et" subj=system_u:system_r:kernel_t:s0 key=(null) [ 74.826210] audit: type=1327 audit(1761955923.779:810): proctitle=2F7573722F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 74.841186] audit: type=1400 audit(1761955923.779:811): avc: denied { mac_admin } for pid=2832 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 74.853063] audit: type=1401 audit(1761955923.779:811): op=setxattr invalid_context="system_u:object_r:container_file_t:s0" [ 74.860642] audit: type=1300 audit(1761955923.779:811): arch=c00000b7 syscall=5 success=no exit=-22 a0=40006b6ea0 a1=40004e27e0 a2=40003ed140 a3=25 items=0 ppid=1 pid=2832 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kubelet" exe="/usr/bin/kubelet" subj=system_u:system_r:kernel_t:s0 key=(null) [ 74.876948] audit: type=1327 audit(1761955923.779:811): proctitle=2F7573722F62696E2F6B7562656C6574002D2D626F6F7473747261702D6B756265636F6E6669673D2F6574632F6B756265726E657465732F626F6F7473747261702D6B7562656C65742E636F6E66002D2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F6B7562656C65742E636F6E66002D2D636F6E6669 [ 75.071792] audit: type=1400 audit(1761955924.068:812): avc: denied { mac_admin } for pid=2832 comm="kubelet" capability=33 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 79.750099] kauditd_printk_skb: 18 callbacks suppressed [ 79.750103] audit: type=1400 audit(1761955928.747:818): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 79.762081] audit: type=1400 audit(1761955928.747:819): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 79.770304] audit: type=1400 audit(1761955928.747:820): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 79.778249] audit: type=1400 audit(1761955928.747:821): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 79.786260] audit: type=1400 audit(1761955928.747:822): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 79.795631] audit: type=1400 audit(1761955928.747:823): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 79.804207] audit: type=1400 audit(1761955928.747:824): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 79.815550] audit: type=1400 audit(1761955928.747:825): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 79.824480] audit: type=1400 audit(1761955928.747:826): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 79.832492] audit: type=1400 audit(1761955928.749:827): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 85.090389] kauditd_printk_skb: 300 callbacks suppressed [ 85.090394] audit: type=1400 audit(1761955934.087:911): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 85.100708] audit: type=1400 audit(1761955934.090:912): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 85.109244] audit: type=1400 audit(1761955934.090:913): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 85.117304] audit: type=1400 audit(1761955934.090:914): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 85.125868] audit: type=1400 audit(1761955934.090:915): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 85.136183] audit: type=1400 audit(1761955934.090:916): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 85.144253] audit: type=1400 audit(1761955934.090:917): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 85.153046] audit: type=1400 audit(1761955934.090:918): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 85.163733] audit: type=1400 audit(1761955934.090:919): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 85.174905] audit: type=1400 audit(1761955934.097:920): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 92.023237] kauditd_printk_skb: 47 callbacks suppressed [ 92.023242] audit: type=1106 audit(1761955941.020:929): pid=2100 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 92.037614] audit: type=1104 audit(1761955941.020:930): pid=2100 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 92.060303] audit: type=1106 audit(1761955941.057:931): pid=2097 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 92.081736] audit: type=1104 audit(1761955941.057:932): pid=2097 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 92.099168] audit: type=1131 audit(1761955941.072:933): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@6-172.31.24.47:22-147.75.109.163:44964 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 98.282729] audit: type=1325 audit(1761955947.279:934): table=filter:89 family=2 entries=15 op=nft_register_rule pid=3218 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 98.289917] audit: type=1300 audit(1761955947.279:934): arch=c00000b7 syscall=211 success=yes exit=5992 a0=3 a1=ffffcd078440 a2=0 a3=1 items=0 ppid=2988 pid=3218 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 98.303815] audit: type=1327 audit(1761955947.279:934): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 98.315845] audit: type=1325 audit(1761955947.312:935): table=nat:90 family=2 entries=12 op=nft_register_rule pid=3218 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 98.322284] audit: type=1300 audit(1761955947.312:935): arch=c00000b7 syscall=211 success=yes exit=2700 a0=3 a1=ffffcd078440 a2=0 a3=1 items=0 ppid=2988 pid=3218 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 98.335594] audit: type=1327 audit(1761955947.312:935): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 98.394925] audit: type=1325 audit(1761955947.389:936): table=filter:91 family=2 entries=16 op=nft_register_rule pid=3220 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 98.401656] audit: type=1300 audit(1761955947.389:936): arch=c00000b7 syscall=211 success=yes exit=5992 a0=3 a1=ffffe333ecb0 a2=0 a3=1 items=0 ppid=2988 pid=3220 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 98.415457] audit: type=1327 audit(1761955947.389:936): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 98.438949] audit: type=1325 audit(1761955947.428:937): table=nat:92 family=2 entries=12 op=nft_register_rule pid=3220 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 104.126100] kauditd_printk_skb: 2 callbacks suppressed [ 104.126104] audit: type=1325 audit(1761955953.120:938): table=filter:93 family=2 entries=17 op=nft_register_rule pid=3222 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 104.135464] audit: type=1300 audit(1761955953.120:938): arch=c00000b7 syscall=211 success=yes exit=6736 a0=3 a1=fffff726d290 a2=0 a3=1 items=0 ppid=2988 pid=3222 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 104.151761] audit: type=1327 audit(1761955953.120:938): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 104.163488] audit: type=1325 audit(1761955953.160:939): table=nat:94 family=2 entries=12 op=nft_register_rule pid=3222 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 104.171810] audit: type=1300 audit(1761955953.160:939): arch=c00000b7 syscall=211 success=yes exit=2700 a0=3 a1=fffff726d290 a2=0 a3=1 items=0 ppid=2988 pid=3222 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 104.184731] audit: type=1327 audit(1761955953.160:939): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 104.203433] audit: type=1325 audit(1761955953.200:940): table=filter:95 family=2 entries=18 op=nft_register_rule pid=3224 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 104.210237] audit: type=1300 audit(1761955953.200:940): arch=c00000b7 syscall=211 success=yes exit=6736 a0=3 a1=ffffcb59adb0 a2=0 a3=1 items=0 ppid=2988 pid=3224 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 104.222602] audit: type=1327 audit(1761955953.200:940): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 104.233710] audit: type=1325 audit(1761955953.226:941): table=nat:96 family=2 entries=12 op=nft_register_rule pid=3224 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 109.222823] kauditd_printk_skb: 26 callbacks suppressed [ 109.222828] audit: type=1400 audit(1761955958.219:950): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 109.234910] audit: type=1400 audit(1761955958.219:951): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 109.244571] audit: type=1400 audit(1761955958.219:952): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 109.254696] audit: type=1400 audit(1761955958.219:953): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 109.265719] audit: type=1400 audit(1761955958.219:954): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 109.278470] audit: type=1400 audit(1761955958.219:955): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 109.287245] audit: type=1400 audit(1761955958.219:956): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 109.295897] audit: type=1400 audit(1761955958.219:957): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 109.304587] audit: type=1400 audit(1761955958.219:958): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 109.313716] audit: type=1400 audit(1761955958.219:959): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 115.238297] kauditd_printk_skb: 211 callbacks suppressed [ 115.238302] audit: type=1325 audit(1761955964.235:1013): table=filter:107 family=2 entries=21 op=nft_register_rule pid=3511 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 115.246763] audit: type=1300 audit(1761955964.235:1013): arch=c00000b7 syscall=211 success=yes exit=7480 a0=3 a1=ffffc9a28b60 a2=0 a3=1 items=0 ppid=2988 pid=3511 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 115.259268] audit: type=1327 audit(1761955964.235:1013): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 115.265392] audit: type=1325 audit(1761955964.260:1014): table=nat:108 family=2 entries=19 op=nft_register_chain pid=3511 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 115.271838] audit: type=1300 audit(1761955964.260:1014): arch=c00000b7 syscall=211 success=yes exit=6276 a0=3 a1=ffffc9a28b60 a2=0 a3=1 items=0 ppid=2988 pid=3511 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 115.284103] audit: type=1327 audit(1761955964.260:1014): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 118.494768] audit: type=1400 audit(1761955967.492:1015): avc: denied { perfmon } for pid=3521 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 118.502981] audit: type=1300 audit(1761955967.492:1015): arch=c00000b7 syscall=280 success=yes exit=15 a0=0 a1=400019d5a0 a2=3c a3=0 items=0 ppid=3289 pid=3521 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 118.515104] audit: type=1327 audit(1761955967.492:1015): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3038313439316363366563643534636332313439366165643931656432 [ 118.526061] audit: type=1400 audit(1761955967.492:1016): avc: denied { bpf } for pid=3521 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 129.482832] kauditd_printk_skb: 40 callbacks suppressed [ 129.482836] audit: type=1400 audit(1761955978.480:1022): avc: denied { watch } for pid=2700 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="nvme0n1p9" ino=521021 scontext=system_u:system_r:svirt_lxc_net_t:s0:c289,c761 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 129.494896] audit: type=1400 audit(1761955978.480:1023): avc: denied { watch } for pid=2700 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="nvme0n1p9" ino=521025 scontext=system_u:system_r:svirt_lxc_net_t:s0:c289,c761 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 129.505158] audit: type=1300 audit(1761955978.480:1023): arch=c00000b7 syscall=27 success=no exit=-13 a0=6c a1=400f4c7fb0 a2=fc6 a3=0 items=0 ppid=2459 pid=2700 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c289,c761 key=(null) [ 129.517879] audit: type=1327 audit(1761955978.480:1023): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D3137322E33312E32342E3437002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B7562 [ 129.528830] audit: type=1400 audit(1761955978.480:1024): avc: denied { watch } for pid=2700 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=521019 scontext=system_u:system_r:svirt_lxc_net_t:s0:c289,c761 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 129.538799] audit: type=1300 audit(1761955978.480:1024): arch=c00000b7 syscall=27 success=no exit=-13 a0=6c a1=400f725240 a2=fc6 a3=0 items=0 ppid=2459 pid=2700 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c289,c761 key=(null) [ 129.551468] audit: type=1327 audit(1761955978.480:1024): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D3137322E33312E32342E3437002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B7562 [ 129.562471] audit: type=1300 audit(1761955978.480:1022): arch=c00000b7 syscall=27 success=no exit=-13 a0=6b a1=400f5ed560 a2=fc6 a3=0 items=0 ppid=2459 pid=2700 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c289,c761 key=(null) [ 129.575114] audit: type=1327 audit(1761955978.480:1022): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D3137322E33312E32342E3437002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B7562 [ 129.586073] audit: type=1400 audit(1761955978.492:1025): avc: denied { watch } for pid=2700 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="nvme0n1p9" ino=521027 scontext=system_u:system_r:svirt_lxc_net_t:s0:c289,c761 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 131.625239] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information. [ 131.628230] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld . All Rights Reserved. [ 133.638041] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 133.640807] IPv6: ADDRCONF(NETDEV_CHANGE): cali7204fe04d62: link becomes ready [ 134.260688] IPv6: ADDRCONF(NETDEV_CHANGE): cali5dd34f1a838: link becomes ready [ 134.519984] kauditd_printk_skb: 125 callbacks suppressed [ 134.519988] audit: type=1400 audit(1761955983.517:1063): avc: denied { write } for pid=4275 comm="tee" name="fd" dev="proc" ino=22086 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dir permissive=0 [ 134.533249] audit: type=1300 audit(1761955983.517:1063): arch=c00000b7 syscall=56 success=yes exit=3 a0=ffffffffffffff9c a1=ffffc4b297d7 a2=241 a3=1b6 items=1 ppid=4214 pid=4275 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="tee" exe="/usr/bin/coreutils" subj=system_u:system_r:kernel_t:s0 key=(null) [ 134.546540] audit: type=1307 audit(1761955983.517:1063): cwd="/etc/service/enabled/cni/log" [ 134.550421] audit: type=1302 audit(1761955983.517:1063): item=0 name="/dev/fd/63" inode=22077 dev=00:0b mode=010600 ouid=0 ogid=0 rdev=00:00 obj=system_u:system_r:kernel_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 134.560421] audit: type=1327 audit(1761955983.517:1063): proctitle=2F7573722F62696E2F636F72657574696C73002D2D636F72657574696C732D70726F672D73686562616E673D746565002F7573722F62696E2F746565002F6465762F66642F3633 [ 134.674738] audit: type=1400 audit(1761955983.671:1064): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 134.682433] audit: type=1400 audit(1761955983.671:1065): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 134.693131] audit: type=1400 audit(1761955983.671:1066): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 134.728851] audit: type=1400 audit(1761955983.671:1067): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 134.747065] audit: type=1400 audit(1761955983.671:1068): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 134.882871] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 134.885377] IPv6: ADDRCONF(NETDEV_CHANGE): cali8b02372fdd6: link becomes ready [ 135.822003] IPv6: ADDRCONF(NETDEV_CHANGE): cali4b1ddad55d0: link becomes ready This is ip-172-31-24-47 (Linux aarch64 5.15.192-flatcar) 00:13:05 SSH host key: SHA256:kJ7wlNCGc4VXK7GCEa/K/mtFVNDjkgrGR3QZu8BcYps (RSA) SSH host key: SHA256:4hIHfbkVtgP0yzmi15Sgrdxewt46up8yJEBz2ov1AaA (ED25519) SSH host key: SHA256:mf4mXzSkrgG7AanZhDK4JoDw8lTYIjHMpBXWSYmuTrI (ECDSA) eth0: 172.31.24.47 fe80::45c:34ff:fe0b:cfe5 ip-172-31-24-47 login: [ 137.586854] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 137.589324] IPv6: ADDRCONF(NETDEV_CHANGE): cali32c22eab15c: link becomes ready This is ip-172-31-24-47 (Linux aarch64 5.15.192-flatcar) 00:13:06 SSH host key: SHA256:kJ7wlNCGc4VXK7GCEa/K/mtFVNDjkgrGR3QZu8BcYps (RSA) SSH host key: SHA256:4hIHfbkVtgP0yzmi15Sgrdxewt46up8yJEBz2ov1AaA (ED25519) SSH host key: SHA256:mf4mXzSkrgG7AanZhDK4JoDw8lTYIjHMpBXWSYmuTrI (ECDSA) eth0: 172.31.24.47 fe80::45c:34ff:fe0b:cfe5 ip-172-31-24-47 login: [ 138.435655] IPv6: ADDRCONF(NETDEV_CHANGE): calid21f6a348b3: link becomes ready This is ip-172-31-24-47 (Linux aarch64 5.15.192-flatcar) 00:13:07 SSH host key: SHA256:kJ7wlNCGc4VXK7GCEa/K/mtFVNDjkgrGR3QZu8BcYps (RSA) SSH host key: SHA256:4hIHfbkVtgP0yzmi15Sgrdxewt46up8yJEBz2ov1AaA (ED25519) SSH host key: SHA256:mf4mXzSkrgG7AanZhDK4JoDw8lTYIjHMpBXWSYmuTrI (ECDSA) eth0: 172.31.24.47 fe80::45c:34ff:fe0b:cfe5 ip-172-31-24-47 login: [ 138.743557] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 138.745980] IPv6: ADDRCONF(NETDEV_CHANGE): calia901c24fd98: link becomes ready [ 139.130202] IPv6: ADDRCONF(NETDEV_CHANGE): cali46a14ec6bdd: link becomes ready [ 139.568389] kauditd_printk_skb: 423 callbacks suppressed [ 139.568394] audit: type=1400 audit(1761955988.565:1199): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 139.581959] audit: type=1400 audit(1761955988.576:1200): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 139.593064] audit: audit_backlog=65 > audit_backlog_limit=64 [ 139.595276] audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=64 [ 139.595327] audit: audit_backlog=65 > audit_backlog_limit=64 [ 139.598401] audit: type=1400 audit(1761955988.576:1201): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 139.607805] audit: backlog limit exceeded [ 139.610837] audit: audit_backlog=65 > audit_backlog_limit=64 [ 139.613471] audit: audit_lost=3 audit_rate_limit=0 audit_backlog_limit=64 [ 139.615518] audit: audit_lost=4 audit_rate_limit=0 audit_backlog_limit=64 This is ip-172-31-24-47 (Linux aarch64 5.15.192-flatcar) 00:13:08 SSH host key: SHA256:kJ7wlNCGc4VXK7GCEa/K/mtFVNDjkgrGR3QZu8BcYps (RSA) SSH host key: SHA256:4hIHfbkVtgP0yzmi15Sgrdxewt46up8yJEBz2ov1AaA (ED25519) SSH host key: SHA256:mf4mXzSkrgG7AanZhDK4JoDw8lTYIjHMpBXWSYmuTrI (ECDSA) eth0: 172.31.24.47 fe80::45c:34ff:fe0b:cfe5 ip-172-31-24-47 login: This is ip-172-31-24-47 (Linux aarch64 5.15.192-flatcar) 00:13:09 SSH host key: SHA256:kJ7wlNCGc4VXK7GCEa/K/mtFVNDjkgrGR3QZu8BcYps (RSA) SSH host key: SHA256:4hIHfbkVtgP0yzmi15Sgrdxewt46up8yJEBz2ov1AaA (ED25519) SSH host key: SHA256:mf4mXzSkrgG7AanZhDK4JoDw8lTYIjHMpBXWSYmuTrI (ECDSA) eth0: 172.31.24.47 fe80::45c:34ff:fe0b:cfe5 ip-172-31-24-47 login: This is ip-172-31-24-47 (Linux aarch64 5.15.192-flatcar) 00:13:10 SSH host key: SHA256:kJ7wlNCGc4VXK7GCEa/K/mtFVNDjkgrGR3QZu8BcYps (RSA) SSH host key: SHA256:4hIHfbkVtgP0yzmi15Sgrdxewt46up8yJEBz2ov1AaA (ED25519) SSH host key: SHA256:mf4mXzSkrgG7AanZhDK4JoDw8lTYIjHMpBXWSYmuTrI (ECDSA) eth0: 172.31.24.47 fe80::45c:34ff:fe0b:cfe5 ip-172-31-24-47 login: This is ip-172-31-24-47 (Linux aarch64 5.15.192-flatcar) 00:13:11 SSH host key: SHA256:kJ7wlNCGc4VXK7GCEa/K/mtFVNDjkgrGR3QZu8BcYps (RSA) SSH host key: SHA256:4hIHfbkVtgP0yzmi15Sgrdxewt46up8yJEBz2ov1AaA (ED25519) SSH host key: SHA256:mf4mXzSkrgG7AanZhDK4JoDw8lTYIjHMpBXWSYmuTrI (ECDSA) eth0: 172.31.24.47 fe80::45c:34ff:fe0b:cfe5 ip-172-31-24-47 login: This is ip-172-31-24-47 (Linux aarch64 5.15.192-flatcar) 00:13:12 SSH host key: SHA256:kJ7wlNCGc4VXK7GCEa/K/mtFVNDjkgrGR3QZu8BcYps (RSA) SSH host key: SHA256:4hIHfbkVtgP0yzmi15Sgrdxewt46up8yJEBz2ov1AaA (ED25519) SSH host key: SHA256:mf4mXzSkrgG7AanZhDK4JoDw8lTYIjHMpBXWSYmuTrI (ECDSA) eth0: 172.31.24.47 fe80::45c:34ff:fe0b:cfe5 ip-172-31-24-47 login: [ 144.614693] kauditd_printk_skb: 724 callbacks suppressed [ 144.614698] audit: type=1106 audit(1761955993.611:1362): pid=5158 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 144.630298] audit: type=1104 audit(1761955993.612:1363): pid=5158 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 144.641185] audit: type=1131 audit(1761955993.614:1364): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@9-172.31.24.47:22-147.75.109.163:52044 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 149.642718] audit: type=1130 audit(1761955998.640:1365): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@10-172.31.24.47:22-147.75.109.163:52052 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 149.813886] audit: type=1101 audit(1761955998.811:1366): pid=5180 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 149.826968] audit: type=1103 audit(1761955998.823:1367): pid=5180 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 149.837494] audit: type=1006 audit(1761955998.824:1368): pid=5180 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=11 res=1 [ 149.844167] audit: type=1300 audit(1761955998.824:1368): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffd96ad580 a2=3 a3=1 items=0 ppid=1 pid=5180 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=11 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 149.855361] audit: type=1327 audit(1761955998.824:1368): proctitle=737368643A20636F7265205B707269765D [ 149.878405] audit: type=1105 audit(1761955998.875:1369): pid=5180 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 149.890274] audit: type=1103 audit(1761955998.876:1370): pid=5182 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 150.129903] audit: type=1106 audit(1761955999.127:1371): pid=5180 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 150.142219] audit: type=1104 audit(1761955999.127:1372): pid=5180 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 156.255008] kauditd_printk_skb: 23 callbacks suppressed [ 156.255012] audit: type=1130 audit(1761956005.252:1392): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@13-172.31.24.47:22-147.75.109.163:37806 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 156.432243] audit: type=1101 audit(1761956005.429:1393): pid=5226 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 156.444967] audit: type=1103 audit(1761956005.442:1394): pid=5226 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 156.455835] audit: type=1006 audit(1761956005.443:1395): pid=5226 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=14 res=1 [ 156.461908] audit: type=1300 audit(1761956005.443:1395): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffdfd47890 a2=3 a3=1 items=0 ppid=1 pid=5226 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 156.476766] audit: type=1327 audit(1761956005.443:1395): proctitle=737368643A20636F7265205B707269765D [ 156.502808] audit: type=1105 audit(1761956005.500:1396): pid=5226 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 156.521256] audit: type=1103 audit(1761956005.503:1397): pid=5228 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 156.817629] audit: type=1106 audit(1761956005.815:1398): pid=5226 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 156.829991] audit: type=1104 audit(1761956005.815:1399): pid=5226 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 161.848806] kauditd_printk_skb: 1 callbacks suppressed [ 161.848811] audit: type=1130 audit(1761956010.846:1401): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-172.31.24.47:22-147.75.109.163:37658 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 162.026967] audit: type=1101 audit(1761956011.024:1402): pid=5247 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 162.040594] audit: type=1103 audit(1761956011.037:1403): pid=5247 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 162.050492] audit: type=1006 audit(1761956011.037:1404): pid=5247 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=15 res=1 [ 162.057017] audit: type=1300 audit(1761956011.037:1404): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffdca26920 a2=3 a3=1 items=0 ppid=1 pid=5247 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=15 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 162.067897] audit: type=1327 audit(1761956011.037:1404): proctitle=737368643A20636F7265205B707269765D [ 162.077925] audit: type=1105 audit(1761956011.075:1405): pid=5247 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 162.089721] audit: type=1103 audit(1761956011.078:1406): pid=5249 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 162.350595] audit: type=1106 audit(1761956011.348:1407): pid=5247 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 162.365262] audit: type=1104 audit(1761956011.348:1408): pid=5247 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 167.368390] kauditd_printk_skb: 1 callbacks suppressed [ 167.368395] audit: type=1130 audit(1761956016.366:1410): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-172.31.24.47:22-147.75.109.163:37672 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 167.554132] audit: type=1101 audit(1761956016.551:1411): pid=5281 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 167.564706] audit: type=1103 audit(1761956016.551:1412): pid=5281 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 167.576531] audit: type=1006 audit(1761956016.551:1413): pid=5281 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=16 res=1 [ 167.583236] audit: type=1300 audit(1761956016.551:1413): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff0a950c0 a2=3 a3=1 items=0 ppid=1 pid=5281 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=16 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 167.595330] audit: type=1327 audit(1761956016.551:1413): proctitle=737368643A20636F7265205B707269765D [ 167.600160] audit: type=1105 audit(1761956016.580:1414): pid=5281 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 167.612128] audit: type=1103 audit(1761956016.597:1415): pid=5283 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 167.862174] audit: type=1106 audit(1761956016.859:1416): pid=5281 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 167.874335] audit: type=1104 audit(1761956016.860:1417): pid=5281 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 172.892610] kauditd_printk_skb: 1 callbacks suppressed [ 172.892615] audit: type=1130 audit(1761956021.890:1419): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@16-172.31.24.47:22-147.75.109.163:46004 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 173.080944] audit: type=1101 audit(1761956022.078:1420): pid=5297 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 173.095374] audit: type=1103 audit(1761956022.092:1421): pid=5297 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 173.105548] audit: type=1006 audit(1761956022.093:1422): pid=5297 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=17 res=1 [ 173.111792] audit: type=1300 audit(1761956022.093:1422): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffd6491a80 a2=3 a3=1 items=0 ppid=1 pid=5297 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=17 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 173.123563] audit: type=1327 audit(1761956022.093:1422): proctitle=737368643A20636F7265205B707269765D [ 173.128666] audit: type=1105 audit(1761956022.122:1423): pid=5297 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 173.141803] audit: type=1103 audit(1761956022.138:1424): pid=5299 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 173.425179] audit: type=1106 audit(1761956022.422:1425): pid=5297 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 173.437710] audit: type=1104 audit(1761956022.422:1426): pid=5297 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 178.457777] kauditd_printk_skb: 1 callbacks suppressed [ 178.457782] audit: type=1130 audit(1761956027.454:1428): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@17-172.31.24.47:22-147.75.109.163:46006 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 178.630642] audit: type=1101 audit(1761956027.628:1429): pid=5309 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 178.643909] audit: type=1103 audit(1761956027.641:1430): pid=5309 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 178.654134] audit: type=1006 audit(1761956027.641:1431): pid=5309 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=18 res=1 [ 178.660736] audit: type=1300 audit(1761956027.641:1431): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffede8c230 a2=3 a3=1 items=0 ppid=1 pid=5309 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=18 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 178.671630] audit: type=1327 audit(1761956027.641:1431): proctitle=737368643A20636F7265205B707269765D [ 178.700632] audit: type=1105 audit(1761956027.698:1432): pid=5309 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 178.713467] audit: type=1103 audit(1761956027.711:1433): pid=5311 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 178.985015] audit: type=1106 audit(1761956027.982:1434): pid=5309 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 179.014567] audit: type=1104 audit(1761956027.995:1435): pid=5309 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 187.542639] kauditd_printk_skb: 57 callbacks suppressed [ 187.542644] audit: type=1130 audit(1761956036.540:1477): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@22-172.31.24.47:22-147.75.109.163:41614 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 187.715848] audit: type=1101 audit(1761956036.713:1478): pid=5379 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 187.726528] audit: type=1103 audit(1761956036.717:1479): pid=5379 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 187.737641] audit: type=1006 audit(1761956036.717:1480): pid=5379 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=23 res=1 [ 187.744956] audit: type=1300 audit(1761956036.717:1480): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=fffff5b85bc0 a2=3 a3=1 items=0 ppid=1 pid=5379 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=23 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 187.758209] audit: type=1327 audit(1761956036.717:1480): proctitle=737368643A20636F7265205B707269765D [ 187.776152] audit: type=1105 audit(1761956036.773:1481): pid=5379 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 187.789051] audit: type=1103 audit(1761956036.786:1482): pid=5381 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 188.028371] audit: type=1106 audit(1761956037.025:1483): pid=5379 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 188.041400] audit: type=1104 audit(1761956037.026:1484): pid=5379 uid=0 auid=500 ses=23 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 193.065058] kauditd_printk_skb: 31 callbacks suppressed [ 193.065063] audit: type=1130 audit(1761956042.062:1496): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@23-172.31.24.47:22-147.75.109.163:53420 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 193.235491] audit: type=1101 audit(1761956042.231:1497): pid=5415 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 193.250169] audit: type=1103 audit(1761956042.244:1498): pid=5415 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 193.261728] audit: type=1006 audit(1761956042.244:1499): pid=5415 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=24 res=1 [ 193.276218] audit: type=1300 audit(1761956042.244:1499): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffc31d23b0 a2=3 a3=1 items=0 ppid=1 pid=5415 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=24 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 193.288327] audit: type=1327 audit(1761956042.244:1499): proctitle=737368643A20636F7265205B707269765D [ 193.300861] audit: type=1105 audit(1761956042.298:1500): pid=5415 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 193.314810] audit: type=1103 audit(1761956042.311:1501): pid=5417 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 193.634755] audit: type=1106 audit(1761956042.630:1502): pid=5415 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 193.652962] audit: type=1104 audit(1761956042.630:1503): pid=5415 uid=0 auid=500 ses=24 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 198.658897] kauditd_printk_skb: 13 callbacks suppressed [ 198.658902] audit: type=1130 audit(1761956047.656:1509): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@24-172.31.24.47:22-147.75.109.163:53426 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 198.880930] audit: type=1101 audit(1761956047.878:1510): pid=5597 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 198.895886] audit: type=1103 audit(1761956047.893:1511): pid=5597 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 198.908142] audit: type=1006 audit(1761956047.893:1512): pid=5597 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=25 res=1 [ 198.917092] audit: type=1300 audit(1761956047.893:1512): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffe467cdb0 a2=3 a3=1 items=0 ppid=1 pid=5597 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=25 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 198.928786] audit: type=1327 audit(1761956047.893:1512): proctitle=737368643A20636F7265205B707269765D [ 198.957322] audit: type=1105 audit(1761956047.954:1513): pid=5597 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 198.978197] audit: type=1103 audit(1761956047.960:1514): pid=5619 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 199.304308] audit: type=1106 audit(1761956048.300:1515): pid=5597 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 199.322548] audit: type=1104 audit(1761956048.300:1516): pid=5597 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 204.329763] kauditd_printk_skb: 1 callbacks suppressed [ 204.329768] audit: type=1130 audit(1761956053.327:1518): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@25-172.31.24.47:22-147.75.109.163:51154 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 204.514707] audit: type=1101 audit(1761956053.512:1519): pid=5704 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 204.527488] audit: type=1103 audit(1761956053.525:1520): pid=5704 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 204.537879] audit: type=1006 audit(1761956053.525:1521): pid=5704 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=26 res=1 [ 204.544960] audit: type=1300 audit(1761956053.525:1521): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffde75a250 a2=3 a3=1 items=0 ppid=1 pid=5704 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=26 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 204.557582] audit: type=1327 audit(1761956053.525:1521): proctitle=737368643A20636F7265205B707269765D [ 204.576064] audit: type=1105 audit(1761956053.573:1522): pid=5704 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 204.602056] audit: type=1103 audit(1761956053.587:1523): pid=5706 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 204.866273] audit: type=1106 audit(1761956053.862:1524): pid=5704 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 204.881836] audit: type=1104 audit(1761956053.862:1525): pid=5704 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 209.893887] kauditd_printk_skb: 1 callbacks suppressed [ 209.893891] audit: type=1130 audit(1761956058.891:1527): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@26-172.31.24.47:22-147.75.109.163:51168 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 210.069915] audit: type=1101 audit(1761956059.067:1528): pid=5717 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 210.082736] audit: type=1103 audit(1761956059.067:1529): pid=5717 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 210.093360] audit: type=1006 audit(1761956059.067:1530): pid=5717 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=27 res=1 [ 210.102009] audit: type=1300 audit(1761956059.067:1530): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffe836aa00 a2=3 a3=1 items=0 ppid=1 pid=5717 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=27 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 210.117206] audit: type=1327 audit(1761956059.067:1530): proctitle=737368643A20636F7265205B707269765D [ 210.131643] audit: type=1105 audit(1761956059.129:1531): pid=5717 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 210.152204] audit: type=1103 audit(1761956059.149:1532): pid=5719 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 210.427371] audit: type=1106 audit(1761956059.425:1533): pid=5717 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 210.449186] audit: type=1104 audit(1761956059.425:1534): pid=5717 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 215.462461] kauditd_printk_skb: 1 callbacks suppressed [ 215.462465] audit: type=1130 audit(1761956064.460:1536): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@27-172.31.24.47:22-147.75.109.163:49956 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 215.648063] audit: type=1101 audit(1761956064.646:1537): pid=5730 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 215.660897] audit: type=1103 audit(1761956064.646:1538): pid=5730 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 215.673205] audit: type=1006 audit(1761956064.646:1539): pid=5730 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=28 res=1 [ 215.687236] audit: type=1300 audit(1761956064.646:1539): arch=c00000b7 syscall=64 success=yes exit=3 a0=5 a1=ffffe2f8eae0 a2=3 a3=1 items=0 ppid=1 pid=5730 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=28 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 215.698264] audit: type=1327 audit(1761956064.646:1539): proctitle=737368643A20636F7265205B707269765D [ 215.710187] audit: type=1105 audit(1761956064.708:1540): pid=5730 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 215.724583] audit: type=1103 audit(1761956064.721:1541): pid=5732 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 215.980418] audit: type=1106 audit(1761956064.976:1542): pid=5730 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 215.995166] audit: type=1104 audit(1761956064.976:1543): pid=5730 uid=0 auid=500 ses=28 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 230.115430] kauditd_printk_skb: 1 callbacks suppressed [ 230.115435] audit: type=1334 audit(1761956079.113:1545): prog-id=76 op=UNLOAD [ 230.121416] audit: type=1334 audit(1761956079.113:1546): prog-id=99 op=UNLOAD [ 230.308611] audit: type=1334 audit(1761956079.305:1547): prog-id=117 op=UNLOAD [ 230.317623] audit: type=1334 audit(1761956079.313:1548): prog-id=120 op=UNLOAD [ 230.933863] audit: type=1400 audit(1761956079.931:1549): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 230.944720] audit: type=1400 audit(1761956079.940:1550): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 230.956645] audit: audit_backlog=65 > audit_backlog_limit=64 [ 230.958857] audit: audit_backlog=65 > audit_backlog_limit=64 [ 230.959119] audit: audit_lost=14 audit_rate_limit=0 audit_backlog_limit=64 [ 230.961406] audit: audit_lost=15 audit_rate_limit=0 audit_backlog_limit=64