7574686F7269 [ 70.503247] audit: type=1400 audit(1757118091.405:818): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 70.512836] audit: type=1400 audit(1757118091.405:819): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 70.526818] audit: type=1400 audit(1757118091.405:820): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 73.782015] kauditd_printk_skb: 307 callbacks suppressed [ 73.782019] audit: type=1400 audit(1757118094.683:911): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 73.791188] audit: type=1400 audit(1757118094.687:912): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 73.799216] audit: type=1400 audit(1757118094.687:913): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 73.806968] audit: type=1400 audit(1757118094.687:914): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 73.814834] audit: type=1400 audit(1757118094.687:915): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 73.822311] audit: type=1400 audit(1757118094.687:916): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 73.830942] audit: type=1400 audit(1757118094.687:917): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 73.838450] audit: type=1400 audit(1757118094.687:918): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 73.846128] audit: type=1400 audit(1757118094.687:919): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 73.854624] audit: type=1400 audit(1757118094.693:920): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 80.496624] kauditd_printk_skb: 47 callbacks suppressed [ 80.496629] audit: type=1106 audit(1757118101.400:929): pid=2008 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 80.507666] audit: type=1104 audit(1757118101.400:930): pid=2008 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 80.536591] audit: type=1106 audit(1757118101.438:931): pid=2005 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 80.547918] audit: type=1104 audit(1757118101.438:932): pid=2005 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 80.561917] audit: type=1131 audit(1757118101.444:933): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@6-172.31.29.132:22-147.75.109.163:55840 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 83.237725] audit: type=1325 audit(1757118104.140:934): table=filter:89 family=2 entries=15 op=nft_register_rule pid=3183 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 83.243517] audit: type=1300 audit(1757118104.140:934): arch=c00000b7 syscall=211 success=yes exit=5992 a0=3 a1=ffffc65b5f80 a2=0 a3=1 items=0 ppid=2915 pid=3183 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 83.262550] audit: type=1327 audit(1757118104.140:934): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 83.271278] audit: type=1325 audit(1757118104.159:935): table=nat:90 family=2 entries=12 op=nft_register_rule pid=3183 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 83.280281] audit: type=1300 audit(1757118104.159:935): arch=c00000b7 syscall=211 success=yes exit=2700 a0=3 a1=ffffc65b5f80 a2=0 a3=1 items=0 ppid=2915 pid=3183 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 91.727413] kauditd_printk_skb: 7 callbacks suppressed [ 91.727418] audit: type=1325 audit(1757118112.631:938): table=filter:93 family=2 entries=17 op=nft_register_rule pid=3188 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 91.736657] audit: type=1300 audit(1757118112.631:938): arch=c00000b7 syscall=211 success=yes exit=6736 a0=3 a1=fffffebc0eb0 a2=0 a3=1 items=0 ppid=2915 pid=3188 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 91.751900] audit: type=1327 audit(1757118112.631:938): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 91.763697] audit: type=1325 audit(1757118112.650:939): table=nat:94 family=2 entries=12 op=nft_register_rule pid=3188 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 91.771639] audit: type=1300 audit(1757118112.650:939): arch=c00000b7 syscall=211 success=yes exit=2700 a0=3 a1=fffffebc0eb0 a2=0 a3=1 items=0 ppid=2915 pid=3188 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 91.790451] audit: type=1327 audit(1757118112.650:939): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 91.854624] audit: type=1325 audit(1757118112.758:940): table=filter:95 family=2 entries=18 op=nft_register_rule pid=3190 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 91.860699] audit: type=1300 audit(1757118112.758:940): arch=c00000b7 syscall=211 success=yes exit=6736 a0=3 a1=ffffd4004de0 a2=0 a3=1 items=0 ppid=2915 pid=3190 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 91.876640] audit: type=1327 audit(1757118112.758:940): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 91.763697] audit: type=1325 audit(1757118112.650:939): table=nat:94 family=2 entries=12 op=nft_register_rule pid=3188 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 91.771639] audit: type=1300 audit(1757118112.650:939): arch=c00000b7 syscall=211 success=yes exit=2700 a0=3 a1=fffffebc0eb0 a2=0 a3=1 items=0 ppid=2915 pid=3188 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 91.790451] audit: type=1327 audit(1757118112.650:939): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 91.854624] audit: type=1325 audit(1757118112.758:940): table=filter:95 family=2 entries=18 op=nft_register_rule pid=3190 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 91.860699] audit: type=1300 audit(1757118112.758:940): arch=c00000b7 syscall=211 success=yes exit=6736 a0=3 a1=ffffd4004de0 a2=0 a3=1 items=0 ppid=2915 pid=3190 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 91.876640] audit: type=1327 audit(1757118112.758:940): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 91.885645] audit: type=1325 audit(1757118112.778:941): table=nat:96 family=2 entries=12 op=nft_register_rule pid=3190 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 97.062159] kauditd_printk_skb: 179 callbacks suppressed [ 97.062164] audit: type=1325 audit(1757118117.966:998): table=filter:99 family=2 entries=21 op=nft_register_rule pid=3489 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 97.073476] audit: type=1300 audit(1757118117.966:998): arch=c00000b7 syscall=211 success=yes exit=7480 a0=3 a1=ffffe6cf0740 a2=0 a3=1 items=0 ppid=2915 pid=3489 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 97.088058] audit: type=1327 audit(1757118117.966:998): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 97.103333] audit: type=1325 audit(1757118117.994:999): table=nat:100 family=2 entries=19 op=nft_register_chain pid=3489 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 97.109839] audit: type=1300 audit(1757118117.994:999): arch=c00000b7 syscall=211 success=yes exit=6276 a0=3 a1=ffffe6cf0740 a2=0 a3=1 items=0 ppid=2915 pid=3489 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 97.122663] audit: type=1327 audit(1757118117.994:999): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 97.132062] audit: type=1400 audit(1757118118.036:1000): avc: denied { perfmon } for pid=3448 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 97.139670] audit: type=1300 audit(1757118118.036:1000): arch=c00000b7 syscall=280 success=yes exit=15 a0=0 a1=40001455a0 a2=3c a3=0 items=0 ppid=3329 pid=3448 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 97.151630] audit: type=1327 audit(1757118118.036:1000): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3961383238376164643062393132316464643134306236333138323937 [ 97.162196] audit: type=1400 audit(1757118118.037:1001): avc: denied { bpf } for pid=3448 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 103.006907] kauditd_printk_skb: 83 callbacks suppressed [ 103.006912] audit: type=1334 audit(1757118123.911:1013): prog-id=141 op=UNLOAD [ 112.651437] audit: type=1400 audit(1757118133.556:1014): avc: denied { perfmon } for pid=3959 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 112.659826] audit: type=1300 audit(1757118133.556:1014): arch=c00000b7 syscall=280 success=yes exit=15 a0=0 a1=40001455a0 a2=3c a3=0 items=0 ppid=3329 pid=3959 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 112.671501] audit: type=1327 audit(1757118133.556:1014): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3433363833626535643937333634303765636339666165303733346465 [ 112.684733] audit: type=1400 audit(1757118133.556:1015): avc: denied { bpf } for pid=3959 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 112.692907] audit: type=1400 audit(1757118133.556:1015): avc: denied { bpf } for pid=3959 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 112.701827] audit: type=1400 audit(1757118133.556:1015): avc: denied { bpf } for pid=3959 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 112.715278] audit: type=1400 audit(1757118133.556:1015): avc: denied { perfmon } for pid=3959 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 112.732515] audit: type=1400 audit(1757118133.556:1015): avc: denied { perfmon } for pid=3959 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 112.743534] audit: type=1400 audit(1757118133.556:1015): avc: denied { perfmon } for pid=3959 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 112.751334] audit: type=1400 audit(1757118133.556:1015): avc: denied { perfmon } for pid=3959 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 113.136333] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information. [ 113.139306] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld . All Rights Reserved. [ 114.676297] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 114.678935] IPv6: ADDRCONF(NETDEV_CHANGE): calib295b1c041d: link becomes ready [ 116.346429] IPv6: ADDRCONF(NETDEV_CHANGE): cali3a951adfe9a: link becomes ready This is ip-172-31-29-132 (Linux aarch64 5.15.190-flatcar) 00:22:18 SSH host key: SHA256:s1JAnE5yaCMSOQXH1nv09dk7j+NsofrC9HP6D1g6Keo (ECDSA) SSH host key: SHA256:pLiiTPHaOQqCLlPHNWH6ElPMsDH2rTzfk1IiVNPFADQ (ED25519) SSH host key: SHA256:UHuEX1LXVmtQt2Y85hLuEeXXDpb0GO9LJ/H3ReSRhIw (RSA) eth0: 172.31.29.132 fe80::498:feff:fe0e:e66b ip-172-31-29-132 login: [ 117.987072] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 117.989560] IPv6: ADDRCONF(NETDEV_CHANGE): cali68eb39c7c5d: link becomes ready [ 118.072660] kauditd_printk_skb: 760 callbacks suppressed [ 118.072665] audit: type=1400 audit(1757118138.978:1180): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 118.082329] audit: type=1400 audit(1757118138.978:1181): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 118.098694] audit: type=1400 audit(1757118138.978:1182): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 118.112063] audit: type=1400 audit(1757118138.978:1183): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 118.125344] audit: type=1400 audit(1757118138.978:1184): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 118.144355] audit: type=1400 audit(1757118138.978:1185): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 118.156589] audit: type=1400 audit(1757118138.978:1186): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 118.172331] audit: type=1400 audit(1757118138.978:1187): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 118.184405] audit: type=1400 audit(1757118138.978:1188): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 118.196342] audit: type=1400 audit(1757118138.980:1189): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 This is ip-172-31-29-132 (Linux aarch64 5.15.190-flatcar) 00:22:19 SSH host key: SHA256:s1JAnE5yaCMSOQXH1nv09dk7j+NsofrC9HP6D1g6Keo (ECDSA) SSH host key: SHA256:pLiiTPHaOQqCLlPHNWH6ElPMsDH2rTzfk1IiVNPFADQ (ED25519) SSH host key: SHA256:UHuEX1LXVmtQt2Y85hLuEeXXDpb0GO9LJ/H3ReSRhIw (RSA) eth0: 172.31.29.132 fe80::498:feff:fe0e:e66b ip-172-31-29-132 login: [ 118.370848] IPv6: ADDRCONF(NETDEV_CHANGE): caliac2957d9941: link becomes ready [ 119.104261] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 119.106741] IPv6: ADDRCONF(NETDEV_CHANGE): calib279bf89ea6: link becomes ready This is ip-172-31-29-132 (Linux aarch64 5.15.190-flatcar) 00:22:20 SSH host key: SHA256:s1JAnE5yaCMSOQXH1nv09dk7j+NsofrC9HP6D1g6Keo (ECDSA) SSH host key: SHA256:pLiiTPHaOQqCLlPHNWH6ElPMsDH2rTzfk1IiVNPFADQ (ED25519) SSH host key: SHA256:UHuEX1LXVmtQt2Y85hLuEeXXDpb0GO9LJ/H3ReSRhIw (RSA) eth0: 172.31.29.132 fe80::498:feff:fe0e:e66b ip-172-31-29-132 login: [ 119.724062] IPv6: ADDRCONF(NETDEV_CHANGE): cali747b6bc27a3: link becomes ready [ 119.975992] IPv6: ADDRCONF(NETDEV_CHANGE): calie06d4f2cc24: link becomes ready This is ip-172-31-29-132 (Linux aarch64 5.15.190-flatcar) 00:22:21 SSH host key: SHA256:s1JAnE5yaCMSOQXH1nv09dk7j+NsofrC9HP6D1g6Keo (ECDSA) SSH host key: SHA256:pLiiTPHaOQqCLlPHNWH6ElPMsDH2rTzfk1IiVNPFADQ (ED25519) SSH host key: SHA256:UHuEX1LXVmtQt2Y85hLuEeXXDpb0GO9LJ/H3ReSRhIw (RSA) eth0: 172.31.29.132 fe80::498:feff:fe0e:e66b ip-172-31-29-132 login: [ 120.873561] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 120.875995] IPv6: ADDRCONF(NETDEV_CHANGE): calid890bd3aca5: link becomes ready This is ip-172-31-29-132 (Linux aarch64 5.15.190-flatcar) 00:22:22 SSH host key: SHA256:s1JAnE5yaCMSOQXH1nv09dk7j+NsofrC9HP6D1g6Keo (ECDSA) SSH host key: SHA256:pLiiTPHaOQqCLlPHNWH6ElPMsDH2rTzfk1IiVNPFADQ (ED25519) SSH host key: SHA256:UHuEX1LXVmtQt2Y85hLuEeXXDpb0GO9LJ/H3ReSRhIw (RSA) eth0: 172.31.29.132 fe80::498:feff:fe0e:e66b ip-172-31-29-132 login: This is ip-172-31-29-132 (Linux aarch64 5.15.190-flatcar) 00:22:23 SSH host key: SHA256:s1JAnE5yaCMSOQXH1nv09dk7j+NsofrC9HP6D1g6Keo (ECDSA) SSH host key: SHA256:pLiiTPHaOQqCLlPHNWH6ElPMsDH2rTzfk1IiVNPFADQ (ED25519) SSH host key: SHA256:UHuEX1LXVmtQt2Y85hLuEeXXDpb0GO9LJ/H3ReSRhIw (RSA) eth0: 172.31.29.132 fe80::498:feff:fe0e:e66b ip-172-31-29-132 login: [ 123.210869] kauditd_printk_skb: 572 callbacks suppressed [ 123.210873] audit: type=1130 audit(1757118144.116:1365): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@7-172.31.29.132:22-147.75.109.163:47808 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' This is ip-172-31-29-132 (Linux aarch64 5.15.190-flatcar) 00:22:24 SSH host key: SHA256:s1JAnE5yaCMSOQXH1nv09dk7j+NsofrC9HP6D1g6Keo (ECDSA) SSH host key: SHA256:pLiiTPHaOQqCLlPHNWH6ElPMsDH2rTzfk1IiVNPFADQ (ED25519) SSH host key: SHA256:UHuEX1LXVmtQt2Y85hLuEeXXDpb0GO9LJ/H3ReSRhIw (RSA) eth0: 172.31.29.132 fe80::498:feff:fe0e:e66b ip-172-31-29-132 login: [ 123.358080] audit: type=1325 audit(1757118144.263:1366): table=filter:116 family=2 entries=13 op=nft_register_rule pid=5139 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 123.363998] audit: type=1300 audit(1757118144.263:1366): arch=c00000b7 syscall=211 success=yes exit=4504 a0=3 a1=ffffc1027bd0 a2=0 a3=1 items=0 ppid=2915 pid=5139 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 123.375941] audit: type=1327 audit(1757118144.263:1366): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 123.387788] audit: type=1325 audit(1757118144.292:1367): table=nat:117 family=2 entries=27 op=nft_register_chain pid=5139 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 123.393708] audit: type=1300 audit(1757118144.292:1367): arch=c00000b7 syscall=211 success=yes exit=9348 a0=3 a1=ffffc1027bd0 a2=0 a3=1 items=0 ppid=2915 pid=5139 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 123.405701] audit: type=1327 audit(1757118144.292:1367): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 123.427196] audit: type=1325 audit(1757118144.332:1368): table=filter:118 family=2 entries=12 op=nft_register_rule pid=5141 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 123.433199] audit: type=1300 audit(1757118144.332:1368): arch=c00000b7 syscall=211 success=yes exit=4504 a0=3 a1=ffffd64c0280 a2=0 a3=1 items=0 ppid=2915 pid=5141 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 123.445858] audit: type=1327 audit(1757118144.332:1368): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 This is ip-172-31-29-132 (Linux aarch64 5.15.190-flatcar) 00:22:25 SSH host key: SHA256:s1JAnE5yaCMSOQXH1nv09dk7j+NsofrC9HP6D1g6Keo (ECDSA) SSH host key: SHA256:pLiiTPHaOQqCLlPHNWH6ElPMsDH2rTzfk1IiVNPFADQ (ED25519) SSH host key: SHA256:UHuEX1LXVmtQt2Y85hLuEeXXDpb0GO9LJ/H3ReSRhIw (RSA) eth0: 172.31.29.132 fe80::498:feff:fe0e:e66b ip-172-31-29-132 login: [ 128.921876] kauditd_printk_skb: 94 callbacks suppressed [ 128.921880] audit: type=1130 audit(1757118149.827:1404): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@8-172.31.29.132:22-147.75.109.163:47820 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 128.974926] audit: type=1400 audit(1757118149.880:1405): avc: denied { watch } for pid=5179 comm="apiserver" path="/calico-apiserver-certs/..2025_09_06_00_22_05.24018241/tls.crt" dev="tmpfs" ino=4 scontext=system_u:system_r:svirt_lxc_net_t:s0:c379,c919 tcontext=system_u:object_r:svirt_lxc_file_t:s0:c379,c919 tclass=file permissive=0 [ 128.990295] audit: type=1300 audit(1757118149.880:1405): arch=c00000b7 syscall=27 success=no exit=-13 a0=7 a1=4000eec9a0 a2=fc6 a3=0 items=0 ppid=4587 pid=5179 auid=4294967295 uid=10001 gid=10001 euid=10001 suid=10001 fsuid=10001 egid=10001 sgid=10001 fsgid=10001 tty=(none) ses=4294967295 comm="apiserver" exe="/code/apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c379,c919 key=(null) [ 129.019504] audit: type=1327 audit(1757118149.880:1405): proctitle=2F636F64652F617069736572766572002D2D7365637572652D706F72743D35343433002D2D746C732D707269766174652D6B65792D66696C653D2F63616C69636F2D6170697365727665722D63657274732F746C732E6B6579002D2D746C732D636572742D66696C653D2F63616C69636F2D6170697365727665722D63657274 [ 129.153427] audit: type=1101 audit(1757118150.057:1406): pid=5385 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 129.173466] audit: type=1103 audit(1757118150.070:1407): pid=5385 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 129.192467] audit: type=1006 audit(1757118150.070:1408): pid=5385 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=9 res=1 [ 129.205935] audit: type=1300 audit(1757118150.070:1408): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffe315ca10 a2=3 a3=1 items=0 ppid=1 pid=5385 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=9 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 129.221290] audit: type=1327 audit(1757118150.070:1408): proctitle=737368643A20636F7265205B707269765D [ 129.238444] audit: type=1325 audit(1757118150.075:1409): table=filter:122 family=2 entries=11 op=nft_register_rule pid=5395 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 134.692358] kauditd_printk_skb: 67 callbacks suppressed [ 134.692363] audit: type=1130 audit(1757118155.597:1434): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@9-172.31.29.132:22-147.75.109.163:47800 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 134.903954] audit: type=1101 audit(1757118155.809:1435): pid=5669 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 134.921495] audit: type=1103 audit(1757118155.826:1436): pid=5669 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 134.932769] audit: type=1006 audit(1757118155.826:1437): pid=5669 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=10 res=1 [ 134.941880] audit: type=1300 audit(1757118155.826:1437): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff8de0b80 a2=3 a3=1 items=0 ppid=1 pid=5669 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=10 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 134.955607] audit: type=1327 audit(1757118155.826:1437): proctitle=737368643A20636F7265205B707269765D [ 134.986490] audit: type=1105 audit(1757118155.891:1438): pid=5669 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 135.000611] audit: type=1103 audit(1757118155.904:1439): pid=5671 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 135.376047] audit: type=1106 audit(1757118156.279:1440): pid=5669 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 135.393864] audit: type=1104 audit(1757118156.280:1441): pid=5669 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 140.397838] kauditd_printk_skb: 213 callbacks suppressed [ 140.397843] audit: type=1130 audit(1757118161.303:1495): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@10-172.31.29.132:22-147.75.109.163:53794 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 140.575610] audit: type=1400 audit(1757118161.481:1496): avc: denied { watch } for pid=5787 comm="apiserver" path="/calico-apiserver-certs/..2025_09_06_00_22_05.3472769403/tls.crt" dev="tmpfs" ino=3 scontext=system_u:system_r:svirt_lxc_net_t:s0:c182,c884 tcontext=system_u:object_r:svirt_lxc_file_t:s0:c182,c884 tclass=file permissive=0 [ 140.586821] audit: type=1300 audit(1757118161.481:1496): arch=c00000b7 syscall=27 success=no exit=-13 a0=7 a1=40006f6700 a2=fc6 a3=0 items=0 ppid=4930 pid=5787 auid=4294967295 uid=10001 gid=10001 euid=10001 suid=10001 fsuid=10001 egid=10001 sgid=10001 fsgid=10001 tty=(none) ses=4294967295 comm="apiserver" exe="/code/apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c182,c884 key=(null) [ 140.601420] audit: type=1327 audit(1757118161.481:1496): proctitle=2F636F64652F617069736572766572002D2D7365637572652D706F72743D35343433002D2D746C732D707269766174652D6B65792D66696C653D2F63616C69636F2D6170697365727665722D63657274732F746C732E6B6579002D2D746C732D636572742D66696C653D2F63616C69636F2D6170697365727665722D63657274 [ 140.616863] audit: type=1101 audit(1757118161.519:1497): pid=5912 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 140.644950] audit: type=1103 audit(1757118161.521:1498): pid=5912 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 140.662597] audit: type=1006 audit(1757118161.522:1499): pid=5912 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=11 res=1 [ 140.675535] audit: type=1300 audit(1757118161.522:1499): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffc56c3bb0 a2=3 a3=1 items=0 ppid=1 pid=5912 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=11 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 140.687424] audit: type=1327 audit(1757118161.522:1499): proctitle=737368643A20636F7265205B707269765D [ 140.696875] audit: type=1105 audit(1757118161.596:1500): pid=5912 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 147.147260] kauditd_printk_skb: 32 callbacks suppressed [ 147.147265] audit: type=1130 audit(1757118168.052:1525): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@13-172.31.29.132:22-147.75.109.163:53824 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 147.321231] audit: type=1101 audit(1757118168.226:1526): pid=5956 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 147.332349] audit: type=1103 audit(1757118168.229:1527): pid=5956 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 147.342725] audit: type=1006 audit(1757118168.229:1528): pid=5956 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=14 res=1 [ 147.349041] audit: type=1300 audit(1757118168.229:1528): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffd0c523d0 a2=3 a3=1 items=0 ppid=1 pid=5956 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 147.359371] audit: type=1327 audit(1757118168.229:1528): proctitle=737368643A20636F7265205B707269765D [ 147.382242] audit: type=1105 audit(1757118168.287:1529): pid=5956 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 147.393701] audit: type=1103 audit(1757118168.287:1530): pid=5958 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 147.682004] audit: type=1106 audit(1757118168.585:1531): pid=5956 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 147.696119] audit: type=1104 audit(1757118168.585:1532): pid=5956 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 152.720031] kauditd_printk_skb: 1 callbacks suppressed [ 152.720036] audit: type=1130 audit(1757118173.625:1534): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-172.31.29.132:22-147.75.109.163:43924 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 152.914641] audit: type=1101 audit(1757118173.820:1535): pid=5993 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 152.925362] audit: type=1103 audit(1757118173.823:1536): pid=5993 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 152.935668] audit: type=1006 audit(1757118173.823:1537): pid=5993 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=15 res=1 [ 152.942040] audit: type=1300 audit(1757118173.823:1537): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffcd963820 a2=3 a3=1 items=0 ppid=1 pid=5993 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=15 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 152.953565] audit: type=1327 audit(1757118173.823:1537): proctitle=737368643A20636F7265205B707269765D [ 152.970331] audit: type=1105 audit(1757118173.876:1538): pid=5993 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 152.994026] audit: type=1103 audit(1757118173.890:1539): pid=5995 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 153.310222] audit: type=1106 audit(1757118174.215:1540): pid=5993 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 153.326991] audit: type=1104 audit(1757118174.216:1541): pid=5993 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 158.340558] kauditd_printk_skb: 1 callbacks suppressed [ 158.340563] audit: type=1130 audit(1757118179.246:1543): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-172.31.29.132:22-147.75.109.163:43930 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 158.521852] audit: type=1101 audit(1757118179.427:1544): pid=6023 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 158.534710] audit: type=1103 audit(1757118179.429:1545): pid=6023 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 158.545400] audit: type=1006 audit(1757118179.429:1546): pid=6023 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=16 res=1 [ 158.552151] audit: type=1300 audit(1757118179.429:1546): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffc7983fb0 a2=3 a3=1 items=0 ppid=1 pid=6023 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=16 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 158.567775] audit: type=1327 audit(1757118179.429:1546): proctitle=737368643A20636F7265205B707269765D [ 158.572639] audit: type=1105 audit(1757118179.478:1547): pid=6023 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 158.584531] audit: type=1103 audit(1757118179.478:1548): pid=6026 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 158.862630] audit: type=1106 audit(1757118179.768:1549): pid=6023 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 158.875505] audit: type=1104 audit(1757118179.768:1550): pid=6023 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 163.837279] kauditd_printk_skb: 1 callbacks suppressed [ 163.837284] audit: type=1325 audit(1757118184.742:1552): table=filter:130 family=2 entries=9 op=nft_register_rule pid=6081 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 163.845424] audit: type=1300 audit(1757118184.742:1552): arch=c00000b7 syscall=211 success=yes exit=3016 a0=3 a1=fffffb62b520 a2=0 a3=1 items=0 ppid=2915 pid=6081 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 163.857720] audit: type=1327 audit(1757118184.742:1552): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 163.867503] audit: type=1325 audit(1757118184.772:1553): table=nat:131 family=2 entries=31 op=nft_register_chain pid=6081 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 163.873750] audit: type=1300 audit(1757118184.772:1553): arch=c00000b7 syscall=211 success=yes exit=10884 a0=3 a1=fffffb62b520 a2=0 a3=1 items=0 ppid=2915 pid=6081 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 163.890421] audit: type=1327 audit(1757118184.772:1553): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 163.900422] audit: type=1130 audit(1757118184.804:1554): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@16-172.31.29.132:22-147.75.109.163:58620 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 164.093170] audit: type=1101 audit(1757118184.999:1555): pid=6083 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 164.104066] audit: type=1103 audit(1757118185.002:1556): pid=6083 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 164.113808] audit: type=1006 audit(1757118185.002:1557): pid=6083 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=17 res=1 [ 169.442596] kauditd_printk_skb: 7 callbacks suppressed [ 169.442601] audit: type=1130 audit(1757118190.347:1563): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@17-172.31.29.132:22-147.75.109.163:47618 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 169.633628] audit: type=1101 audit(1757118190.538:1564): pid=6117 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 169.643673] audit: type=1103 audit(1757118190.544:1565): pid=6117 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 169.654722] audit: type=1006 audit(1757118190.544:1566): pid=6117 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=18 res=1 [ 169.660948] audit: type=1300 audit(1757118190.544:1566): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffd50c8770 a2=3 a3=1 items=0 ppid=1 pid=6117 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=18 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 169.671572] audit: type=1327 audit(1757118190.544:1566): proctitle=737368643A20636F7265205B707269765D [ 169.675062] audit: type=1105 audit(1757118190.572:1567): pid=6117 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 169.686287] audit: type=1103 audit(1757118190.576:1568): pid=6119 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 169.932643] audit: type=1106 audit(1757118190.837:1569): pid=6117 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 169.944364] audit: type=1104 audit(1757118190.838:1570): pid=6117 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 174.467456] kauditd_printk_skb: 20 callbacks suppressed [ 174.467461] audit: type=1325 audit(1757118195.372:1587): table=filter:132 family=2 entries=20 op=nft_register_rule pid=6153 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 174.476247] audit: type=1300 audit(1757118195.372:1587): arch=c00000b7 syscall=211 success=yes exit=11944 a0=3 a1=ffffe020f010 a2=0 a3=1 items=0 ppid=2915 pid=6153 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 174.489177] audit: type=1327 audit(1757118195.372:1587): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 174.503640] audit: type=1106 audit(1757118195.404:1588): pid=6139 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 174.516329] audit: type=1104 audit(1757118195.405:1589): pid=6139 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 174.528303] audit: type=1131 audit(1757118195.408:1590): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@19-172.31.29.132:22-147.75.109.163:47626 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 174.541977] audit: type=1325 audit(1757118195.415:1591): table=nat:133 family=2 entries=26 op=nft_register_rule pid=6153 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 174.550100] audit: type=1300 audit(1757118195.415:1591): arch=c00000b7 syscall=211 success=yes exit=8076 a0=3 a1=ffffe020f010 a2=0 a3=1 items=0 ppid=2915 pid=6153 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 174.566631] audit: type=1327 audit(1757118195.415:1591): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 174.573620] audit: type=1130 audit(1757118195.449:1592): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@20-172.31.29.132:22-147.75.109.163:47642 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 180.963263] kauditd_printk_skb: 27 callbacks suppressed [ 180.963268] audit: type=1130 audit(1757118201.868:1612): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@22-172.31.29.132:22-147.75.109.163:58568 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 181.178452] audit: type=1101 audit(1757118202.084:1613): pid=6179 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 181.189751] audit: type=1103 audit(1757118202.084:1614): pid=6179 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 181.201145] audit: type=1006 audit(1757118202.084:1615): pid=6179 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=23 res=1 [ 181.217357] audit: type=1300 audit(1757118202.084:1615): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffc6584aa0 a2=3 a3=1 items=0 ppid=1 pid=6179 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=23 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 181.231030] audit: type=1327 audit(1757118202.084:1615): proctitle=737368643A20636F7265205B707269765D [ 181.239152] audit: type=1105 audit(1757118202.144:1616): pid=6179 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 181.251245] audit: type=1103 audit(1757118202.147:1617): pid=6181 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 181.520067] audit: type=1106 audit(1757118202.426:1618): pid=6179 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 181.534240] audit: type=1104 audit(1757118202.426:1619): pid=6179 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 186.550388] kauditd_printk_skb: 43 callbacks suppressed [ 186.550392] audit: type=1130 audit(1757118207.456:1635): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@23-172.31.29.132:22-147.75.109.163:58574 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 186.728534] audit: type=1101 audit(1757118207.634:1636): pid=6193 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 186.740521] audit: type=1103 audit(1757118207.645:1637): pid=6193 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 186.764562] audit: type=1006 audit(1757118207.645:1638): pid=6193 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=24 res=1 [ 186.771107] audit: type=1300 audit(1757118207.645:1638): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffee798c30 a2=3 a3=1 items=0 ppid=1 pid=6193 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=24 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 186.782655] audit: type=1327 audit(1757118207.645:1638): proctitle=737368643A20636F7265205B707269765D [ 186.796840] audit: type=1105 audit(1757118207.702:1639): pid=6193 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 186.814512] audit: type=1103 audit(1757118207.717:1640): pid=6197 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 187.092478] audit: type=1106 audit(1757118207.998:1641): pid=6193 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 187.106622] audit: type=1104 audit(1757118207.999:1642): pid=6193 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 192.126343] kauditd_printk_skb: 4 callbacks suppressed [ 192.126348] audit: type=1130 audit(1757118213.032:1645): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@24-172.31.29.132:22-147.75.109.163:39730 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 192.296183] audit: type=1101 audit(1757118213.202:1646): pid=6208 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 192.306707] audit: type=1103 audit(1757118213.205:1647): pid=6208 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 192.319077] audit: type=1006 audit(1757118213.205:1648): pid=6208 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=25 res=1 [ 192.325924] audit: type=1300 audit(1757118213.205:1648): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffefcacb50 a2=3 a3=1 items=0 ppid=1 pid=6208 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=25 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 192.339647] audit: type=1327 audit(1757118213.205:1648): proctitle=737368643A20636F7265205B707269765D [ 192.352685] audit: type=1105 audit(1757118213.259:1649): pid=6208 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 192.367449] audit: type=1103 audit(1757118213.273:1650): pid=6210 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 192.648172] audit: type=1106 audit(1757118213.554:1651): pid=6208 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 192.662549] audit: type=1104 audit(1757118213.554:1652): pid=6208 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 197.679515] kauditd_printk_skb: 1 callbacks suppressed [ 197.679519] audit: type=1130 audit(1757118218.586:1654): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@25-172.31.29.132:22-147.75.109.163:39744 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 197.873240] audit: type=1101 audit(1757118218.779:1655): pid=6279 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 197.886363] audit: type=1103 audit(1757118218.790:1656): pid=6279 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 197.898699] audit: type=1006 audit(1757118218.790:1657): pid=6279 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=26 res=1 [ 197.905894] audit: type=1300 audit(1757118218.790:1657): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffcc5e07f0 a2=3 a3=1 items=0 ppid=1 pid=6279 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=26 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 197.916997] audit: type=1327 audit(1757118218.790:1657): proctitle=737368643A20636F7265205B707269765D [ 197.932912] audit: type=1105 audit(1757118218.839:1658): pid=6279 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 197.945851] audit: type=1103 audit(1757118218.852:1659): pid=6281 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 198.244981] audit: type=1106 audit(1757118219.151:1660): pid=6279 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 198.260348] audit: type=1104 audit(1757118219.151:1661): pid=6279 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 203.273604] kauditd_printk_skb: 4 callbacks suppressed [ 203.273608] audit: type=1130 audit(1757118224.180:1664): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@26-172.31.29.132:22-147.75.109.163:33884 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 203.454709] audit: type=1101 audit(1757118224.361:1665): pid=6299 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 203.467576] audit: type=1103 audit(1757118224.374:1666): pid=6299 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 203.479657] audit: type=1006 audit(1757118224.374:1667): pid=6299 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=27 res=1 [ 203.487304] audit: type=1300 audit(1757118224.374:1667): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffd307cf70 a2=3 a3=1 items=0 ppid=1 pid=6299 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=27 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 203.506144] audit: type=1327 audit(1757118224.374:1667): proctitle=737368643A20636F7265205B707269765D [ 203.518906] audit: type=1105 audit(1757118224.425:1668): pid=6299 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 203.532740] audit: type=1103 audit(1757118224.439:1669): pid=6301 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 203.815833] audit: type=1106 audit(1757118224.722:1670): pid=6299 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 203.832571] audit: type=1104 audit(1757118224.722:1671): pid=6299 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 208.852238] kauditd_printk_skb: 1 callbacks suppressed [ 208.852243] audit: type=1130 audit(1757118229.758:1673): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@27-172.31.29.132:22-147.75.109.163:33894 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 209.037782] audit: type=1101 audit(1757118229.943:1674): pid=6319 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 209.062103] audit: type=1103 audit(1757118229.964:1675): pid=6319 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 209.098698] audit: type=1006 audit(1757118229.964:1676): pid=6319 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=28 res=1 [ 209.108036] audit: type=1300 audit(1757118229.964:1676): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffe52f4450 a2=3 a3=1 items=0 ppid=1 pid=6319 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=28 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 209.122995] audit: type=1327 audit(1757118229.964:1676): proctitle=737368643A20636F7265205B707269765D [ 209.130633] audit: type=1105 audit(1757118230.036:1677): pid=6319 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 209.145053] audit: type=1103 audit(1757118230.036:1678): pid=6323 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 209.477227] audit: type=1106 audit(1757118230.383:1679): pid=6319 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 209.493507] audit: type=1104 audit(1757118230.383:1680): pid=6319 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 214.510679] kauditd_printk_skb: 1 callbacks suppressed [ 214.510684] audit: type=1130 audit(1757118235.415:1682): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@28-172.31.29.132:22-147.75.109.163:35738 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 214.679562] audit: type=1101 audit(1757118235.585:1683): pid=6365 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 214.694883] audit: type=1103 audit(1757118235.585:1684): pid=6365 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 214.724486] audit: type=1006 audit(1757118235.585:1685): pid=6365 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=29 res=1 [ 214.736835] audit: type=1300 audit(1757118235.585:1685): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffffa60cac0 a2=3 a3=1 items=0 ppid=1 pid=6365 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=29 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 214.753856] audit: type=1327 audit(1757118235.585:1685): proctitle=737368643A20636F7265205B707269765D [ 214.759995] audit: type=1105 audit(1757118235.654:1686): pid=6365 uid=0 auid=500 ses=29 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 214.777916] audit: type=1103 audit(1757118235.656:1687): pid=6367 uid=0 auid=500 ses=29 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 215.071963] audit: type=1106 audit(1757118235.978:1688): pid=6365 uid=0 auid=500 ses=29 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 215.087009] audit: type=1104 audit(1757118235.978:1689): pid=6365 uid=0 auid=500 ses=29 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 228.644761] kauditd_printk_skb: 1 callbacks suppressed [ 228.644765] audit: type=1334 audit(1757118249.552:1691): prog-id=83 op=UNLOAD [ 228.650373] audit: type=1334 audit(1757118249.552:1692): prog-id=97 op=UNLOAD [ 229.010646] audit: type=1334 audit(1757118249.917:1693): prog-id=120 op=UNLOAD [ 229.016401] audit: type=1334 audit(1757118249.923:1694): prog-id=123 op=UNLOAD [ 229.939533] audit: type=1400 audit(1757118250.847:1695): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 229.948757] audit: type=1400 audit(1757118250.855:1696): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 229.956835] audit: type=1400 audit(1757118250.855:1697): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 229.964766] audit: type=1400 audit(1757118250.855:1698): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 229.972826] audit: type=1400 audit(1757118250.855:1699): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 229.986279] audit: audit_backlog=65 > audit_backlog_limit=64 [ 234.514752] kauditd_printk_skb: 182 callbacks suppressed [ 234.514757] audit: type=1334 audit(1757118255.422:1723): prog-id=79 op=UNLOAD [ 234.521074] audit: type=1334 audit(1757118255.422:1724): prog-id=107 op=UNLOAD [ 234.935435] audit: type=1400 audit(1757118255.843:1725): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 234.943375] audit: type=1400 audit(1757118255.843:1726): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 234.951532] audit: type=1400 audit(1757118255.843:1727): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 234.959328] audit: type=1400 audit(1757118255.843:1728): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 234.967808] audit: type=1400 audit(1757118255.843:1729): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 234.976206] audit: type=1400 audit(1757118255.843:1730): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 234.984278] audit: type=1400 audit(1757118255.843:1731): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 234.992262] audit: type=1400 audit(1757118255.843:1732): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0