md[1]: (This warning is only shown for the first unit using IP firewalling.) [ 11.392158] systemd[1]: Starting systemd-journald.service... [ 11.401106] systemd[1]: Starting systemd-modules-load.service... [ 11.407148] systemd[1]: Starting systemd-network-generator.service... [ 11.415012] loop: module loaded [ 11.417147] systemd[1]: Starting systemd-remount-fs.service... [ 11.424559] systemd[1]: Starting systemd-udev-trigger.service... [ 11.427987] systemd[1]: xenserver-pv-version.service was skipped because of an unmet condition check (ConditionVirtualization=xen). [ 11.437768] systemd[1]: Mounted dev-hugepages.mount. [ 11.440691] fuse: init (API version 7.34) [ 11.448971] systemd[1]: Mounted dev-mqueue.mount. [ 11.452393] systemd[1]: Mounted media.mount. [ 11.456051] systemd[1]: Mounted sys-kernel-debug.mount. [ 11.459428] systemd[1]: Mounted sys-kernel-tracing.mount. [ 11.468793] systemd[1]: Mounted tmp.mount. [ 11.474914] systemd[1]: Finished kmod-static-nodes.service. [ 11.479775] audit: type=1130 audit(1761957735.433:90): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kmod-static-nodes comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 11.487510] systemd[1]: modprobe@configfs.service: Deactivated successfully. [ 11.490219] audit: type=1305 audit(1761957735.440:91): op=set audit_enabled=1 old=1 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 res=1 [ 11.495309] systemd[1]: Finished modprobe@configfs.service. [ 11.499617] audit: type=1300 audit(1761957735.440:91): arch=c000003e syscall=46 success=yes exit=60 a0=3 a1=7ffee599eb60 a2=4000 a3=7ffee599ebfc items=0 ppid=1 pid=1428 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-journal" exe="/usr/lib/systemd/systemd-journald" subj=system_u:system_r:kernel_t:s0 key=(null) [ 11.510157] systemd[1]: Started systemd-journald.service. [ 11.522630] audit: type=1327 audit(1761957735.440:91): proctitle="/usr/lib/systemd/systemd-journald" [ 11.529020] audit: type=1130 audit(1761957735.463:92): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=modprobe@configfs comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 11.546630] audit: type=1131 audit(1761957735.463:93): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=modprobe@configfs comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 11.561033] audit: type=1130 audit(1761957735.467:94): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-journald comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 11.581185] audit: type=1130 audit(1761957735.471:95): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=modprobe@dm_mod comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 11.624567] systemd-journald[1428]: Received client request to flush runtime journal. [ 12.526720] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input2 [ 12.553457] ACPI: button: Power Button [PWRF] [ 12.555283] input: Sleep Button as /devices/LNXSYSTM:00/LNXSLPBN:00/input/input3 [ 12.580107] ACPI: button: Sleep Button [SLPF] [ 12.615494] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 12.655638] piix4_smbus 0000:00:01.3: SMBus base address uninitialized - upgrade BIOS or use force_addr=0xaddr [ 12.662201] input: ImPS/2 Generic Wheel Mouse as /devices/platform/i8042/serio1/input/input4 [ 12.670746] mousedev: PS/2 mouse device common for all mice [ 12.967852] loop0: detected capacity change from 0 to 224512 [ 13.074529] squashfs: version 4.0 (2009/01/31) Phillip Lougher [ 13.088416] loop1: detected capacity change from 0 to 224512 [ 14.209216] EXT4-fs (nvme0n1p9): resizing filesystem from 553472 to 3587067 blocks [ 14.326955] EXT4-fs (nvme0n1p9): resized filesystem to 3587067 2025/11/01 00:42:20Z: Amazon SSM Agent v2.3.1319.0 is running 2025/11/01 00:42:20Z: OsProductName: Flatcar Container Linux by Kinvolk 2025/11/01 00:42:20Z: OsVersion: 3510.3.8 This is ip-172-31-19-28 (Linux x86_64 5.15.192-flatcar) 00:42:23 SSH host key: SHA256:EwsX4cMv+jXXcUtxCmXtqR7krygJNc4cRcL+cfxoX08 (ED25519) SSH host key: SHA256:aT+uJ+uxUUpr7bOvDGtN91zkCJVUfJQBKXuLqA+X+vE (RSA) SSH host key: SHA256:O8U8dXdAUBkANPIwT8av43/+CwdLbOdKiq2tlKzFgMo (ECDSA) eth0: 172.31.19.28 fe80::4ba:38ff:fe40:ca2d ip-172-31-19-28 login: [ 19.546028] kauditd_printk_skb: 174 callbacks suppressed [ 19.546031] audit: type=1305 audit(1761957744.326:155): auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=remove_rule key=(null) list=5 res=1 [ 19.549165] audit: type=1300 audit(1761957744.326:155): arch=c000003e syscall=44 success=yes exit=1056 a0=3 a1=7ffeed16d110 a2=420 a3=0 items=0 ppid=1 pid=2089 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="auditctl" exe="/usr/sbin/auditctl" subj=system_u:system_r:kernel_t:s0 key=(null) [ 19.557613] audit: type=1327 audit(1761957744.326:155): proctitle=2F7362696E2F617564697463746C002D44 [ 19.559164] audit: type=1131 audit(1761957744.328:156): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=audit-rules comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 19.579511] audit: type=1130 audit(1761957744.357:157): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=audit-rules comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 19.584399] audit: type=1106 audit(1761957744.358:158): pid=2085 uid=500 auid=500 ses=6 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 19.588592] audit: type=1104 audit(1761957744.358:159): pid=2085 uid=500 auid=500 ses=6 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 19.601804] audit: type=1106 audit(1761957744.382:160): pid=2081 uid=0 auid=500 ses=6 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 19.607891] audit: type=1104 audit(1761957744.382:161): pid=2081 uid=0 auid=500 ses=6 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 19.613474] audit: type=1131 audit(1761957744.382:162): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@5-172.31.19.28:22-147.75.109.163:58122 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 20.524093] Initializing XFRM netlink socket This is ip-172-31-19-28 (Linux x86_64 5.15.192-flatcar) 00:42:26 SSH host key: SHA256:EwsX4cMv+jXXcUtxCmXtqR7krygJNc4cRcL+cfxoX08 (ED25519) SSH host key: SHA256:aT+uJ+uxUUpr7bOvDGtN91zkCJVUfJQBKXuLqA+X+vE (RSA) SSH host key: SHA256:O8U8dXdAUBkANPIwT8av43/+CwdLbOdKiq2tlKzFgMo (ECDSA) eth0: 172.31.19.28 fe80::4ba:38ff:fe40:ca2d ip-172-31-19-28 login: [ 28.436546] kauditd_printk_skb: 84 callbacks suppressed [ 28.436549] audit: type=1130 audit(1761957753.216:197): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 28.442403] audit: type=1131 audit(1761957753.216:198): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 29.686088] audit: type=1130 audit(1761957754.466:199): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 29.795741] audit: type=1131 audit(1761957754.576:200): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' [ 37.952465] audit: type=1130 audit(1761957762.732:201): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 37.956311] audit: type=1131 audit(1761957762.735:202): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 38.434248] audit: type=1130 audit(1761957763.214:203): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' [ 38.791511] audit: type=1130 audit(1761957763.570:204): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 39.447070] audit: type=1400 audit(1761957764.227:205): avc: denied { mac_admin } for pid=2382 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 39.451446] audit: type=1401 audit(1761957764.227:205): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 39.455806] audit: type=1300 audit(1761957764.227:205): arch=c000003e syscall=188 success=no exit=-22 a0=c0006fd950 a1=c000aa9e78 a2=c0006fd920 a3=25 items=0 ppid=1 pid=2382 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/usr/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 39.468335] audit: type=1327 audit(1761957764.227:205): proctitle=2F7573722F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 39.479067] audit: type=1400 audit(1761957764.232:206): avc: denied { mac_admin } for pid=2382 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 39.487051] audit: type=1401 audit(1761957764.232:206): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 44.864465] kauditd_printk_skb: 42 callbacks suppressed [ 44.864468] audit: type=1131 audit(1761957769.644:220): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 46.654027] audit: type=1131 audit(1761957771.434:221): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 48.149852] audit: type=1130 audit(1761957772.928:222): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 48.465618] audit: type=1400 audit(1761957773.246:223): avc: denied { mac_admin } for pid=2748 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 48.471777] audit: type=1401 audit(1761957773.246:223): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 48.476693] audit: type=1300 audit(1761957773.246:223): arch=c000003e syscall=188 success=no exit=-22 a0=c000be11d0 a1=c000b03d40 a2=c000be11a0 a3=25 items=0 ppid=1 pid=2748 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/usr/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 48.489929] audit: type=1327 audit(1761957773.246:223): proctitle=2F7573722F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 48.503389] audit: type=1400 audit(1761957773.246:224): avc: denied { mac_admin } for pid=2748 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 48.511730] audit: type=1401 audit(1761957773.246:224): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 48.515910] audit: type=1300 audit(1761957773.246:224): arch=c000003e syscall=188 success=no exit=-22 a0=c000b63820 a1=c000b03d58 a2=c000be1260 a3=25 items=0 ppid=1 pid=2748 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/usr/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 54.894613] kauditd_printk_skb: 5 callbacks suppressed [ 54.894615] audit: type=1325 audit(1761957779.675:226): table=mangle:38 family=2 entries=1 op=nft_register_chain pid=2941 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 54.909927] audit: type=1300 audit(1761957779.675:226): arch=c000003e syscall=46 success=yes exit=104 a0=3 a1=7ffff6513970 a2=0 a3=7ffff651395c items=0 ppid=2891 pid=2941 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 54.925327] audit: type=1327 audit(1761957779.675:226): proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D74006D616E676C65 [ 54.931723] audit: type=1325 audit(1761957779.677:227): table=mangle:39 family=10 entries=1 op=nft_register_chain pid=2942 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" [ 54.938726] audit: type=1300 audit(1761957779.677:227): arch=c000003e syscall=46 success=yes exit=104 a0=3 a1=7ffebb732020 a2=0 a3=7ffebb73200c items=0 ppid=2891 pid=2942 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip6tables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 54.950517] audit: type=1327 audit(1761957779.677:227): proctitle=6970367461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D74006D616E676C65 [ 54.956370] audit: type=1325 audit(1761957779.679:228): table=nat:40 family=2 entries=1 op=nft_register_chain pid=2943 subj=system_u:system_r:kernel_t:s0 comm="iptables" [ 54.962222] audit: type=1300 audit(1761957779.679:228): arch=c000003e syscall=46 success=yes exit=100 a0=3 a1=7ffd9b8057d0 a2=0 a3=7ffd9b8057bc items=0 ppid=2891 pid=2943 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 54.974209] audit: type=1327 audit(1761957779.679:228): proctitle=69707461626C6573002D770035002D5700313030303030002D4E004B5542452D50524F58592D43414E415259002D74006E6174 [ 54.982046] audit: type=1325 audit(1761957779.681:229): table=nat:41 family=10 entries=1 op=nft_register_chain pid=2944 subj=system_u:system_r:kernel_t:s0 comm="ip6tables" [ 64.594340] kauditd_printk_skb: 143 callbacks suppressed [ 64.594344] audit: type=1106 audit(1761957789.374:277): pid=2118 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 64.606364] audit: type=1104 audit(1761957789.374:278): pid=2118 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 64.643148] audit: type=1106 audit(1761957789.423:279): pid=2114 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 64.676408] audit: type=1104 audit(1761957789.423:280): pid=2114 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 64.685614] audit: type=1131 audit(1761957789.443:281): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@6-172.31.19.28:22-147.75.109.163:58138 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 65.693215] audit: type=1325 audit(1761957790.473:282): table=filter:89 family=2 entries=14 op=nft_register_rule pid=3218 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 65.699329] audit: type=1300 audit(1761957790.473:282): arch=c000003e syscall=46 success=yes exit=5248 a0=3 a1=7ffe4b5d31a0 a2=0 a3=7ffe4b5d318c items=0 ppid=2891 pid=3218 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 65.726402] audit: type=1327 audit(1761957790.473:282): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 65.737395] audit: type=1325 audit(1761957790.498:283): table=nat:90 family=2 entries=12 op=nft_register_rule pid=3218 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 65.752408] audit: type=1300 audit(1761957790.498:283): arch=c000003e syscall=46 success=yes exit=2700 a0=3 a1=7ffe4b5d31a0 a2=0 a3=0 items=0 ppid=2891 pid=3218 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 70.080165] kauditd_printk_skb: 19 callbacks suppressed [ 70.080168] audit: type=1325 audit(1761957794.860:290): table=filter:97 family=2 entries=19 op=nft_register_rule pid=3226 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 70.089466] audit: type=1300 audit(1761957794.860:290): arch=c000003e syscall=46 success=yes exit=7480 a0=3 a1=7ffd284a9b70 a2=0 a3=7ffd284a9b5c items=0 ppid=2891 pid=3226 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 70.101187] audit: type=1327 audit(1761957794.860:290): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 70.107780] audit: type=1325 audit(1761957794.888:291): table=nat:98 family=2 entries=12 op=nft_register_rule pid=3226 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 70.122073] audit: type=1300 audit(1761957794.888:291): arch=c000003e syscall=46 success=yes exit=2700 a0=3 a1=7ffd284a9b70 a2=0 a3=0 items=0 ppid=2891 pid=3226 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 70.131264] audit: type=1327 audit(1761957794.888:291): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 71.262717] audit: type=1325 audit(1761957796.043:292): table=filter:99 family=2 entries=21 op=nft_register_rule pid=3228 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 71.270130] audit: type=1300 audit(1761957796.043:292): arch=c000003e syscall=46 success=yes exit=8224 a0=3 a1=7fff3ecfa420 a2=0 a3=7fff3ecfa40c items=0 ppid=2891 pid=3228 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 71.288443] audit: type=1327 audit(1761957796.043:292): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 71.293789] audit: type=1325 audit(1761957796.072:293): table=nat:100 family=2 entries=12 op=nft_register_rule pid=3228 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 81.239738] kauditd_printk_skb: 8 callbacks suppressed [ 81.239741] audit: type=1325 audit(1761957806.019:296): table=filter:103 family=2 entries=21 op=nft_register_rule pid=3718 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 81.249013] audit: type=1300 audit(1761957806.019:296): arch=c000003e syscall=46 success=yes exit=7480 a0=3 a1=7ffcace03270 a2=0 a3=7ffcace0325c items=0 ppid=2891 pid=3718 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 81.261479] audit: type=1327 audit(1761957806.019:296): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 81.269870] audit: type=1325 audit(1761957806.041:297): table=nat:104 family=2 entries=19 op=nft_register_chain pid=3718 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 81.277701] audit: type=1300 audit(1761957806.041:297): arch=c000003e syscall=46 success=yes exit=6276 a0=3 a1=7ffcace03270 a2=0 a3=7ffcace0325c items=0 ppid=2891 pid=3718 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 81.289768] audit: type=1327 audit(1761957806.041:297): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 88.588890] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information. [ 88.591146] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld . All Rights Reserved. [ 90.287049] audit: type=1400 audit(1761957815.067:298): avc: denied { write } for pid=4072 comm="tee" name="fd" dev="proc" ino=25514 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 [ 90.297391] audit: type=1300 audit(1761957815.067:298): arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=7ffe214717c5 a2=241 a3=1b6 items=1 ppid=4054 pid=4072 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) [ 90.312395] audit: type=1307 audit(1761957815.067:298): cwd="/etc/service/enabled/allocate-tunnel-addrs/log" [ 90.327488] audit: type=1302 audit(1761957815.067:298): item=0 name="/dev/fd/63" inode=24532 dev=00:0c mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 90.341431] audit: type=1327 audit(1761957815.067:298): proctitle=2F7573722F62696E2F636F72657574696C73002D2D636F72657574696C732D70726F672D73686562616E673D746565002F7573722F62696E2F746565002F6465762F66642F3633 [ 90.375238] audit: type=1400 audit(1761957815.155:299): avc: denied { write } for pid=4115 comm="tee" name="fd" dev="proc" ino=25613 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 [ 90.386118] audit: type=1300 audit(1761957815.155:299): arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=7fff1c8db7d6 a2=241 a3=1b6 items=1 ppid=4063 pid=4115 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) [ 90.420326] audit: type=1307 audit(1761957815.155:299): cwd="/etc/service/enabled/bird/log" [ 90.427325] audit: type=1302 audit(1761957815.155:299): item=0 name="/dev/fd/63" inode=25602 dev=00:0c mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 90.448126] audit: type=1400 audit(1761957815.185:300): avc: denied { write } for pid=4117 comm="tee" name="fd" dev="proc" ino=25519 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 This is ip-172-31-19-28 (Linux x86_64 5.15.192-flatcar) 00:43:36 SSH host key: SHA256:EwsX4cMv+jXXcUtxCmXtqR7krygJNc4cRcL+cfxoX08 (ED25519) SSH host key: SHA256:aT+uJ+uxUUpr7bOvDGtN91zkCJVUfJQBKXuLqA+X+vE (RSA) SSH host key: SHA256:O8U8dXdAUBkANPIwT8av43/+CwdLbOdKiq2tlKzFgMo (ECDSA) eth0: 172.31.19.28 fe80::4ba:38ff:fe40:ca2d ip-172-31-19-28 login: [ 92.683027] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 92.684830] IPv6: ADDRCONF(NETDEV_CHANGE): cali53aff5cf812: link becomes ready [ 93.894570] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 93.895976] IPv6: ADDRCONF(NETDEV_CHANGE): caliebcbe53047e: link becomes ready This is ip-172-31-19-28 (Linux x86_64 5.15.192-flatcar) 00:43:38 SSH host key: SHA256:EwsX4cMv+jXXcUtxCmXtqR7krygJNc4cRcL+cfxoX08 (ED25519) SSH host key: SHA256:aT+uJ+uxUUpr7bOvDGtN91zkCJVUfJQBKXuLqA+X+vE (RSA) SSH host key: SHA256:O8U8dXdAUBkANPIwT8av43/+CwdLbOdKiq2tlKzFgMo (ECDSA) eth0: 172.31.19.28 fe80::4ba:38ff:fe40:ca2d ip-172-31-19-28 login: [ 95.344870] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 95.346340] IPv6: ADDRCONF(NETDEV_CHANGE): cali98e527ed158: link becomes ready This is ip-172-31-19-28 (Linux x86_64 5.15.192-flatcar) 00:43:40 SSH host key: SHA256:EwsX4cMv+jXXcUtxCmXtqR7krygJNc4cRcL+cfxoX08 (ED25519) SSH host key: SHA256:aT+uJ+uxUUpr7bOvDGtN91zkCJVUfJQBKXuLqA+X+vE (RSA) SSH host key: SHA256:O8U8dXdAUBkANPIwT8av43/+CwdLbOdKiq2tlKzFgMo (ECDSA) eth0: 172.31.19.28 fe80::4ba:38ff:fe40:ca2d ip-172-31-19-28 login: [ 95.467581] IPv6: ADDRCONF(NETDEV_CHANGE): calie2a264c2bbd: link becomes ready [ 95.591503] IPv6: ADDRCONF(NETDEV_CHANGE): calib7f7db156e6: link becomes ready [ 95.704797] IPv6: ADDRCONF(NETDEV_CHANGE): cali1c5b8baa747: link becomes ready [ 95.798550] kauditd_printk_skb: 576 callbacks suppressed [ 95.798553] audit: type=1325 audit(1761957820.574:422): table=filter:115 family=2 entries=54 op=nft_register_chain pid=4807 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" [ 95.806777] audit: type=1300 audit(1761957820.574:422): arch=c000003e syscall=46 success=yes exit=29396 a0=3 a1=7ffe3f851b10 a2=0 a3=7ffe3f851afc items=0 ppid=4079 pid=4807 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 95.818787] audit: type=1327 audit(1761957820.574:422): proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 [ 95.979203] audit: type=1325 audit(1761957820.759:423): table=filter:116 family=2 entries=110 op=nft_register_chain pid=4852 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" [ 95.982596] audit: type=1300 audit(1761957820.759:423): arch=c000003e syscall=46 success=yes exit=62152 a0=3 a1=7ffe7e084bc0 a2=0 a3=7ffe7e084bac items=0 ppid=4079 pid=4852 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 95.993534] audit: type=1327 audit(1761957820.759:423): proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 [ 96.067144] audit: type=1325 audit(1761957820.845:424): table=filter:117 family=2 entries=20 op=nft_register_rule pid=4858 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 96.070675] audit: type=1300 audit(1761957820.845:424): arch=c000003e syscall=46 success=yes exit=7480 a0=3 a1=7ffd440b7e00 a2=0 a3=7ffd440b7dec items=0 ppid=2891 pid=4858 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 96.080397] audit: type=1327 audit(1761957820.845:424): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 96.090888] audit: type=1325 audit(1761957820.867:425): table=nat:118 family=2 entries=14 op=nft_register_rule pid=4858 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 96.313317] IPv6: ADDRCONF(NETDEV_CHANGE): cali6c5f1534742: link becomes ready This is ip-172-31-19-28 (Linux x86_64 5.15.192-flatcar) 00:43:41 SSH host key: SHA256:EwsX4cMv+jXXcUtxCmXtqR7krygJNc4cRcL+cfxoX08 (ED25519) SSH host key: SHA256:aT+uJ+uxUUpr7bOvDGtN91zkCJVUfJQBKXuLqA+X+vE (RSA) SSH host key: SHA256:O8U8dXdAUBkANPIwT8av43/+CwdLbOdKiq2tlKzFgMo (ECDSA) eth0: 172.31.19.28 fe80::4ba:38ff:fe40:ca2d ip-172-31-19-28 login: [ 96.881822] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 96.884476] IPv6: ADDRCONF(NETDEV_CHANGE): caliac721c63fb8: link becomes ready This is ip-172-31-19-28 (Linux x86_64 5.15.192-flatcar) 00:43:42 SSH host key: SHA256:EwsX4cMv+jXXcUtxCmXtqR7krygJNc4cRcL+cfxoX08 (ED25519) SSH host key: SHA256:aT+uJ+uxUUpr7bOvDGtN91zkCJVUfJQBKXuLqA+X+vE (RSA) SSH host key: SHA256:O8U8dXdAUBkANPIwT8av43/+CwdLbOdKiq2tlKzFgMo (ECDSA) eth0: 172.31.19.28 fe80::4ba:38ff:fe40:ca2d ip-172-31-19-28 login: This is ip-172-31-19-28 (Linux x86_64 5.15.192-flatcar) 00:43:43 SSH host key: SHA256:EwsX4cMv+jXXcUtxCmXtqR7krygJNc4cRcL+cfxoX08 (ED25519) SSH host key: SHA256:aT+uJ+uxUUpr7bOvDGtN91zkCJVUfJQBKXuLqA+X+vE (RSA) SSH host key: SHA256:O8U8dXdAUBkANPIwT8av43/+CwdLbOdKiq2tlKzFgMo (ECDSA) eth0: 172.31.19.28 fe80::4ba:38ff:fe40:ca2d ip-172-31-19-28 login: This is ip-172-31-19-28 (Linux x86_64 5.15.192-flatcar) 00:43:44 SSH host key: SHA256:EwsX4cMv+jXXcUtxCmXtqR7krygJNc4cRcL+cfxoX08 (ED25519) SSH host key: SHA256:aT+uJ+uxUUpr7bOvDGtN91zkCJVUfJQBKXuLqA+X+vE (RSA) SSH host key: SHA256:O8U8dXdAUBkANPIwT8av43/+CwdLbOdKiq2tlKzFgMo (ECDSA) eth0: 172.31.19.28 fe80::4ba:38ff:fe40:ca2d ip-172-31-19-28 login: [ 105.404699] kauditd_printk_skb: 37 callbacks suppressed [ 105.404703] audit: type=1130 audit(1761957830.185:443): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@9-172.31.19.28:22-147.75.109.163:53516 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 105.583648] audit: type=1101 audit(1761957830.364:444): pid=5146 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 105.588780] audit: type=1103 audit(1761957830.368:445): pid=5146 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 105.594836] audit: type=1006 audit(1761957830.369:446): pid=5146 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=10 res=1 [ 105.597958] audit: type=1300 audit(1761957830.369:446): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc98530260 a2=3 a3=0 items=0 ppid=1 pid=5146 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=10 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 105.603716] audit: type=1327 audit(1761957830.369:446): proctitle=737368643A20636F7265205B707269765D [ 105.614098] audit: type=1105 audit(1761957830.394:447): pid=5146 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 105.620660] audit: type=1103 audit(1761957830.396:448): pid=5149 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 105.866066] audit: type=1106 audit(1761957830.646:449): pid=5146 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 105.903066] audit: type=1104 audit(1761957830.646:450): pid=5146 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 111.855602] kauditd_printk_skb: 35 callbacks suppressed [ 111.855605] audit: type=1130 audit(1761957836.636:474): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@12-172.31.19.28:22-147.75.109.163:53528 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 112.080906] audit: type=1101 audit(1761957836.861:475): pid=5554 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 112.088674] audit: type=1103 audit(1761957836.869:476): pid=5554 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 112.096475] audit: type=1006 audit(1761957836.869:477): pid=5554 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=13 res=1 [ 112.104398] audit: type=1300 audit(1761957836.869:477): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe0b2be290 a2=3 a3=0 items=0 ppid=1 pid=5554 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=13 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 112.116560] audit: type=1327 audit(1761957836.869:477): proctitle=737368643A20636F7265205B707269765D [ 112.121272] audit: type=1105 audit(1761957836.897:478): pid=5554 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 112.129781] audit: type=1103 audit(1761957836.908:479): pid=5557 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 112.508437] audit: type=1106 audit(1761957837.288:480): pid=5554 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 112.519654] audit: type=1104 audit(1761957837.289:481): pid=5554 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 117.541102] kauditd_printk_skb: 1 callbacks suppressed [ 117.541106] audit: type=1130 audit(1761957842.321:483): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@13-172.31.19.28:22-147.75.109.163:50426 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 117.811199] audit: type=1101 audit(1761957842.583:484): pid=5572 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 117.849752] audit: type=1103 audit(1761957842.630:485): pid=5572 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 117.878924] audit: type=1006 audit(1761957842.631:486): pid=5572 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=14 res=1 [ 117.900873] audit: type=1300 audit(1761957842.631:486): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffed3b592f0 a2=3 a3=0 items=0 ppid=1 pid=5572 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 117.935004] audit: type=1327 audit(1761957842.631:486): proctitle=737368643A20636F7265205B707269765D [ 117.946086] audit: type=1105 audit(1761957842.722:487): pid=5572 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 117.955193] audit: type=1103 audit(1761957842.725:488): pid=5575 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 118.290046] audit: type=1106 audit(1761957843.070:489): pid=5572 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 118.308786] audit: type=1104 audit(1761957843.070:490): pid=5572 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 123.312096] kauditd_printk_skb: 1 callbacks suppressed [ 123.312099] audit: type=1130 audit(1761957848.092:492): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-172.31.19.28:22-147.75.109.163:50436 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 123.473327] audit: type=1101 audit(1761957848.253:493): pid=5585 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 123.480739] audit: type=1103 audit(1761957848.261:494): pid=5585 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 123.488083] audit: type=1006 audit(1761957848.261:495): pid=5585 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=15 res=1 [ 123.492233] audit: type=1300 audit(1761957848.261:495): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffe910ecf10 a2=3 a3=0 items=0 ppid=1 pid=5585 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=15 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 123.502117] audit: type=1327 audit(1761957848.261:495): proctitle=737368643A20636F7265205B707269765D [ 123.505582] audit: type=1105 audit(1761957848.280:496): pid=5585 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 123.516948] audit: type=1103 audit(1761957848.282:497): pid=5588 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 123.698755] audit: type=1106 audit(1761957848.479:498): pid=5585 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 123.706791] audit: type=1104 audit(1761957848.480:499): pid=5585 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 128.722654] kauditd_printk_skb: 1 callbacks suppressed [ 128.722656] audit: type=1130 audit(1761957853.503:501): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-172.31.19.28:22-147.75.109.163:52068 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 128.890925] audit: type=1101 audit(1761957853.671:502): pid=5598 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 128.899047] audit: type=1103 audit(1761957853.679:503): pid=5598 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 128.907399] audit: type=1006 audit(1761957853.679:504): pid=5598 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=16 res=1 [ 128.912338] audit: type=1300 audit(1761957853.679:504): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc94390dc0 a2=3 a3=0 items=0 ppid=1 pid=5598 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=16 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 128.926368] audit: type=1327 audit(1761957853.679:504): proctitle=737368643A20636F7265205B707269765D [ 128.931143] audit: type=1105 audit(1761957853.711:505): pid=5598 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 128.941132] audit: type=1103 audit(1761957853.716:506): pid=5601 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 129.166478] audit: type=1106 audit(1761957853.947:507): pid=5598 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 129.183229] audit: type=1104 audit(1761957853.947:508): pid=5598 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 134.708381] kauditd_printk_skb: 20 callbacks suppressed [ 134.708385] audit: type=1106 audit(1761957859.487:525): pid=5646 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 134.739025] audit: type=1104 audit(1761957859.487:526): pid=5646 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 134.757116] audit: type=1131 audit(1761957859.502:527): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@17-172.31.19.28:22-147.75.109.163:52074 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 134.766467] audit: type=1130 audit(1761957859.512:528): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@18-172.31.19.28:22-147.75.109.163:52084 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 134.780429] audit: type=1325 audit(1761957859.541:529): table=filter:131 family=2 entries=26 op=nft_register_rule pid=5664 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 134.786502] audit: type=1300 audit(1761957859.541:529): arch=c000003e syscall=46 success=yes exit=14176 a0=3 a1=7ffc99cfae50 a2=0 a3=7ffc99cfae3c items=0 ppid=2891 pid=5664 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 134.800732] audit: type=1327 audit(1761957859.541:529): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 134.807155] audit: type=1325 audit(1761957859.564:530): table=nat:132 family=2 entries=20 op=nft_register_rule pid=5664 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 134.817827] audit: type=1300 audit(1761957859.564:530): arch=c000003e syscall=46 success=yes exit=5772 a0=3 a1=7ffc99cfae50 a2=0 a3=0 items=0 ppid=2891 pid=5664 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 134.831345] audit: type=1327 audit(1761957859.564:530): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 140.355498] kauditd_printk_skb: 27 callbacks suppressed [ 140.355501] audit: type=1325 audit(1761957865.135:550): table=filter:135 family=2 entries=26 op=nft_register_rule pid=5696 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 140.362376] audit: type=1300 audit(1761957865.135:550): arch=c000003e syscall=46 success=yes exit=5248 a0=3 a1=7fffc8c97570 a2=0 a3=7fffc8c9755c items=0 ppid=2891 pid=5696 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 140.372971] audit: type=1327 audit(1761957865.135:550): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 140.377420] audit: type=1325 audit(1761957865.147:551): table=nat:136 family=2 entries=104 op=nft_register_chain pid=5696 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 140.382101] audit: type=1300 audit(1761957865.147:551): arch=c000003e syscall=46 success=yes exit=48684 a0=3 a1=7fffc8c97570 a2=0 a3=7fffc8c9755c items=0 ppid=2891 pid=5696 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 140.391590] audit: type=1327 audit(1761957865.147:551): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 141.454273] audit: type=1130 audit(1761957866.234:552): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@20-172.31.19.28:22-147.75.109.163:51406 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 141.610306] audit: type=1101 audit(1761957866.390:553): pid=5697 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 141.620737] audit: type=1103 audit(1761957866.399:554): pid=5697 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 141.631815] audit: type=1006 audit(1761957866.399:555): pid=5697 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=21 res=1 [ 146.874612] kauditd_printk_skb: 7 callbacks suppressed [ 146.874616] audit: type=1130 audit(1761957871.653:561): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@21-172.31.19.28:22-147.75.109.163:39808 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 147.072407] audit: type=1101 audit(1761957871.851:562): pid=5712 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 147.084978] audit: type=1103 audit(1761957871.852:563): pid=5712 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 147.096537] audit: type=1006 audit(1761957871.852:564): pid=5712 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=22 res=1 [ 147.103353] audit: type=1300 audit(1761957871.852:564): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd9589e290 a2=3 a3=0 items=0 ppid=1 pid=5712 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=22 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 147.115507] audit: type=1327 audit(1761957871.852:564): proctitle=737368643A20636F7265205B707269765D [ 147.128698] audit: type=1105 audit(1761957871.906:565): pid=5712 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 147.140433] audit: type=1103 audit(1761957871.908:566): pid=5715 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 147.511937] audit: type=1106 audit(1761957872.290:567): pid=5712 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 147.538168] audit: type=1104 audit(1761957872.291:568): pid=5712 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 152.527166] kauditd_printk_skb: 1 callbacks suppressed [ 152.527169] audit: type=1130 audit(1761957877.307:570): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@22-172.31.19.28:22-147.75.109.163:39822 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 152.723499] audit: type=1101 audit(1761957877.504:571): pid=5725 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 152.744344] audit: type=1103 audit(1761957877.513:572): pid=5725 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 152.759347] audit: type=1006 audit(1761957877.524:573): pid=5725 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=23 res=1 [ 152.772341] audit: type=1300 audit(1761957877.524:573): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffee589eab0 a2=3 a3=0 items=0 ppid=1 pid=5725 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=23 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 152.785030] audit: type=1327 audit(1761957877.524:573): proctitle=737368643A20636F7265205B707269765D [ 152.789678] audit: type=1105 audit(1761957877.564:574): pid=5725 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 152.799038] audit: type=1103 audit(1761957877.565:575): pid=5728 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 153.218817] audit: type=1106 audit(1761957877.999:576): pid=5725 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 153.228895] audit: type=1104 audit(1761957877.999:577): pid=5725 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 158.243074] kauditd_printk_skb: 1 callbacks suppressed [ 158.243077] audit: type=1130 audit(1761957883.023:579): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@23-172.31.19.28:22-147.75.109.163:45844 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 158.421453] audit: type=1101 audit(1761957883.202:580): pid=5737 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 158.441135] audit: type=1103 audit(1761957883.211:581): pid=5737 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 158.451656] audit: type=1006 audit(1761957883.211:582): pid=5737 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=24 res=1 [ 158.457629] audit: type=1300 audit(1761957883.211:582): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffbb48e590 a2=3 a3=0 items=0 ppid=1 pid=5737 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=24 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 158.468558] audit: type=1327 audit(1761957883.211:582): proctitle=737368643A20636F7265205B707269765D [ 158.481718] audit: type=1105 audit(1761957883.259:583): pid=5737 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 158.493285] audit: type=1103 audit(1761957883.261:584): pid=5740 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 158.907475] audit: type=1106 audit(1761957883.688:585): pid=5737 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 158.924965] audit: type=1104 audit(1761957883.697:586): pid=5737 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 163.929556] kauditd_printk_skb: 1 callbacks suppressed [ 163.929559] audit: type=1130 audit(1761957888.710:588): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@24-172.31.19.28:22-147.75.109.163:45852 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 164.135981] audit: type=1101 audit(1761957888.915:589): pid=5770 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 164.143353] audit: type=1103 audit(1761957888.916:590): pid=5770 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 164.150252] audit: type=1006 audit(1761957888.916:591): pid=5770 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=25 res=1 [ 164.154210] audit: type=1300 audit(1761957888.916:591): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffe61952e0 a2=3 a3=0 items=0 ppid=1 pid=5770 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=25 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 164.161797] audit: type=1327 audit(1761957888.916:591): proctitle=737368643A20636F7265205B707269765D [ 164.184971] audit: type=1105 audit(1761957888.965:592): pid=5770 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 164.195896] audit: type=1103 audit(1761957888.975:593): pid=5773 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 164.590423] audit: type=1106 audit(1761957889.371:594): pid=5770 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 164.616425] audit: type=1104 audit(1761957889.383:595): pid=5770 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 169.615904] kauditd_printk_skb: 1 callbacks suppressed [ 169.615907] audit: type=1130 audit(1761957894.396:597): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@25-172.31.19.28:22-147.75.109.163:50132 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 169.814031] audit: type=1101 audit(1761957894.592:598): pid=5786 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 169.838423] audit: type=1103 audit(1761957894.594:599): pid=5786 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 169.858285] audit: type=1006 audit(1761957894.594:600): pid=5786 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=26 res=1 [ 169.864642] audit: type=1300 audit(1761957894.594:600): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff6b870930 a2=3 a3=0 items=0 ppid=1 pid=5786 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=26 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 169.876272] audit: type=1327 audit(1761957894.594:600): proctitle=737368643A20636F7265205B707269765D [ 169.881046] audit: type=1105 audit(1761957894.634:601): pid=5786 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 169.892584] audit: type=1103 audit(1761957894.637:602): pid=5789 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 170.157353] audit: type=1106 audit(1761957894.936:603): pid=5786 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 170.174507] audit: type=1104 audit(1761957894.936:604): pid=5786 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success'