bernetes/pki/ca.crt" dev="nvme0n1p9" ino=524562 scontext=system_u:system_r:svirt_lxc_net_t:s0:c43,c79 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 56.569814] kauditd_printk_skb: 259 callbacks suppressed [ 56.569817] audit: type=1400 audit(1761957610.669:717): avc: denied { watch } for pid=2458 comm="kube-controller" path="/opt/libexec/kubernetes/kubelet-plugins/volume/exec" dev="nvme0n1p9" ino=524595 scontext=system_u:system_r:svirt_lxc_net_t:s0:c153,c212 tcontext=system_u:object_r:usr_t:s0 tclass=dir permissive=0 [ 56.580523] audit: type=1300 audit(1761957610.669:717): arch=c000003e syscall=254 success=no exit=-13 a0=7 a1=c0006e6a80 a2=fc6 a3=0 items=0 ppid=2341 pid=2458 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c153,c212 key=(null) [ 56.590696] audit: type=1327 audit(1761957610.669:717): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 56.703371] audit: type=1130 audit(1761957610.804:718): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 56.874229] audit: type=1400 audit(1761957610.975:719): avc: denied { mac_admin } for pid=2612 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 56.882546] audit: type=1401 audit(1761957610.975:719): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 56.890493] audit: type=1300 audit(1761957610.975:719): arch=c000003e syscall=188 success=no exit=-22 a0=c000aebad0 a1=c00072fdb8 a2=c000aebaa0 a3=25 items=0 ppid=1 pid=2612 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/usr/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 56.909821] audit: type=1327 audit(1761957610.975:719): proctitle=2F7573722F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 56.922024] audit: type=1400 audit(1761957610.975:720): avc: denied { mac_admin } for pid=2612 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 56.931460] audit: type=1401 audit(1761957610.975:720): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 62.427284] kauditd_printk_skb: 18 callbacks suppressed [ 62.427287] audit: type=1400 audit(1761957616.528:726): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 62.436321] audit: type=1400 audit(1761957616.528:727): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 62.442656] audit: type=1400 audit(1761957616.528:728): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 62.449371] audit: type=1400 audit(1761957616.528:729): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 62.456483] audit: type=1400 audit(1761957616.528:730): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 62.463977] audit: type=1400 audit(1761957616.528:731): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 62.473337] audit: type=1400 audit(1761957616.528:732): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 62.480620] audit: type=1400 audit(1761957616.528:733): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 62.487694] audit: type=1400 audit(1761957616.528:734): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 62.494138] audit: type=1400 audit(1761957616.537:735): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 80.813849] kauditd_printk_skb: 300 callbacks suppressed [ 80.813852] audit: type=1400 audit(1761957634.916:819): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 80.821963] audit: type=1400 audit(1761957634.916:820): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 80.828458] audit: type=1400 audit(1761957634.916:821): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 80.835146] audit: type=1400 audit(1761957634.916:822): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 80.841875] audit: type=1400 audit(1761957634.916:823): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 80.849031] audit: type=1400 audit(1761957634.916:824): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 80.855147] audit: type=1400 audit(1761957634.916:825): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 80.861017] audit: type=1400 audit(1761957634.916:826): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 80.866602] audit: type=1400 audit(1761957634.916:827): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 80.873863] audit: type=1400 audit(1761957634.918:828): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 87.933457] kauditd_printk_skb: 47 callbacks suppressed [ 87.933460] audit: type=1106 audit(1761957642.035:837): pid=2004 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 87.948490] audit: type=1104 audit(1761957642.035:838): pid=2004 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 87.985953] audit: type=1106 audit(1761957642.088:839): pid=2001 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 88.004135] audit: type=1104 audit(1761957642.088:840): pid=2001 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 88.017759] audit: type=1131 audit(1761957642.101:841): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@6-172.31.20.5:22-147.75.109.163:38994 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 88.661139] audit: type=1325 audit(1761957642.764:842): table=filter:89 family=2 entries=15 op=nft_register_rule pid=3087 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 88.669813] audit: type=1300 audit(1761957642.764:842): arch=c000003e syscall=46 success=yes exit=5992 a0=3 a1=7ffc5af26fd0 a2=0 a3=7ffc5af26fbc items=0 ppid=2828 pid=3087 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 88.685466] audit: type=1327 audit(1761957642.764:842): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 88.691462] audit: type=1325 audit(1761957642.786:843): table=nat:90 family=2 entries=12 op=nft_register_rule pid=3087 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 88.699567] audit: type=1300 audit(1761957642.786:843): arch=c000003e syscall=46 success=yes exit=2700 a0=3 a1=7ffc5af26fd0 a2=0 a3=0 items=0 ppid=2828 pid=3087 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 93.763431] kauditd_printk_skb: 19 callbacks suppressed [ 93.763434] audit: type=1325 audit(1761957647.866:850): table=filter:97 family=2 entries=19 op=nft_register_rule pid=3096 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 93.776517] audit: type=1300 audit(1761957647.866:850): arch=c000003e syscall=46 success=yes exit=7480 a0=3 a1=7ffffad7cf00 a2=0 a3=7ffffad7ceec items=0 ppid=2828 pid=3096 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 93.790765] audit: type=1327 audit(1761957647.866:850): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 93.796029] audit: type=1325 audit(1761957647.893:851): table=nat:98 family=2 entries=12 op=nft_register_rule pid=3096 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 93.801826] audit: type=1300 audit(1761957647.893:851): arch=c000003e syscall=46 success=yes exit=2700 a0=3 a1=7ffffad7cf00 a2=0 a3=0 items=0 ppid=2828 pid=3096 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 93.815125] audit: type=1327 audit(1761957647.893:851): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 94.970287] audit: type=1325 audit(1761957649.073:852): table=filter:99 family=2 entries=21 op=nft_register_rule pid=3100 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 94.976227] audit: type=1300 audit(1761957649.073:852): arch=c000003e syscall=46 success=yes exit=8224 a0=3 a1=7ffc43b17330 a2=0 a3=7ffc43b1731c items=0 ppid=2828 pid=3100 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 94.989045] audit: type=1327 audit(1761957649.073:852): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 94.995789] audit: type=1325 audit(1761957649.096:853): table=nat:100 family=2 entries=12 op=nft_register_rule pid=3100 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 99.153680] kauditd_printk_skb: 179 callbacks suppressed [ 99.153683] audit: type=1325 audit(1761957653.257:910): table=filter:103 family=2 entries=21 op=nft_register_rule pid=3367 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 99.163034] audit: type=1300 audit(1761957653.257:910): arch=c000003e syscall=46 success=yes exit=7480 a0=3 a1=7fff845def90 a2=0 a3=7fff845def7c items=0 ppid=2828 pid=3367 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 99.177391] audit: type=1327 audit(1761957653.257:910): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 99.183643] audit: type=1325 audit(1761957653.279:911): table=nat:104 family=2 entries=19 op=nft_register_chain pid=3367 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 99.189580] audit: type=1300 audit(1761957653.279:911): arch=c000003e syscall=46 success=yes exit=6276 a0=3 a1=7fff845def90 a2=0 a3=7fff845def7c items=0 ppid=2828 pid=3367 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 99.202909] audit: type=1327 audit(1761957653.279:911): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 99.252409] audit: type=1400 audit(1761957653.355:912): avc: denied { perfmon } for pid=3374 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 99.259360] audit: type=1300 audit(1761957653.355:912): arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c0001476b0 a2=3c a3=7f40a43a4cc8 items=0 ppid=3184 pid=3374 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 99.270637] audit: type=1327 audit(1761957653.355:912): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3566666232306537383937613737636639663331663638343563653934 [ 99.278661] audit: type=1400 audit(1761957653.355:913): avc: denied { bpf } for pid=3374 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 108.570158] kauditd_printk_skb: 40 callbacks suppressed [ 108.570161] audit: type=1400 audit(1761957662.674:919): avc: denied { perfmon } for pid=3440 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 108.607854] audit: type=1300 audit(1761957662.674:919): arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c00014d6b0 a2=3c a3=7f63e72ca738 items=0 ppid=3184 pid=3440 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 108.632755] audit: type=1327 audit(1761957662.674:919): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3963366631343666373533346634313132396330626338633631656335 [ 108.678489] audit: type=1400 audit(1761957662.674:920): avc: denied { bpf } for pid=3440 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 108.693838] audit: type=1400 audit(1761957662.674:920): avc: denied { bpf } for pid=3440 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 108.710141] audit: type=1400 audit(1761957662.674:920): avc: denied { bpf } for pid=3440 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 108.736339] audit: type=1400 audit(1761957662.674:920): avc: denied { perfmon } for pid=3440 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 108.758015] audit: type=1400 audit(1761957662.674:920): avc: denied { perfmon } for pid=3440 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 108.808602] audit: type=1400 audit(1761957662.674:920): avc: denied { perfmon } for pid=3440 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 108.844666] audit: type=1400 audit(1761957662.674:920): avc: denied { perfmon } for pid=3440 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 116.989598] kauditd_printk_skb: 58 callbacks suppressed [ 116.989601] audit: type=1400 audit(1761957671.093:934): avc: denied { watch } for pid=2458 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=524562 scontext=system_u:system_r:svirt_lxc_net_t:s0:c153,c212 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 117.003398] audit: type=1300 audit(1761957671.093:934): arch=c000003e syscall=254 success=no exit=-13 a0=9 a1=c001658180 a2=fc6 a3=0 items=0 ppid=2341 pid=2458 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c153,c212 key=(null) [ 117.025177] audit: type=1327 audit(1761957671.093:934): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 117.038370] audit: type=1400 audit(1761957671.093:935): avc: denied { watch } for pid=2458 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=524562 scontext=system_u:system_r:svirt_lxc_net_t:s0:c153,c212 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 117.048892] audit: type=1300 audit(1761957671.093:935): arch=c000003e syscall=254 success=no exit=-13 a0=9 a1=c0015d8ee0 a2=fc6 a3=0 items=0 ppid=2341 pid=2458 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c153,c212 key=(null) [ 117.061539] audit: type=1327 audit(1761957671.093:935): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 117.074410] audit: type=1400 audit(1761957671.106:936): avc: denied { watch } for pid=2458 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=524562 scontext=system_u:system_r:svirt_lxc_net_t:s0:c153,c212 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 117.092489] audit: type=1300 audit(1761957671.106:936): arch=c000003e syscall=254 success=no exit=-13 a0=9 a1=c0015d8f20 a2=fc6 a3=0 items=0 ppid=2341 pid=2458 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c153,c212 key=(null) [ 117.107081] audit: type=1327 audit(1761957671.106:936): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 117.118036] audit: type=1400 audit(1761957671.106:937): avc: denied { watch } for pid=2458 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=524562 scontext=system_u:system_r:svirt_lxc_net_t:s0:c153,c212 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 120.467932] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information. [ 120.470792] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld . All Rights Reserved. [ 122.238514] kauditd_printk_skb: 45 callbacks suppressed [ 122.238517] audit: type=1400 audit(1761957676.341:944): avc: denied { write } for pid=4045 comm="tee" name="fd" dev="proc" ino=26518 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 [ 122.248679] audit: type=1300 audit(1761957676.341:944): arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=7ffee7f4a7e4 a2=241 a3=1b6 items=1 ppid=3995 pid=4045 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) [ 122.262561] audit: type=1307 audit(1761957676.341:944): cwd="/etc/service/enabled/bird/log" [ 122.265136] audit: type=1302 audit(1761957676.341:944): item=0 name="/dev/fd/63" inode=26510 dev=00:0c mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 122.271184] audit: type=1327 audit(1761957676.341:944): proctitle=2F7573722F62696E2F636F72657574696C73002D2D636F72657574696C732D70726F672D73686562616E673D746565002F7573722F62696E2F746565002F6465762F66642F3633 [ 122.278347] audit: type=1400 audit(1761957676.347:945): avc: denied { write } for pid=4028 comm="tee" name="fd" dev="proc" ino=26525 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 [ 122.287848] audit: type=1300 audit(1761957676.347:945): arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=7ffe3dbd07d3 a2=241 a3=1b6 items=1 ppid=3985 pid=4028 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) [ 122.301569] audit: type=1307 audit(1761957676.347:945): cwd="/etc/service/enabled/allocate-tunnel-addrs/log" [ 122.306095] audit: type=1302 audit(1761957676.347:945): item=0 name="/dev/fd/63" inode=26850 dev=00:0c mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 122.314131] audit: type=1327 audit(1761957676.347:945): proctitle=2F7573722F62696E2F636F72657574696C73002D2D636F72657574696C732D70726F672D73686562616E673D746565002F7573722F62696E2F746565002F6465762F66642F3633 This is ip-172-31-20-5 (Linux x86_64 5.15.192-flatcar) 00:41:18 SSH host key: SHA256:NdNTIvL4j1X8PT8C9A7qrX+7KtSx9gRtwnZ2+bWx4rQ (ED25519) SSH host key: SHA256:Hye5ziPX+Zq9YeX4oop99Qyd3RZ89vufip38f2V5gjw (RSA) SSH host key: SHA256:IB37touu2LyN1mFqBO0hs9l06wJXQe4N4Hdb1AZgpdI (ECDSA) eth0: 172.31.20.5 fe80::4d5:fbff:fe5b:844d ip-172-31-20-5 login: This is ip-172-31-20-5 (Linux x86_64 5.15.192-flatcar) 00:41:19 SSH host key: SHA256:NdNTIvL4j1X8PT8C9A7qrX+7KtSx9gRtwnZ2+bWx4rQ (ED25519) SSH host key: SHA256:Hye5ziPX+Zq9YeX4oop99Qyd3RZ89vufip38f2V5gjw (RSA) SSH host key: SHA256:IB37touu2LyN1mFqBO0hs9l06wJXQe4N4Hdb1AZgpdI (ECDSA) eth0: 172.31.20.5 fe80::4d5:fbff:fe5b:844d ip-172-31-20-5 login: [ 127.296712] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 127.298347] IPv6: ADDRCONF(NETDEV_CHANGE): calicbdf3894a72: link becomes ready [ 127.321154] kauditd_printk_skb: 554 callbacks suppressed [ 127.321157] audit: type=1101 audit(1761957681.424:1054): pid=4198 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 127.331791] audit: type=1103 audit(1761957681.434:1055): pid=4198 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 127.342945] audit: type=1006 audit(1761957681.434:1056): pid=4198 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=8 res=1 [ 127.347889] audit: type=1300 audit(1761957681.434:1056): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffcd3583140 a2=3 a3=0 items=0 ppid=1 pid=4198 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=8 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 127.362620] audit: type=1327 audit(1761957681.434:1056): proctitle=737368643A20636F7265205B707269765D [ 127.396336] audit: type=1105 audit(1761957681.499:1057): pid=4198 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 127.405739] audit: type=1103 audit(1761957681.508:1058): pid=4257 uid=0 auid=500 ses=8 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 127.445336] audit: type=1325 audit(1761957681.518:1059): table=filter:109 family=2 entries=59 op=nft_register_chain pid=4253 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" [ 127.448917] audit: type=1300 audit(1761957681.518:1059): arch=c000003e syscall=46 success=yes exit=35860 a0=3 a1=7ffe58a7af50 a2=0 a3=7ffe58a7af3c items=0 ppid=3988 pid=4253 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 127.463946] audit: type=1327 audit(1761957681.518:1059): proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 [ 128.273883] IPv6: ADDRCONF(NETDEV_CHANGE): cali48cf154d9ea: link becomes ready [ 128.765454] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 128.768123] IPv6: ADDRCONF(NETDEV_CHANGE): cali819024acdca: link becomes ready [ 128.837465] IPv6: ADDRCONF(NETDEV_CHANGE): cali266f700ed4f: link becomes ready [ 129.312154] IPv6: ADDRCONF(NETDEV_CHANGE): cali3b8ec7aa1cd: link becomes ready [ 129.451068] IPv6: ADDRCONF(NETDEV_CHANGE): cali579b89633e0: link becomes ready This is ip-172-31-20-5 (Linux x86_64 5.15.192-flatcar) 00:41:24 SSH host key: SHA256:NdNTIvL4j1X8PT8C9A7qrX+7KtSx9gRtwnZ2+bWx4rQ (ED25519) SSH host key: SHA256:Hye5ziPX+Zq9YeX4oop99Qyd3RZ89vufip38f2V5gjw (RSA) SSH host key: SHA256:IB37touu2LyN1mFqBO0hs9l06wJXQe4N4Hdb1AZgpdI (ECDSA) eth0: 172.31.20.5 fe80::4d5:fbff:fe5b:844d ip-172-31-20-5 login: [ 130.278746] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 130.280167] IPv6: ADDRCONF(NETDEV_CHANGE): cali05060a94a97: link becomes ready This is ip-172-31-20-5 (Linux x86_64 5.15.192-flatcar) 00:41:25 SSH host key: SHA256:NdNTIvL4j1X8PT8C9A7qrX+7KtSx9gRtwnZ2+bWx4rQ (ED25519) SSH host key: SHA256:Hye5ziPX+Zq9YeX4oop99Qyd3RZ89vufip38f2V5gjw (RSA) SSH host key: SHA256:IB37touu2LyN1mFqBO0hs9l06wJXQe4N4Hdb1AZgpdI (ECDSA) eth0: 172.31.20.5 fe80::4d5:fbff:fe5b:844d ip-172-31-20-5 login: [ 131.383088] IPv6: ADDRCONF(NETDEV_CHANGE): cali2abe8ee139a: link becomes ready This is ip-172-31-20-5 (Linux x86_64 5.15.192-flatcar) 00:41:26 SSH host key: SHA256:NdNTIvL4j1X8PT8C9A7qrX+7KtSx9gRtwnZ2+bWx4rQ (ED25519) SSH host key: SHA256:Hye5ziPX+Zq9YeX4oop99Qyd3RZ89vufip38f2V5gjw (RSA) SSH host key: SHA256:IB37touu2LyN1mFqBO0hs9l06wJXQe4N4Hdb1AZgpdI (ECDSA) eth0: 172.31.20.5 fe80::4d5:fbff:fe5b:844d ip-172-31-20-5 login: [ 132.803633] kauditd_printk_skb: 624 callbacks suppressed [ 132.803636] audit: type=1325 audit(1761957686.906:1260): table=filter:125 family=2 entries=17 op=nft_register_rule pid=5028 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 132.807826] audit: type=1300 audit(1761957686.906:1260): arch=c000003e syscall=46 success=yes exit=5248 a0=3 a1=7ffd6b0ace30 a2=0 a3=7ffd6b0ace1c items=0 ppid=2828 pid=5028 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 132.815026] audit: type=1327 audit(1761957686.906:1260): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 132.818063] audit: type=1325 audit(1761957686.919:1261): table=nat:126 family=2 entries=35 op=nft_register_chain pid=5028 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 132.821221] audit: type=1300 audit(1761957686.919:1261): arch=c000003e syscall=46 success=yes exit=14196 a0=3 a1=7ffd6b0ace30 a2=0 a3=7ffd6b0ace1c items=0 ppid=2828 pid=5028 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 132.826771] audit: type=1327 audit(1761957686.919:1261): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 This is ip-172-31-20-5 (Linux x86_64 5.15.192-flatcar) 00:41:27 SSH host key: SHA256:NdNTIvL4j1X8PT8C9A7qrX+7KtSx9gRtwnZ2+bWx4rQ (ED25519) SSH host key: SHA256:Hye5ziPX+Zq9YeX4oop99Qyd3RZ89vufip38f2V5gjw (RSA) SSH host key: SHA256:IB37touu2LyN1mFqBO0hs9l06wJXQe4N4Hdb1AZgpdI (ECDSA) eth0: 172.31.20.5 fe80::4d5:fbff:fe5b:844d ip-172-31-20-5 login: [ 133.576742] audit: type=1130 audit(1761957687.679:1262): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@8-172.31.20.5:22-147.75.109.163:43690 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 133.796948] audit: type=1101 audit(1761957687.899:1263): pid=5036 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 133.802414] audit: type=1103 audit(1761957687.904:1264): pid=5036 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 133.807913] audit: type=1006 audit(1761957687.905:1265): pid=5036 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=9 res=1 This is ip-172-31-20-5 (Linux x86_64 5.15.192-flatcar) 00:41:28 SSH host key: SHA256:NdNTIvL4j1X8PT8C9A7qrX+7KtSx9gRtwnZ2+bWx4rQ (ED25519) SSH host key: SHA256:Hye5ziPX+Zq9YeX4oop99Qyd3RZ89vufip38f2V5gjw (RSA) SSH host key: SHA256:IB37touu2LyN1mFqBO0hs9l06wJXQe4N4Hdb1AZgpdI (ECDSA) eth0: 172.31.20.5 fe80::4d5:fbff:fe5b:844d ip-172-31-20-5 login: [ 139.321128] kauditd_printk_skb: 7 callbacks suppressed [ 139.321131] audit: type=1130 audit(1761957693.423:1271): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@9-172.31.20.5:22-147.75.109.163:57716 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 139.489968] audit: type=1101 audit(1761957693.592:1272): pid=5051 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 139.495897] audit: type=1103 audit(1761957693.598:1273): pid=5051 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 139.500599] audit: type=1006 audit(1761957693.598:1274): pid=5051 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=10 res=1 [ 139.505074] audit: type=1300 audit(1761957693.598:1274): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff9514dc70 a2=3 a3=0 items=0 ppid=1 pid=5051 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=10 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 139.513283] audit: type=1327 audit(1761957693.598:1274): proctitle=737368643A20636F7265205B707269765D [ 139.524519] audit: type=1105 audit(1761957693.627:1275): pid=5051 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 139.533192] audit: type=1103 audit(1761957693.631:1276): pid=5053 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 139.753579] audit: type=1106 audit(1761957693.856:1277): pid=5051 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 139.763955] audit: type=1104 audit(1761957693.858:1278): pid=5051 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 145.758274] kauditd_printk_skb: 29 callbacks suppressed [ 145.758278] audit: type=1130 audit(1761957699.860:1300): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@12-172.31.20.5:22-147.75.109.163:57746 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 145.927362] audit: type=1101 audit(1761957700.029:1301): pid=5102 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 145.939733] audit: type=1103 audit(1761957700.039:1302): pid=5102 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 145.950776] audit: type=1006 audit(1761957700.039:1303): pid=5102 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=13 res=1 [ 145.956976] audit: type=1300 audit(1761957700.039:1303): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd1ca698f0 a2=3 a3=0 items=0 ppid=1 pid=5102 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=13 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 145.968278] audit: type=1327 audit(1761957700.039:1303): proctitle=737368643A20636F7265205B707269765D [ 145.973916] audit: type=1105 audit(1761957700.070:1304): pid=5102 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 145.981650] audit: type=1103 audit(1761957700.075:1305): pid=5104 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 146.168022] audit: type=1106 audit(1761957700.270:1306): pid=5102 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 146.179090] audit: type=1104 audit(1761957700.270:1307): pid=5102 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 151.193902] kauditd_printk_skb: 1 callbacks suppressed [ 151.193905] audit: type=1130 audit(1761957705.296:1309): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@13-172.31.20.5:22-147.75.109.163:50338 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 151.369975] audit: type=1101 audit(1761957705.472:1310): pid=5114 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 151.383420] audit: type=1103 audit(1761957705.482:1311): pid=5114 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 151.395499] audit: type=1006 audit(1761957705.482:1312): pid=5114 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=14 res=1 [ 151.403332] audit: type=1300 audit(1761957705.482:1312): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffeaed22c70 a2=3 a3=0 items=0 ppid=1 pid=5114 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 151.415866] audit: type=1327 audit(1761957705.482:1312): proctitle=737368643A20636F7265205B707269765D [ 151.449348] audit: type=1105 audit(1761957705.550:1313): pid=5114 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 151.464370] audit: type=1103 audit(1761957705.566:1314): pid=5127 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 151.716810] audit: type=1106 audit(1761957705.819:1315): pid=5114 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 151.727510] audit: type=1104 audit(1761957705.819:1316): pid=5114 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 156.741241] kauditd_printk_skb: 1 callbacks suppressed [ 156.741244] audit: type=1130 audit(1761957710.843:1318): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-172.31.20.5:22-147.75.109.163:40406 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 156.975940] audit: type=1101 audit(1761957711.077:1319): pid=5152 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 156.989966] audit: type=1103 audit(1761957711.087:1320): pid=5152 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 157.015088] audit: type=1006 audit(1761957711.087:1321): pid=5152 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=15 res=1 [ 157.028352] audit: type=1300 audit(1761957711.087:1321): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe5346adf0 a2=3 a3=0 items=0 ppid=1 pid=5152 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=15 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 157.040460] audit: type=1327 audit(1761957711.087:1321): proctitle=737368643A20636F7265205B707269765D [ 157.044743] audit: type=1105 audit(1761957711.124:1322): pid=5152 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 157.057692] audit: type=1103 audit(1761957711.126:1323): pid=5154 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 157.389711] audit: type=1106 audit(1761957711.491:1324): pid=5152 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 157.402099] audit: type=1104 audit(1761957711.492:1325): pid=5152 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 162.411982] kauditd_printk_skb: 1 callbacks suppressed [ 162.411985] audit: type=1130 audit(1761957716.514:1327): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-172.31.20.5:22-147.75.109.163:40416 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 162.581363] audit: type=1101 audit(1761957716.683:1328): pid=5165 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 162.593748] audit: type=1103 audit(1761957716.695:1329): pid=5165 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 162.603073] audit: type=1006 audit(1761957716.695:1330): pid=5165 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=16 res=1 [ 162.608814] audit: type=1300 audit(1761957716.695:1330): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd371efe60 a2=3 a3=0 items=0 ppid=1 pid=5165 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=16 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 162.626818] audit: type=1327 audit(1761957716.695:1330): proctitle=737368643A20636F7265205B707269765D [ 162.630615] audit: type=1105 audit(1761957716.727:1331): pid=5165 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 162.641477] audit: type=1103 audit(1761957716.729:1332): pid=5167 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 162.880748] audit: type=1106 audit(1761957716.981:1333): pid=5165 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 162.892150] audit: type=1104 audit(1761957716.981:1334): pid=5165 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 171.389967] kauditd_printk_skb: 57 callbacks suppressed [ 171.389970] audit: type=1400 audit(1761957725.492:1376): avc: denied { watch } for pid=2458 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=524562 scontext=system_u:system_r:svirt_lxc_net_t:s0:c153,c212 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 171.403843] audit: type=1300 audit(1761957725.492:1376): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c001fd9ce0 a2=fc6 a3=0 items=0 ppid=2341 pid=2458 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c153,c212 key=(null) [ 171.419846] audit: type=1327 audit(1761957725.492:1376): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 171.431271] audit: type=1400 audit(1761957725.492:1377): avc: denied { watch } for pid=2458 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="nvme0n1p9" ino=524568 scontext=system_u:system_r:svirt_lxc_net_t:s0:c153,c212 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 171.442278] audit: type=1300 audit(1761957725.492:1377): arch=c000003e syscall=254 success=no exit=-13 a0=9 a1=c00234dcb0 a2=fc6 a3=0 items=0 ppid=2341 pid=2458 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c153,c212 key=(null) [ 171.455303] audit: type=1327 audit(1761957725.492:1377): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 172.100634] audit: type=1130 audit(1761957726.202:1378): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@20-172.31.20.5:22-147.75.109.163:57858 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 172.307529] audit: type=1101 audit(1761957726.408:1379): pid=5236 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 172.329836] audit: type=1103 audit(1761957726.423:1380): pid=5236 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 172.340657] audit: type=1006 audit(1761957726.423:1381): pid=5236 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=21 res=1 [ 177.007194] kauditd_printk_skb: 31 callbacks suppressed [ 177.007197] audit: type=1400 audit(1761957731.109:1395): avc: denied { watch } for pid=2458 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=524562 scontext=system_u:system_r:svirt_lxc_net_t:s0:c153,c212 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 177.024819] audit: type=1300 audit(1761957731.109:1395): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0021c3b40 a2=fc6 a3=0 items=0 ppid=2341 pid=2458 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c153,c212 key=(null) [ 177.037198] audit: type=1327 audit(1761957731.109:1395): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 177.049237] audit: type=1400 audit(1761957731.121:1396): avc: denied { watch } for pid=2458 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=524562 scontext=system_u:system_r:svirt_lxc_net_t:s0:c153,c212 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 177.058947] audit: type=1300 audit(1761957731.121:1396): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0021c3b60 a2=fc6 a3=0 items=0 ppid=2341 pid=2458 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c153,c212 key=(null) [ 177.084298] audit: type=1327 audit(1761957731.121:1396): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 177.095933] audit: type=1400 audit(1761957731.122:1397): avc: denied { watch } for pid=2458 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=524562 scontext=system_u:system_r:svirt_lxc_net_t:s0:c153,c212 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 177.105323] audit: type=1300 audit(1761957731.122:1397): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c0021c3b80 a2=fc6 a3=0 items=0 ppid=2341 pid=2458 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c153,c212 key=(null) [ 177.117658] audit: type=1327 audit(1761957731.122:1397): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 177.128694] audit: type=1400 audit(1761957731.122:1398): avc: denied { watch } for pid=2458 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=524562 scontext=system_u:system_r:svirt_lxc_net_t:s0:c153,c212 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 183.921600] kauditd_printk_skb: 13 callbacks suppressed [ 183.921603] audit: type=1130 audit(1761957738.023:1408): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@22-172.31.20.5:22-147.75.109.163:54034 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 184.144849] audit: type=1101 audit(1761957738.246:1409): pid=5640 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 184.155141] audit: type=1103 audit(1761957738.256:1410): pid=5640 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 184.167547] audit: type=1006 audit(1761957738.256:1411): pid=5640 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=23 res=1 [ 184.177872] audit: type=1300 audit(1761957738.256:1411): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd012b0850 a2=3 a3=0 items=0 ppid=1 pid=5640 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=23 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 184.187974] audit: type=1327 audit(1761957738.256:1411): proctitle=737368643A20636F7265205B707269765D [ 184.192639] audit: type=1105 audit(1761957738.278:1412): pid=5640 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 184.204664] audit: type=1103 audit(1761957738.281:1413): pid=5642 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 184.667692] audit: type=1106 audit(1761957738.769:1414): pid=5640 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 184.679075] audit: type=1104 audit(1761957738.770:1415): pid=5640 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 189.693513] kauditd_printk_skb: 1 callbacks suppressed [ 189.693516] audit: type=1130 audit(1761957743.795:1417): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@23-172.31.20.5:22-147.75.109.163:56916 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 189.891725] audit: type=1101 audit(1761957743.993:1418): pid=5656 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 189.904721] audit: type=1103 audit(1761957744.004:1419): pid=5656 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 189.918718] audit: type=1006 audit(1761957744.004:1420): pid=5656 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=24 res=1 [ 189.924904] audit: type=1300 audit(1761957744.004:1420): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffdd9ff1ca0 a2=3 a3=0 items=0 ppid=1 pid=5656 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=24 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 189.937118] audit: type=1327 audit(1761957744.004:1420): proctitle=737368643A20636F7265205B707269765D [ 189.943188] audit: type=1105 audit(1761957744.027:1421): pid=5656 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 189.955310] audit: type=1103 audit(1761957744.044:1422): pid=5658 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 190.332284] audit: type=1106 audit(1761957744.434:1423): pid=5656 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 190.345481] audit: type=1104 audit(1761957744.434:1424): pid=5656 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 195.359683] kauditd_printk_skb: 1 callbacks suppressed [ 195.359685] audit: type=1130 audit(1761957749.462:1426): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@24-172.31.20.5:22-147.75.109.163:56930 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 195.562755] audit: type=1101 audit(1761957749.665:1427): pid=5667 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 195.573685] audit: type=1103 audit(1761957749.665:1428): pid=5667 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 195.586133] audit: type=1006 audit(1761957749.665:1429): pid=5667 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=25 res=1 [ 195.609433] audit: type=1300 audit(1761957749.665:1429): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe06f74520 a2=3 a3=0 items=0 ppid=1 pid=5667 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=25 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 195.621464] audit: type=1327 audit(1761957749.665:1429): proctitle=737368643A20636F7265205B707269765D [ 195.626243] audit: type=1105 audit(1761957749.710:1430): pid=5667 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 195.638093] audit: type=1103 audit(1761957749.723:1431): pid=5669 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 196.113036] audit: type=1106 audit(1761957750.214:1432): pid=5667 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 196.124310] audit: type=1104 audit(1761957750.215:1433): pid=5667 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 201.139441] kauditd_printk_skb: 1 callbacks suppressed [ 201.139444] audit: type=1130 audit(1761957755.241:1435): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@25-172.31.20.5:22-147.75.109.163:42200 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 201.337146] audit: type=1101 audit(1761957755.438:1436): pid=5679 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 201.356436] audit: type=1103 audit(1761957755.440:1437): pid=5679 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 201.375764] audit: type=1006 audit(1761957755.440:1438): pid=5679 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=26 res=1 [ 201.380694] audit: type=1300 audit(1761957755.440:1438): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd693fd920 a2=3 a3=0 items=0 ppid=1 pid=5679 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=26 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 201.391513] audit: type=1327 audit(1761957755.440:1438): proctitle=737368643A20636F7265205B707269765D [ 201.396476] audit: type=1105 audit(1761957755.476:1439): pid=5679 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 201.408134] audit: type=1103 audit(1761957755.479:1440): pid=5681 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 201.794250] audit: type=1106 audit(1761957755.896:1441): pid=5679 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 201.816743] audit: type=1104 audit(1761957755.908:1442): pid=5679 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success'