a3=1 items=0 ppid=1 pid=5583 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=10 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 130.070998] audit: type=1327 audit(1734099456.310:1346): proctitle=737368643A20636F7265205B707269765D [ 130.089118] audit: type=1105 audit(1734099456.353:1347): pid=5583 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 130.100556] audit: type=1103 audit(1734099456.356:1348): pid=5585 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 130.345908] audit: type=1106 audit(1734099456.610:1349): pid=5583 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 130.357513] audit: type=1104 audit(1734099456.610:1350): pid=5583 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 135.374094] kauditd_printk_skb: 1 callbacks suppressed [ 135.374098] audit: type=1130 audit(1734099461.639:1352): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@10-172.31.31.121:22-139.178.89.65:51402 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 135.550488] audit: type=1101 audit(1734099461.816:1353): pid=5619 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 135.559648] audit: type=1103 audit(1734099461.822:1354): pid=5619 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 135.568867] audit: type=1006 audit(1734099461.822:1355): pid=5619 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=11 res=1 [ 135.574658] audit: type=1300 audit(1734099461.822:1355): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffda9de480 a2=3 a3=1 items=0 ppid=1 pid=5619 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=11 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 135.584744] audit: type=1327 audit(1734099461.822:1355): proctitle=737368643A20636F7265205B707269765D [ 135.604910] audit: type=1105 audit(1734099461.870:1356): pid=5619 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 135.615102] audit: type=1103 audit(1734099461.872:1357): pid=5621 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 135.856982] audit: type=1106 audit(1734099462.122:1358): pid=5619 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 135.868118] audit: type=1104 audit(1734099462.122:1359): pid=5619 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 141.951837] kauditd_printk_skb: 23 callbacks suppressed [ 141.951842] audit: type=1130 audit(1734099468.216:1379): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@13-172.31.31.121:22-139.178.89.65:49052 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 142.136795] audit: type=1101 audit(1734099468.401:1380): pid=5678 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 142.147964] audit: type=1103 audit(1734099468.412:1381): pid=5678 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 142.157147] audit: type=1006 audit(1734099468.412:1382): pid=5678 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=14 res=1 [ 142.163082] audit: type=1300 audit(1734099468.412:1382): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffcbb48ed0 a2=3 a3=1 items=0 ppid=1 pid=5678 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 142.174020] audit: type=1327 audit(1734099468.412:1382): proctitle=737368643A20636F7265205B707269765D [ 142.190147] audit: type=1105 audit(1734099468.454:1383): pid=5678 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 142.201399] audit: type=1103 audit(1734099468.465:1384): pid=5680 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 142.514513] audit: type=1106 audit(1734099468.777:1385): pid=5678 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 142.525590] audit: type=1104 audit(1734099468.777:1386): pid=5678 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 147.549274] kauditd_printk_skb: 1 callbacks suppressed [ 147.549279] audit: type=1130 audit(1734099473.813:1388): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-172.31.31.121:22-139.178.89.65:49064 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 147.731158] audit: type=1101 audit(1734099473.995:1389): pid=5714 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 147.743071] audit: type=1103 audit(1734099474.007:1390): pid=5714 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 147.753679] audit: type=1006 audit(1734099474.008:1391): pid=5714 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=15 res=1 [ 147.761612] audit: type=1300 audit(1734099474.008:1391): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffc3c9a090 a2=3 a3=1 items=0 ppid=1 pid=5714 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=15 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 147.771475] audit: type=1327 audit(1734099474.008:1391): proctitle=737368643A20636F7265205B707269765D [ 147.792143] audit: type=1105 audit(1734099474.056:1392): pid=5714 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 147.804310] audit: type=1103 audit(1734099474.068:1393): pid=5716 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 148.079482] audit: type=1106 audit(1734099474.343:1394): pid=5714 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 148.094178] audit: type=1104 audit(1734099474.344:1395): pid=5714 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 152.615842] kauditd_printk_skb: 1 callbacks suppressed [ 152.615847] audit: type=1325 audit(1734099478.880:1397): table=filter:113 family=2 entries=9 op=nft_register_rule pid=5732 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 152.625677] audit: type=1300 audit(1734099478.880:1397): arch=c00000b7 syscall=211 success=yes exit=3016 a0=3 a1=ffffec78c4a0 a2=0 a3=1 items=0 ppid=3137 pid=5732 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 152.637912] audit: type=1327 audit(1734099478.880:1397): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 152.648414] audit: type=1325 audit(1734099478.912:1398): table=nat:114 family=2 entries=27 op=nft_register_chain pid=5732 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 152.655339] audit: type=1300 audit(1734099478.912:1398): arch=c00000b7 syscall=211 success=yes exit=9348 a0=3 a1=ffffec78c4a0 a2=0 a3=1 items=0 ppid=3137 pid=5732 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 152.669732] audit: type=1327 audit(1734099478.912:1398): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 153.112101] audit: type=1130 audit(1734099479.374:1399): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-172.31.31.121:22-139.178.89.65:59228 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 153.289816] audit: type=1101 audit(1734099479.554:1400): pid=5734 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 153.303507] audit: type=1103 audit(1734099479.566:1401): pid=5734 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 153.314013] audit: type=1006 audit(1734099479.566:1402): pid=5734 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=16 res=1 [ 158.709132] kauditd_printk_skb: 13 callbacks suppressed [ 158.709136] audit: type=1130 audit(1734099484.973:1410): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@16-172.31.31.121:22-139.178.89.65:59240 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 158.913319] audit: type=1101 audit(1734099485.177:1411): pid=5751 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 158.927616] audit: type=1103 audit(1734099485.187:1412): pid=5751 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 158.942875] audit: type=1006 audit(1734099485.187:1413): pid=5751 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=17 res=1 [ 158.950693] audit: type=1300 audit(1734099485.187:1413): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffd26f99e0 a2=3 a3=1 items=0 ppid=1 pid=5751 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=17 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 158.964983] audit: type=1327 audit(1734099485.187:1413): proctitle=737368643A20636F7265205B707269765D [ 158.974340] audit: type=1105 audit(1734099485.237:1414): pid=5751 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 158.987693] audit: type=1103 audit(1734099485.250:1415): pid=5753 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 159.309585] audit: type=1106 audit(1734099485.571:1416): pid=5751 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 159.320868] audit: type=1104 audit(1734099485.572:1417): pid=5751 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 163.820971] kauditd_printk_skb: 36 callbacks suppressed [ 163.820975] audit: type=1101 audit(1734099490.085:1442): pid=5790 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 163.832543] audit: type=1103 audit(1734099490.087:1443): pid=5790 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 163.842531] audit: type=1006 audit(1734099490.087:1444): pid=5790 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=20 res=1 [ 163.848323] audit: type=1300 audit(1734099490.087:1444): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffd1d9d9e0 a2=3 a3=1 items=0 ppid=1 pid=5790 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=20 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 163.859851] audit: type=1327 audit(1734099490.087:1444): proctitle=737368643A20636F7265205B707269765D [ 163.874189] audit: type=1105 audit(1734099490.138:1445): pid=5790 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 163.884597] audit: type=1103 audit(1734099490.141:1446): pid=5793 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 164.408003] audit: type=1106 audit(1734099490.672:1447): pid=5790 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 164.419811] audit: type=1104 audit(1734099490.672:1448): pid=5790 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 164.428813] audit: type=1131 audit(1734099490.676:1449): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@19-172.31.31.121:22-139.178.89.65:55148 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 169.907680] kauditd_printk_skb: 11 callbacks suppressed [ 169.907684] audit: type=1130 audit(1734099496.171:1459): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@21-172.31.31.121:22-139.178.89.65:55166 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 170.084951] audit: type=1101 audit(1734099496.349:1460): pid=5815 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 170.100066] audit: type=1103 audit(1734099496.355:1461): pid=5815 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 170.116909] audit: type=1006 audit(1734099496.355:1462): pid=5815 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=22 res=1 [ 170.127751] audit: type=1300 audit(1734099496.355:1462): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffc4c65d20 a2=3 a3=1 items=0 ppid=1 pid=5815 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=22 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 170.137944] audit: type=1327 audit(1734099496.355:1462): proctitle=737368643A20636F7265205B707269765D [ 170.142384] audit: type=1105 audit(1734099496.402:1463): pid=5815 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 170.154255] audit: type=1103 audit(1734099496.417:1464): pid=5836 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 170.399027] audit: type=1106 audit(1734099496.663:1465): pid=5815 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 170.411781] audit: type=1104 audit(1734099496.674:1466): pid=5815 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 175.428844] kauditd_printk_skb: 7 callbacks suppressed [ 175.428849] audit: type=1130 audit(1734099501.692:1470): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@22-172.31.31.121:22-139.178.89.65:56764 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 175.602841] audit: type=1101 audit(1734099501.866:1471): pid=5874 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 175.613032] audit: type=1103 audit(1734099501.876:1472): pid=5874 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 175.622095] audit: type=1006 audit(1734099501.876:1473): pid=5874 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=23 res=1 [ 175.628095] audit: type=1300 audit(1734099501.876:1473): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffee7963c0 a2=3 a3=1 items=0 ppid=1 pid=5874 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=23 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 175.638371] audit: type=1327 audit(1734099501.876:1473): proctitle=737368643A20636F7265205B707269765D [ 175.659809] audit: type=1105 audit(1734099501.923:1474): pid=5874 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 175.671730] audit: type=1103 audit(1734099501.935:1475): pid=5876 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 175.912158] audit: type=1106 audit(1734099502.176:1476): pid=5874 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 175.926663] audit: type=1104 audit(1734099502.176:1477): pid=5874 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 180.942452] kauditd_printk_skb: 4 callbacks suppressed [ 180.942457] audit: type=1130 audit(1734099507.206:1480): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@23-172.31.31.121:22-139.178.89.65:56780 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 181.114469] audit: type=1101 audit(1734099507.378:1481): pid=5886 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 181.125565] audit: type=1103 audit(1734099507.389:1482): pid=5886 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 181.134601] audit: type=1006 audit(1734099507.390:1483): pid=5886 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=24 res=1 [ 181.140177] audit: type=1300 audit(1734099507.390:1483): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffdfb8b960 a2=3 a3=1 items=0 ppid=1 pid=5886 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=24 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 181.150076] audit: type=1327 audit(1734099507.390:1483): proctitle=737368643A20636F7265205B707269765D [ 181.175055] audit: type=1105 audit(1734099507.439:1484): pid=5886 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 181.185302] audit: type=1103 audit(1734099507.442:1485): pid=5888 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 181.475194] audit: type=1106 audit(1734099507.739:1486): pid=5886 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 181.491963] audit: type=1104 audit(1734099507.739:1487): pid=5886 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 186.501983] kauditd_printk_skb: 28 callbacks suppressed [ 186.501989] audit: type=1130 audit(1734099512.764:1498): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@24-172.31.31.121:22-139.178.89.65:56218 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 186.668970] audit: type=1101 audit(1734099512.933:1499): pid=5898 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 186.679178] audit: type=1103 audit(1734099512.935:1500): pid=5898 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 186.688282] audit: type=1006 audit(1734099512.935:1501): pid=5898 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=25 res=1 [ 186.694271] audit: type=1300 audit(1734099512.935:1501): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff2868100 a2=3 a3=1 items=0 ppid=1 pid=5898 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=25 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 186.714470] audit: type=1327 audit(1734099512.935:1501): proctitle=737368643A20636F7265205B707269765D [ 186.727532] audit: type=1105 audit(1734099512.991:1502): pid=5898 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 186.741451] audit: type=1103 audit(1734099513.005:1503): pid=5900 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 187.017470] audit: type=1106 audit(1734099513.281:1504): pid=5898 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 187.042397] audit: type=1104 audit(1734099513.281:1505): pid=5898 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 192.045544] kauditd_printk_skb: 13 callbacks suppressed [ 192.045549] audit: type=1130 audit(1734099518.309:1511): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@25-172.31.31.121:22-139.178.89.65:38300 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 192.225208] audit: type=1101 audit(1734099518.489:1512): pid=5919 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 192.234868] audit: type=1103 audit(1734099518.489:1513): pid=5919 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 192.243839] audit: type=1006 audit(1734099518.489:1514): pid=5919 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=26 res=1 [ 192.249549] audit: type=1300 audit(1734099518.489:1514): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffd3a62160 a2=3 a3=1 items=0 ppid=1 pid=5919 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=26 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 192.260256] audit: type=1327 audit(1734099518.489:1514): proctitle=737368643A20636F7265205B707269765D [ 192.264575] audit: type=1105 audit(1734099518.518:1515): pid=5919 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 192.274450] audit: type=1103 audit(1734099518.528:1516): pid=5921 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 192.496579] audit: type=1106 audit(1734099518.760:1517): pid=5919 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 192.507471] audit: type=1104 audit(1734099518.760:1518): pid=5919 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 197.522350] kauditd_printk_skb: 1 callbacks suppressed [ 197.522354] audit: type=1130 audit(1734099523.786:1520): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@26-172.31.31.121:22-139.178.89.65:38304 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 197.696794] audit: type=1101 audit(1734099523.960:1521): pid=5953 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 197.717310] audit: type=1103 audit(1734099523.981:1522): pid=5953 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 197.726143] audit: type=1006 audit(1734099523.981:1523): pid=5953 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=27 res=1 [ 197.732339] audit: type=1300 audit(1734099523.981:1523): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffdd43c790 a2=3 a3=1 items=0 ppid=1 pid=5953 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=27 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 197.741753] audit: type=1327 audit(1734099523.981:1523): proctitle=737368643A20636F7265205B707269765D [ 197.746198] audit: type=1105 audit(1734099524.007:1524): pid=5953 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 197.757720] audit: type=1103 audit(1734099524.021:1525): pid=5955 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 197.988670] audit: type=1106 audit(1734099524.252:1526): pid=5953 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 197.999862] audit: type=1104 audit(1734099524.252:1527): pid=5953 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 203.018052] kauditd_printk_skb: 1 callbacks suppressed [ 203.018057] audit: type=1130 audit(1734099529.280:1529): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@27-172.31.31.121:22-139.178.89.65:37484 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 203.196583] audit: type=1101 audit(1734099529.460:1530): pid=5996 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 203.206234] audit: type=1103 audit(1734099529.463:1531): pid=5996 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 203.214990] audit: type=1006 audit(1734099529.463:1532): pid=5996 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=28 res=1 [ 203.220428] audit: type=1300 audit(1734099529.463:1532): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffffc22a6e0 a2=3 a3=1 items=0 ppid=1 pid=5996 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=28 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 203.229866] audit: type=1327 audit(1734099529.463:1532): proctitle=737368643A20636F7265205B707269765D [ 203.234280] audit: type=1105 audit(1734099529.495:1533): pid=5996 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 203.245927] audit: type=1103 audit(1734099529.509:1534): pid=5998 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 203.550695] audit: type=1106 audit(1734099529.814:1535): pid=5996 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 203.562406] audit: type=1104 audit(1734099529.816:1536): pid=5996 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 217.703489] kauditd_printk_skb: 1 callbacks suppressed [ 217.703494] audit: type=1334 audit(1734099543.966:1538): prog-id=114 op=UNLOAD [ 217.712051] audit: type=1334 audit(1734099543.975:1539): prog-id=117 op=UNLOAD [ 218.251356] audit: type=1334 audit(1734099544.515:1540): prog-id=77 op=UNLOAD [ 218.253984] audit: type=1334 audit(1734099544.515:1541): prog-id=93 op=UNLOAD [ 218.343425] audit: type=1400 audit(1734099544.607:1542): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 218.350837] audit: type=1400 audit(1734099544.607:1543): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 218.359514] audit: type=1400 audit(1734099544.607:1544): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 218.366373] audit: type=1400 audit(1734099544.607:1545): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 218.374306] audit: type=1400 audit(1734099544.607:1546): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 218.383226] audit: type=1400 audit(1734099544.607:1547): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 223.335679] kauditd_printk_skb: 116 callbacks suppressed [ 223.335684] audit: type=1400 audit(1734099549.599:1582): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 223.345102] audit: type=1400 audit(1734099549.605:1583): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 223.352468] audit: type=1400 audit(1734099549.605:1584): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 223.359617] audit: type=1400 audit(1734099549.605:1585): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 223.367018] audit: type=1400 audit(1734099549.605:1586): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 223.374391] audit: type=1400 audit(1734099549.605:1587): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 223.381699] audit: type=1400 audit(1734099549.605:1588): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 223.393810] audit: type=1400 audit(1734099549.605:1589): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 223.402158] audit: type=1400 audit(1734099549.605:1590): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 223.410121] audit: type=1400 audit(1734099549.608:1591): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0