294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=audit-rules comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 19.206378] audit: type=1130 audit(1747442298.870:211): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=audit-rules comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 19.209905] audit: type=1106 audit(1747442298.874:212): pid=1869 uid=500 auid=500 ses=6 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 19.213805] audit: type=1104 audit(1747442298.874:213): pid=1869 uid=500 auid=500 ses=6 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 19.235172] audit: type=1106 audit(1747442298.898:214): pid=1866 uid=0 auid=500 ses=6 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 19.239864] audit: type=1104 audit(1747442298.898:215): pid=1866 uid=0 auid=500 ses=6 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 19.243574] audit: type=1131 audit(1747442298.900:216): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@5-172.31.30.240:22-139.178.68.195:49470 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 20.070697] Initializing XFRM netlink socket This is ip-172-31-30-240 (Linux x86_64 5.15.182-flatcar) 00:38:20 SSH host key: SHA256:0Iww6CX0V8NxVXJC7bDHp/S6EkCEg1nw7cXzuMKOZfo (ECDSA) SSH host key: SHA256:4meV2GykboQh3+CV3WkS0kM36ht2L2j6sNs8fCco5zs (ED25519) SSH host key: SHA256:9A7UEZXrz5waMotTqwRZT3e9h6CQ8RPPT5weuJ1EKYc (RSA) eth0: 172.31.30.240 fe80::431:61ff:fed5:d5e9 ip-172-31-30-240 login: [ 27.447310] kauditd_printk_skb: 84 callbacks suppressed [ 27.447313] audit: type=1130 audit(1747442307.110:251): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 27.451324] audit: type=1131 audit(1747442307.110:252): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 27.677041] audit: type=1130 audit(1747442307.341:253): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 27.794957] audit: type=1131 audit(1747442307.459:254): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' [ 37.948259] audit: type=1130 audit(1747442317.610:255): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 37.951528] audit: type=1131 audit(1747442317.610:256): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 38.107420] audit: type=1130 audit(1747442317.772:257): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' [ 38.523932] audit: type=1400 audit(1747442318.188:258): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 38.526990] audit: type=1400 audit(1747442318.188:259): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 38.530576] audit: type=1400 audit(1747442318.188:260): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 38.539461] audit: audit_backlog=65 > audit_backlog_limit=64 [ 38.541556] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 [ 38.542102] audit: type=1400 audit(1747442318.188:261): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 38.543626] audit: backlog limit exceeded [ 43.656024] kauditd_printk_skb: 747 callbacks suppressed [ 43.656027] audit: type=1400 audit(1747442323.320:511): avc: denied { watch } for pid=2384 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520972 scontext=system_u:system_r:svirt_lxc_net_t:s0:c777,c806 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 43.672358] audit: type=1300 audit(1747442323.320:511): arch=c000003e syscall=254 success=no exit=-13 a0=6 a1=c0003ea6e0 a2=fc6 a3=0 items=0 ppid=2248 pid=2384 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c777,c806 key=(null) [ 43.683789] audit: type=1327 audit(1747442323.320:511): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 43.694503] audit: type=1400 audit(1747442323.347:512): avc: denied { watch } for pid=2384 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="nvme0n1p9" ino=520978 scontext=system_u:system_r:svirt_lxc_net_t:s0:c777,c806 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 43.704169] audit: type=1300 audit(1747442323.347:512): arch=c000003e syscall=254 success=no exit=-13 a0=6 a1=c0005b6870 a2=fc6 a3=0 items=0 ppid=2248 pid=2384 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c777,c806 key=(null) [ 43.714592] audit: type=1327 audit(1747442323.347:512): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 44.128035] audit: type=1400 audit(1747442323.792:513): avc: denied { watch } for pid=2370 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="nvme0n1p9" ino=520978 scontext=system_u:system_r:svirt_lxc_net_t:s0:c562,c1015 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 44.135923] audit: type=1400 audit(1747442323.792:514): avc: denied { watch } for pid=2370 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="nvme0n1p9" ino=520974 scontext=system_u:system_r:svirt_lxc_net_t:s0:c562,c1015 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 44.147481] audit: type=1300 audit(1747442323.792:514): arch=c000003e syscall=254 success=no exit=-13 a0=42 a1=c004e047b0 a2=fc6 a3=0 items=0 ppid=2221 pid=2370 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c562,c1015 key=(null) [ 44.173190] audit: type=1327 audit(1747442323.792:514): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D3137322E33312E33302E323430002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B75 [ 48.692025] kauditd_printk_skb: 279 callbacks suppressed [ 48.692027] audit: type=1400 audit(1747442328.356:774): avc: denied { mac_admin } for pid=2516 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 48.701043] audit: type=1401 audit(1747442328.356:774): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 48.705453] audit: type=1300 audit(1747442328.356:774): arch=c000003e syscall=188 success=no exit=-22 a0=c000687140 a1=c000b0a990 a2=c0006868d0 a3=25 items=0 ppid=1 pid=2516 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/usr/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 48.716878] audit: type=1327 audit(1747442328.356:774): proctitle=2F7573722F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 48.741389] audit: type=1400 audit(1747442328.361:775): avc: denied { mac_admin } for pid=2516 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 48.750109] audit: type=1401 audit(1747442328.361:775): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 48.761415] audit: type=1300 audit(1747442328.361:775): arch=c000003e syscall=188 success=no exit=-22 a0=c000bee1c0 a1=c000b0a9a8 a2=c0006871d0 a3=25 items=0 ppid=1 pid=2516 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/usr/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 48.776609] audit: type=1327 audit(1747442328.361:775): proctitle=2F7573722F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 48.879425] audit: type=1400 audit(1747442328.544:776): avc: denied { mac_admin } for pid=2516 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 48.886678] audit: type=1401 audit(1747442328.544:776): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 53.716293] kauditd_printk_skb: 159 callbacks suppressed [ 53.716295] audit: type=1325 audit(1747442333.381:819): table=mangle:38 family=2 entries=1 op=nft_register_chain pid=2717 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 53.722696] audit: type=1300 audit(1747442333.381:819): arch=c000003e syscall=46 success=yes exit=104 a0=3 a1=7ffe8d7e4d50 a2=0 a3=7ffe8d7e4d3c items=0 ppid=2660 pid=2717 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 53.732616] audit: type=1327 audit(1747442333.381:819): proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D74006D616E676C65 [ 53.737495] audit: type=1325 audit(1747442333.387:820): table=nat:39 family=2 entries=1 op=nft_register_chain pid=2719 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 53.742318] audit: type=1300 audit(1747442333.387:820): arch=c000003e syscall=46 success=yes exit=100 a0=3 a1=7ffedca796d0 a2=0 a3=7ffedca796bc items=0 ppid=2660 pid=2719 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 53.751741] audit: type=1327 audit(1747442333.387:820): proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D74006E6174 [ 53.756614] audit: type=1325 audit(1747442333.393:821): table=filter:40 family=2 entries=1 op=nft_register_chain pid=2721 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 53.761481] audit: type=1300 audit(1747442333.393:821): arch=c000003e syscall=46 success=yes exit=104 a0=3 a1=7ffc3f9071d0 a2=0 a3=7ffc3f9071bc items=0 ppid=2660 pid=2721 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 53.771125] audit: type=1327 audit(1747442333.393:821): proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D740066696C746572 [ 53.775839] audit: type=1325 audit(1747442333.393:822): table=mangle:41 family=10 entries=1 op=nft_register_chain pid=2722 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" [ 62.997307] kauditd_printk_skb: 200 callbacks suppressed [ 62.997310] audit: type=1106 audit(1747442342.660:888): pid=1899 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 63.017458] audit: type=1104 audit(1747442342.660:889): pid=1899 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 63.060510] audit: type=1106 audit(1747442342.724:890): pid=1896 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 63.075573] audit: type=1104 audit(1747442342.725:891): pid=1896 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 63.088698] audit: type=1131 audit(1747442342.750:892): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@6-172.31.30.240:22-139.178.68.195:49484 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 64.450289] audit: type=1325 audit(1747442344.114:893): table=filter:89 family=2 entries=15 op=nft_register_rule pid=2995 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 64.455270] audit: type=1300 audit(1747442344.114:893): arch=c000003e syscall=46 success=yes exit=5992 a0=3 a1=7fff574aee40 a2=0 a3=7fff574aee2c items=0 ppid=2660 pid=2995 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 64.469182] audit: type=1327 audit(1747442344.114:893): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 64.473896] audit: type=1325 audit(1747442344.134:894): table=nat:90 family=2 entries=12 op=nft_register_rule pid=2995 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 64.480567] audit: type=1300 audit(1747442344.134:894): arch=c000003e syscall=46 success=yes exit=2700 a0=3 a1=7fff574aee40 a2=0 a3=0 items=0 ppid=2660 pid=2995 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 68.363288] kauditd_printk_skb: 19 callbacks suppressed [ 68.363291] audit: type=1400 audit(1747442348.027:901): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 68.372471] audit: type=1400 audit(1747442348.027:902): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 68.382817] audit: type=1400 audit(1747442348.027:903): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 68.395636] audit: type=1400 audit(1747442348.027:904): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 68.403405] audit: type=1400 audit(1747442348.027:905): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 68.414265] audit: type=1400 audit(1747442348.027:906): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 68.424682] audit: type=1400 audit(1747442348.027:907): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 68.437640] audit: type=1400 audit(1747442348.027:908): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 68.444502] audit: type=1400 audit(1747442348.027:909): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 68.451256] audit: type=1400 audit(1747442348.035:910): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 79.180048] kauditd_printk_skb: 211 callbacks suppressed [ 79.180051] audit: type=1400 audit(1747442358.844:964): avc: denied { perfmon } for pid=3327 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 79.188091] audit: type=1300 audit(1747442358.844:964): arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c00014d6b0 a2=3c a3=7f7b982e03c8 items=0 ppid=3078 pid=3327 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 79.197626] audit: type=1327 audit(1747442358.844:964): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6230323634663436343066383731336137326134346333363337386463 [ 79.206661] audit: type=1400 audit(1747442358.844:965): avc: denied { bpf } for pid=3327 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 79.213421] audit: type=1400 audit(1747442358.844:965): avc: denied { bpf } for pid=3327 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 79.220485] audit: type=1400 audit(1747442358.844:965): avc: denied { bpf } for pid=3327 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 79.228187] audit: type=1400 audit(1747442358.844:965): avc: denied { perfmon } for pid=3327 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 79.233898] audit: type=1400 audit(1747442358.844:965): avc: denied { perfmon } for pid=3327 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 79.241055] audit: type=1400 audit(1747442358.844:965): avc: denied { perfmon } for pid=3327 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 79.248773] audit: type=1400 audit(1747442358.844:965): avc: denied { perfmon } for pid=3327 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 87.536167] kauditd_printk_skb: 34 callbacks suppressed [ 87.536170] audit: type=1400 audit(1747442367.200:971): avc: denied { perfmon } for pid=3742 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 87.544728] audit: type=1300 audit(1747442367.200:971): arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c00014d6b0 a2=3c a3=7f8c6441dcb8 items=0 ppid=3078 pid=3742 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 87.553860] audit: type=1327 audit(1747442367.200:971): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6537373766623630613030313062323931323461613062303461383437 [ 87.562570] audit: type=1400 audit(1747442367.200:972): avc: denied { bpf } for pid=3742 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 87.568719] audit: type=1400 audit(1747442367.200:972): avc: denied { bpf } for pid=3742 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 87.575105] audit: type=1400 audit(1747442367.200:972): avc: denied { bpf } for pid=3742 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 87.581334] audit: type=1400 audit(1747442367.200:972): avc: denied { perfmon } for pid=3742 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 87.587852] audit: type=1400 audit(1747442367.200:972): avc: denied { perfmon } for pid=3742 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 87.594054] audit: type=1400 audit(1747442367.200:972): avc: denied { perfmon } for pid=3742 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 87.602042] audit: type=1400 audit(1747442367.200:972): avc: denied { perfmon } for pid=3742 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 88.040434] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information. [ 88.042367] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld . All Rights Reserved. [ 89.633453] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 89.636743] IPv6: ADDRCONF(NETDEV_CHANGE): calia4dce9268ad: link becomes ready This is ip-172-31-30-240 (Linux x86_64 5.15.182-flatcar) 00:39:31 SSH host key: SHA256:0Iww6CX0V8NxVXJC7bDHp/S6EkCEg1nw7cXzuMKOZfo (ECDSA) SSH host key: SHA256:4meV2GykboQh3+CV3WkS0kM36ht2L2j6sNs8fCco5zs (ED25519) SSH host key: SHA256:9A7UEZXrz5waMotTqwRZT3e9h6CQ8RPPT5weuJ1EKYc (RSA) eth0: 172.31.30.240 fe80::431:61ff:fed5:d5e9 ip-172-31-30-240 login: [ 93.051086] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 93.052092] IPv6: ADDRCONF(NETDEV_CHANGE): califbd64be8d0c: link becomes ready [ 93.095359] kauditd_printk_skb: 623 callbacks suppressed [ 93.095361] audit: type=1325 audit(1747442372.759:1101): table=filter:107 family=2 entries=50 op=nft_register_chain pid=4184 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" [ 93.099041] audit: type=1300 audit(1747442372.759:1101): arch=c000003e syscall=46 success=yes exit=28208 a0=3 a1=7fff1fe317f0 a2=0 a3=7fff1fe317dc items=0 ppid=4000 pid=4184 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 93.108783] audit: type=1327 audit(1747442372.759:1101): proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 [ 93.128658] audit: type=1400 audit(1747442372.792:1102): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 93.132215] audit: type=1400 audit(1747442372.792:1103): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 93.135791] audit: type=1400 audit(1747442372.793:1104): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 93.138976] audit: type=1400 audit(1747442372.793:1105): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 93.142788] audit: type=1400 audit(1747442372.793:1106): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 This is ip-172-31-30-240 (Linux x86_64 5.15.182-flatcar) 00:39:32 SSH host key: SHA256:0Iww6CX0V8NxVXJC7bDHp/S6EkCEg1nw7cXzuMKOZfo (ECDSA) SSH host key: SHA256:4meV2GykboQh3+CV3WkS0kM36ht2L2j6sNs8fCco5zs (ED25519) SSH host key: SHA256:9A7UEZXrz5waMotTqwRZT3e9h6CQ8RPPT5weuJ1EKYc (RSA) eth0: 172.31.30.240 fe80::431:61ff:fed5:d5e9 ip-172-31-30-240 login: [ 93.150949] audit: type=1400 audit(1747442372.793:1107): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 93.156239] audit: type=1400 audit(1747442372.793:1108): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 This is ip-172-31-30-240 (Linux x86_64 5.15.182-flatcar) 00:39:33 SSH host key: SHA256:0Iww6CX0V8NxVXJC7bDHp/S6EkCEg1nw7cXzuMKOZfo (ECDSA) SSH host key: SHA256:4meV2GykboQh3+CV3WkS0kM36ht2L2j6sNs8fCco5zs (ED25519) SSH host key: SHA256:9A7UEZXrz5waMotTqwRZT3e9h6CQ8RPPT5weuJ1EKYc (RSA) eth0: 172.31.30.240 fe80::431:61ff:fed5:d5e9 ip-172-31-30-240 login: [ 94.535138] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 94.538896] IPv6: ADDRCONF(NETDEV_CHANGE): cali583848cbf0c: link becomes ready [ 94.722407] IPv6: ADDRCONF(NETDEV_CHANGE): calie6785d09ee3: link becomes ready [ 94.891900] IPv6: ADDRCONF(NETDEV_CHANGE): calib8fef7ddc3c: link becomes ready This is ip-172-31-30-240 (Linux x86_64 5.15.182-flatcar) 00:39:35 SSH host key: SHA256:0Iww6CX0V8NxVXJC7bDHp/S6EkCEg1nw7cXzuMKOZfo (ECDSA) SSH host key: SHA256:4meV2GykboQh3+CV3WkS0kM36ht2L2j6sNs8fCco5zs (ED25519) SSH host key: SHA256:9A7UEZXrz5waMotTqwRZT3e9h6CQ8RPPT5weuJ1EKYc (RSA) eth0: 172.31.30.240 fe80::431:61ff:fed5:d5e9 ip-172-31-30-240 login: [ 96.709930] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 96.711047] IPv6: ADDRCONF(NETDEV_CHANGE): cali958124fc6a9: link becomes ready [ 96.905593] IPv6: ADDRCONF(NETDEV_CHANGE): cali69367080dbc: link becomes ready [ 97.073592] IPv6: ADDRCONF(NETDEV_CHANGE): cali30917f858f9: link becomes ready This is ip-172-31-30-240 (Linux x86_64 5.15.182-flatcar) 00:39:37 SSH host key: SHA256:0Iww6CX0V8NxVXJC7bDHp/S6EkCEg1nw7cXzuMKOZfo (ECDSA) SSH host key: SHA256:4meV2GykboQh3+CV3WkS0kM36ht2L2j6sNs8fCco5zs (ED25519) SSH host key: SHA256:9A7UEZXrz5waMotTqwRZT3e9h6CQ8RPPT5weuJ1EKYc (RSA) eth0: 172.31.30.240 fe80::431:61ff:fed5:d5e9 ip-172-31-30-240 login: This is ip-172-31-30-240 (Linux x86_64 5.15.182-flatcar) 00:39:38 SSH host key: SHA256:0Iww6CX0V8NxVXJC7bDHp/S6EkCEg1nw7cXzuMKOZfo (ECDSA) SSH host key: SHA256:4meV2GykboQh3+CV3WkS0kM36ht2L2j6sNs8fCco5zs (ED25519) SSH host key: SHA256:9A7UEZXrz5waMotTqwRZT3e9h6CQ8RPPT5weuJ1EKYc (RSA) eth0: 172.31.30.240 fe80::431:61ff:fed5:d5e9 ip-172-31-30-240 login: [ 98.476353] kauditd_printk_skb: 553 callbacks suppressed [ 98.476356] audit: type=1325 audit(1747442378.141:1285): table=filter:118 family=2 entries=14 op=nft_register_rule pid=4871 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 98.502813] audit: type=1300 audit(1747442378.141:1285): arch=c000003e syscall=46 success=yes exit=5248 a0=3 a1=7fff8be269a0 a2=0 a3=7fff8be2698c items=0 ppid=2660 pid=4871 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 98.507805] audit: type=1327 audit(1747442378.141:1285): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 98.539241] audit: type=1325 audit(1747442378.204:1286): table=nat:119 family=2 entries=44 op=nft_register_rule pid=4871 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 98.541998] audit: type=1300 audit(1747442378.204:1286): arch=c000003e syscall=46 success=yes exit=14196 a0=3 a1=7fff8be269a0 a2=0 a3=7fff8be2698c items=0 ppid=2660 pid=4871 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 98.559740] audit: type=1327 audit(1747442378.204:1286): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 98.617803] audit: type=1325 audit(1747442378.282:1287): table=filter:120 family=2 entries=14 op=nft_register_rule pid=4889 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 98.620546] audit: type=1300 audit(1747442378.282:1287): arch=c000003e syscall=46 success=yes exit=5248 a0=3 a1=7ffe8f848bd0 a2=0 a3=7ffe8f848bbc items=0 ppid=2660 pid=4889 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 98.626833] audit: type=1327 audit(1747442378.282:1287): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 98.675605] audit: type=1325 audit(1747442378.340:1288): table=nat:121 family=2 entries=56 op=nft_register_chain pid=4889 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" This is ip-172-31-30-240 (Linux x86_64 5.15.182-flatcar) 00:39:39 SSH host key: SHA256:0Iww6CX0V8NxVXJC7bDHp/S6EkCEg1nw7cXzuMKOZfo (ECDSA) SSH host key: SHA256:4meV2GykboQh3+CV3WkS0kM36ht2L2j6sNs8fCco5zs (ED25519) SSH host key: SHA256:9A7UEZXrz5waMotTqwRZT3e9h6CQ8RPPT5weuJ1EKYc (RSA) eth0: 172.31.30.240 fe80::431:61ff:fed5:d5e9 ip-172-31-30-240 login: This is ip-172-31-30-240 (Linux x86_64 5.15.182-flatcar) 00:39:40 SSH host key: SHA256:0Iww6CX0V8NxVXJC7bDHp/S6EkCEg1nw7cXzuMKOZfo (ECDSA) SSH host key: SHA256:4meV2GykboQh3+CV3WkS0kM36ht2L2j6sNs8fCco5zs (ED25519) SSH host key: SHA256:9A7UEZXrz5waMotTqwRZT3e9h6CQ8RPPT5weuJ1EKYc (RSA) eth0: 172.31.30.240 fe80::431:61ff:fed5:d5e9 ip-172-31-30-240 login: [ 103.693983] kauditd_printk_skb: 151 callbacks suppressed [ 103.693986] audit: type=1400 audit(1747442383.359:1342): avc: denied { watch } for pid=2384 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="nvme0n1p9" ino=520978 scontext=system_u:system_r:svirt_lxc_net_t:s0:c777,c806 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 103.699306] audit: type=1400 audit(1747442383.359:1343): avc: denied { watch } for pid=2384 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520972 scontext=system_u:system_r:svirt_lxc_net_t:s0:c777,c806 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 103.703435] audit: type=1300 audit(1747442383.359:1342): arch=c000003e syscall=254 success=no exit=-13 a0=9 a1=c000d9ce10 a2=fc6 a3=0 items=0 ppid=2248 pid=2384 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c777,c806 key=(null) [ 103.708766] audit: type=1327 audit(1747442383.359:1342): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 103.713191] audit: type=1300 audit(1747442383.359:1343): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c00173da00 a2=fc6 a3=0 items=0 ppid=2248 pid=2384 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c777,c806 key=(null) [ 103.721656] audit: type=1327 audit(1747442383.359:1343): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 104.012127] audit: type=1400 audit(1747442383.677:1344): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 104.017491] audit: type=1400 audit(1747442383.677:1345): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 104.024177] audit: type=1400 audit(1747442383.677:1346): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 104.030708] audit: type=1400 audit(1747442383.677:1347): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 109.199654] kauditd_printk_skb: 151 callbacks suppressed [ 109.199656] audit: type=1106 audit(1747442388.864:1395): pid=5134 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 109.212434] audit: type=1104 audit(1747442388.875:1396): pid=5134 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 109.234242] audit: type=1130 audit(1747442388.887:1397): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@11-172.31.30.240:22-139.178.68.195:36326 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 109.251206] audit: type=1131 audit(1747442388.891:1398): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@10-172.31.30.240:22-139.178.68.195:36310 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 109.474291] audit: type=1101 audit(1747442389.139:1399): pid=5156 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 109.483647] audit: type=1103 audit(1747442389.148:1400): pid=5156 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 109.494030] audit: type=1006 audit(1747442389.148:1401): pid=5156 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=12 res=1 [ 109.500884] audit: type=1300 audit(1747442389.148:1401): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff2e722870 a2=3 a3=0 items=0 ppid=1 pid=5156 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=12 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 109.518252] audit: type=1327 audit(1747442389.148:1401): proctitle=737368643A20636F7265205B707269765D [ 109.524287] audit: type=1105 audit(1747442389.180:1402): pid=5156 uid=0 auid=500 ses=12 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 115.212779] kauditd_printk_skb: 47 callbacks suppressed [ 115.212781] audit: type=1130 audit(1747442394.878:1413): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@12-172.31.30.240:22-139.178.68.195:57080 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 115.501534] audit: type=1101 audit(1747442395.166:1414): pid=5573 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 115.509433] audit: type=1103 audit(1747442395.174:1415): pid=5573 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 115.516200] audit: type=1006 audit(1747442395.174:1416): pid=5573 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=13 res=1 [ 115.520000] audit: type=1300 audit(1747442395.174:1416): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc41687580 a2=3 a3=0 items=0 ppid=1 pid=5573 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=13 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 115.527139] audit: type=1327 audit(1747442395.174:1416): proctitle=737368643A20636F7265205B707269765D [ 115.562075] audit: type=1105 audit(1747442395.227:1417): pid=5573 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 115.570694] audit: type=1103 audit(1747442395.236:1418): pid=5575 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 116.672918] audit: type=1106 audit(1747442396.338:1419): pid=5573 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 116.680519] audit: type=1104 audit(1747442396.338:1420): pid=5573 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 121.822302] kauditd_printk_skb: 1 callbacks suppressed [ 121.822306] audit: type=1130 audit(1747442401.464:1422): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@13-172.31.30.240:22-139.178.68.195:57094 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 122.337453] audit: type=1101 audit(1747442402.003:1423): pid=5588 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 122.435137] audit: type=1103 audit(1747442402.069:1424): pid=5588 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 122.471963] audit: type=1006 audit(1747442402.077:1425): pid=5588 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=14 res=1 [ 122.483987] audit: type=1300 audit(1747442402.077:1425): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff47f8c540 a2=3 a3=0 items=0 ppid=1 pid=5588 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 122.508820] audit: type=1327 audit(1747442402.077:1425): proctitle=737368643A20636F7265205B707269765D [ 122.546359] audit: type=1105 audit(1747442402.211:1426): pid=5588 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 122.562507] audit: type=1103 audit(1747442402.227:1427): pid=5590 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 123.858364] audit: type=1106 audit(1747442403.523:1428): pid=5588 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 123.871877] audit: type=1104 audit(1747442403.524:1429): pid=5588 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 128.877904] kauditd_printk_skb: 1 callbacks suppressed [ 128.877907] audit: type=1130 audit(1747442408.543:1431): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-172.31.30.240:22-139.178.68.195:35636 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 129.146757] audit: type=1101 audit(1747442408.810:1432): pid=5602 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 129.156076] audit: type=1103 audit(1747442408.821:1433): pid=5602 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 129.166271] audit: type=1006 audit(1747442408.821:1434): pid=5602 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=15 res=1 [ 129.173674] audit: type=1300 audit(1747442408.821:1434): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc86fb8180 a2=3 a3=0 items=0 ppid=1 pid=5602 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=15 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 129.183884] audit: type=1327 audit(1747442408.821:1434): proctitle=737368643A20636F7265205B707269765D [ 129.202051] audit: type=1105 audit(1747442408.866:1435): pid=5602 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 129.212462] audit: type=1103 audit(1747442408.877:1436): pid=5625 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 129.761689] audit: type=1106 audit(1747442409.426:1437): pid=5602 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 129.794920] audit: type=1104 audit(1747442409.426:1438): pid=5602 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 134.174807] kauditd_printk_skb: 43 callbacks suppressed [ 134.174809] audit: type=1106 audit(1747442413.840:1468): pid=5664 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 134.186528] audit: type=1104 audit(1747442413.840:1469): pid=5664 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 134.194624] audit: type=1131 audit(1747442413.849:1470): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@17-172.31.30.240:22-139.178.68.195:35670 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 134.211994] audit: type=1130 audit(1747442413.871:1471): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@18-172.31.30.240:22-139.178.68.195:44468 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 134.443609] audit: type=1101 audit(1747442414.108:1472): pid=5679 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 134.481931] audit: type=1103 audit(1747442414.110:1473): pid=5679 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 134.502444] audit: type=1006 audit(1747442414.110:1474): pid=5679 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=19 res=1 [ 134.509023] audit: type=1300 audit(1747442414.110:1474): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe6a866960 a2=3 a3=0 items=0 ppid=1 pid=5679 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=19 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 134.517862] audit: type=1327 audit(1747442414.110:1474): proctitle=737368643A20636F7265205B707269765D [ 134.522299] audit: type=1105 audit(1747442414.185:1475): pid=5679 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 140.894896] kauditd_printk_skb: 16 callbacks suppressed [ 140.894898] audit: type=1130 audit(1747442420.560:1484): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@19-172.31.30.240:22-139.178.68.195:44480 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 141.191769] audit: type=1101 audit(1747442420.857:1485): pid=5717 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 141.200336] audit: type=1103 audit(1747442420.865:1486): pid=5717 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 141.208465] audit: type=1006 audit(1747442420.865:1487): pid=5717 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=20 res=1 [ 141.213437] audit: type=1300 audit(1747442420.865:1487): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffeb3a39c70 a2=3 a3=0 items=0 ppid=1 pid=5717 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=20 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 141.220574] audit: type=1327 audit(1747442420.865:1487): proctitle=737368643A20636F7265205B707269765D [ 141.243803] audit: type=1105 audit(1747442420.909:1488): pid=5717 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 141.255034] audit: type=1103 audit(1747442420.919:1489): pid=5719 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 142.435602] audit: type=1106 audit(1747442422.101:1490): pid=5717 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 142.444893] audit: type=1104 audit(1747442422.101:1491): pid=5717 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 147.457164] kauditd_printk_skb: 1 callbacks suppressed [ 147.457167] audit: type=1130 audit(1747442427.122:1493): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@20-172.31.30.240:22-139.178.68.195:37180 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 147.751370] audit: type=1101 audit(1747442427.416:1494): pid=5731 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 147.760663] audit: type=1103 audit(1747442427.425:1495): pid=5731 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 147.771040] audit: type=1006 audit(1747442427.425:1496): pid=5731 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=21 res=1 [ 147.776426] audit: type=1300 audit(1747442427.425:1496): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc93652090 a2=3 a3=0 items=0 ppid=1 pid=5731 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=21 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 147.787904] audit: type=1327 audit(1747442427.425:1496): proctitle=737368643A20636F7265205B707269765D [ 147.816249] audit: type=1105 audit(1747442427.481:1497): pid=5731 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 147.827085] audit: type=1103 audit(1747442427.492:1498): pid=5733 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 148.592106] audit: type=1106 audit(1747442428.255:1499): pid=5731 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 148.607351] audit: type=1104 audit(1747442428.256:1500): pid=5731 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 153.616803] kauditd_printk_skb: 1 callbacks suppressed [ 153.616805] audit: type=1130 audit(1747442433.281:1502): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@21-172.31.30.240:22-139.178.68.195:37188 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 153.912536] audit: type=1101 audit(1747442433.576:1503): pid=5743 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 153.923134] audit: type=1103 audit(1747442433.588:1504): pid=5743 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 153.932854] audit: type=1006 audit(1747442433.588:1505): pid=5743 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=22 res=1 [ 153.938431] audit: type=1300 audit(1747442433.588:1505): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffa40b3d80 a2=3 a3=0 items=0 ppid=1 pid=5743 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=22 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 153.948045] audit: type=1327 audit(1747442433.588:1505): proctitle=737368643A20636F7265205B707269765D [ 153.971952] audit: type=1105 audit(1747442433.636:1506): pid=5743 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 153.983158] audit: type=1103 audit(1747442433.648:1507): pid=5745 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 154.709740] audit: type=1106 audit(1747442434.375:1508): pid=5743 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 154.722549] audit: type=1104 audit(1747442434.375:1509): pid=5743 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 159.749122] kauditd_printk_skb: 1 callbacks suppressed [ 159.749125] audit: type=1130 audit(1747442439.414:1511): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@22-172.31.30.240:22-139.178.68.195:39936 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 160.087094] audit: type=1101 audit(1747442439.752:1512): pid=5777 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 160.095185] audit: type=1103 audit(1747442439.760:1513): pid=5777 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 160.102348] audit: type=1006 audit(1747442439.760:1514): pid=5777 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=23 res=1 [ 160.106419] audit: type=1300 audit(1747442439.760:1514): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff658f35c0 a2=3 a3=0 items=0 ppid=1 pid=5777 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=23 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 160.113633] audit: type=1327 audit(1747442439.760:1514): proctitle=737368643A20636F7265205B707269765D [ 160.150618] audit: type=1105 audit(1747442439.816:1515): pid=5777 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 160.158544] audit: type=1103 audit(1747442439.817:1516): pid=5779 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 161.295046] audit: type=1400 audit(1747442440.960:1517): avc: denied { watch } for pid=4920 comm="apiserver" path="/calico-apiserver-certs/..2025_05_17_00_39_20.2217887946/tls.crt" dev="tmpfs" ino=3 scontext=system_u:system_r:svirt_lxc_net_t:s0:c755,c764 tcontext=system_u:object_r:svirt_lxc_file_t:s0:c755,c764 tclass=file permissive=0 [ 161.305548] audit: type=1300 audit(1747442440.960:1517): arch=c000003e syscall=254 success=no exit=-13 a0=8 a1=c000efc340 a2=fc6 a3=0 items=0 ppid=4171 pid=4920 auid=4294967295 uid=10001 gid=10001 euid=10001 suid=10001 fsuid=10001 egid=10001 sgid=10001 fsgid=10001 tty=(none) ses=4294967295 comm="apiserver" exe="/code/apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c755,c764 key=(null) [ 166.814674] kauditd_printk_skb: 31 callbacks suppressed [ 166.814677] audit: type=1400 audit(1747442446.480:1530): avc: denied { watch } for pid=2384 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520972 scontext=system_u:system_r:svirt_lxc_net_t:s0:c777,c806 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 166.828881] audit: type=1300 audit(1747442446.480:1530): arch=c000003e syscall=254 success=no exit=-13 a0=9 a1=c001649240 a2=fc6 a3=0 items=0 ppid=2248 pid=2384 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c777,c806 key=(null) [ 166.846522] audit: type=1327 audit(1747442446.480:1530): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 166.859890] audit: type=1400 audit(1747442446.500:1531): avc: denied { watch } for pid=2384 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520972 scontext=system_u:system_r:svirt_lxc_net_t:s0:c777,c806 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 166.867721] audit: type=1300 audit(1747442446.500:1531): arch=c000003e syscall=254 success=no exit=-13 a0=9 a1=c002dadd60 a2=fc6 a3=0 items=0 ppid=2248 pid=2384 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c777,c806 key=(null) [ 166.879105] audit: type=1327 audit(1747442446.500:1531): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 166.888790] audit: type=1400 audit(1747442446.509:1532): avc: denied { watch } for pid=2384 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520972 scontext=system_u:system_r:svirt_lxc_net_t:s0:c777,c806 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 166.896967] audit: type=1300 audit(1747442446.509:1532): arch=c000003e syscall=254 success=no exit=-13 a0=9 a1=c0016498c0 a2=fc6 a3=0 items=0 ppid=2248 pid=2384 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c777,c806 key=(null) [ 166.908248] audit: type=1327 audit(1747442446.509:1532): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 166.917488] audit: type=1400 audit(1747442446.520:1533): avc: denied { watch } for pid=2384 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520972 scontext=system_u:system_r:svirt_lxc_net_t:s0:c777,c806 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 177.466100] kauditd_printk_skb: 2 callbacks suppressed [ 177.466103] audit: type=1334 audit(1747442457.130:1534): prog-id=123 op=UNLOAD [ 177.472801] audit: type=1334 audit(1747442457.137:1535): prog-id=126 op=UNLOAD [ 177.593784] audit: type=1334 audit(1747442457.259:1536): prog-id=90 op=UNLOAD [ 177.595563] audit: type=1334 audit(1747442457.259:1537): prog-id=107 op=UNLOAD [ 177.892870] audit: type=1400 audit(1747442457.558:1538): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 177.898969] audit: type=1400 audit(1747442457.558:1539): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 177.905497] audit: type=1400 audit(1747442457.558:1540): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 177.911807] audit: type=1400 audit(1747442457.558:1541): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 177.918399] audit: type=1400 audit(1747442457.558:1542): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 177.924384] audit: audit_backlog=65 > audit_backlog_limit=64 [ 182.626440] kauditd_printk_skb: 116 callbacks suppressed [ 182.626443] audit: type=1334 audit(1747442462.291:1576): prog-id=82 op=UNLOAD [ 182.639047] audit: type=1334 audit(1747442462.291:1577): prog-id=98 op=UNLOAD [ 184.015269] audit: type=1400 audit(1747442463.680:1578): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 184.021323] audit: type=1400 audit(1747442463.680:1579): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 184.027463] audit: type=1400 audit(1747442463.680:1580): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 184.033453] audit: type=1400 audit(1747442463.680:1581): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 184.039464] audit: type=1400 audit(1747442463.680:1582): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 184.044609] audit: type=1400 audit(1747442463.680:1583): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 184.050645] audit: type=1400 audit(1747442463.680:1584): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 184.056850] audit: type=1400 audit(1747442463.680:1585): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 189.742919] kauditd_printk_skb: 49 callbacks suppressed [ 189.742921] audit: type=1334 audit(1747442469.408:1596): prog-id=225 op=UNLOAD [ 189.747945] audit: type=1334 audit(1747442469.413:1597): prog-id=229 op=UNLOAD [ 199.095758] audit: type=1106 audit(1747442478.761:1598): pid=1823 uid=0 auid=500 ses=1 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 199.105974] audit: type=1104 audit(1747442478.771:1599): pid=1823 uid=0 auid=500 ses=1 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.68.195 addr=139.178.68.195 terminal=ssh res=success' [ 199.188672] audit: type=1131 audit(1747442478.854:1600): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=coreos-metadata-sshkeys@core comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 199.203700] audit: type=1131 audit(1747442478.869:1601): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=ensure-sysext comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 199.216316] audit: type=1131 audit(1747442478.881:1602): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=prepare-helm comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 199.226402] audit: type=1131 audit(1747442478.891:1603): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-machine-id-commit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 199.249429] audit: type=1131 audit(1747442478.914:1604): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=update-ssh-keys-after-ignition comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 199.278170] audit: type=1131 audit(1747442478.943:1605): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=polkit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 199.288367] audit: type=1131 audit(1747442478.953:1606): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@0-172.31.30.240:22-139.178.68.195:49424 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 199.307954] audit: type=1131 audit(1747442478.973:1607): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=getty@tty1 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'