msg='unit=audit-rules comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 17.020645] audit: type=1130 audit(1755046919.608:224): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=audit-rules comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 17.020645] audit: type=1130 audit(1755046919.608:224): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=audit-rules comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 17.025512] audit: type=1106 audit(1755046919.613:225): pid=1959 uid=500 auid=500 ses=6 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 17.029410] audit: type=1104 audit(1755046919.613:226): pid=1959 uid=500 auid=500 ses=6 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 17.050746] audit: type=1106 audit(1755046919.638:227): pid=1956 uid=0 auid=500 ses=6 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 17.057346] audit: type=1104 audit(1755046919.639:228): pid=1956 uid=0 auid=500 ses=6 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 17.061230] audit: type=1131 audit(1755046919.639:229): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@5-172.31.21.64:22-147.75.109.163:59708 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 17.802539] Initializing XFRM netlink socket This is ip-172-31-21-64 (Linux x86_64 5.15.189-flatcar) 01:02:01 SSH host key: SHA256:nwp/VqXQOIMYKMlfD2ffGyw6TO+N0Scuceey7sNWlMA (ED25519) SSH host key: SHA256:9mBDWReFoyb9uRiL7QjmKReqqDAWq7m4QJFOJV1zVnw (ECDSA) SSH host key: SHA256:Xs79VI1dUz/BMfeRL6eYrwuGrfgz3ksTqAmPnMsYqww (RSA) eth0: 172.31.21.64 fe80::4e4:94ff:fef2:1e6f ip-172-31-21-64 login: [ 26.628351] kauditd_printk_skb: 84 callbacks suppressed [ 26.628355] audit: type=1130 audit(1755046929.215:264): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 26.634716] audit: type=1131 audit(1755046929.215:265): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 26.947805] audit: type=1130 audit(1755046929.536:266): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 27.028870] audit: type=1131 audit(1755046929.617:267): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' [ 35.917248] audit: type=1130 audit(1755046938.505:268): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 35.920937] audit: type=1131 audit(1755046938.509:269): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 36.300297] audit: type=1400 audit(1755046938.888:270): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 36.304076] audit: type=1400 audit(1755046938.888:271): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 36.307452] audit: type=1400 audit(1755046938.888:272): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 36.311334] audit: type=1400 audit(1755046938.888:273): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 36.317802] audit: type=1400 audit(1755046938.888:274): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 36.324965] audit: type=1400 audit(1755046938.888:275): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 36.331761] audit: type=1400 audit(1755046938.888:276): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 36.339169] audit: type=1400 audit(1755046938.888:277): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 43.395943] kauditd_printk_skb: 602 callbacks suppressed [ 43.395946] audit: type=1400 audit(1755046945.984:595): avc: denied { watch } for pid=2431 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="nvme0n1p9" ino=520978 scontext=system_u:system_r:svirt_lxc_net_t:s0:c339,c736 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 43.415460] audit: type=1400 audit(1755046945.984:596): avc: denied { watch } for pid=2431 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="nvme0n1p9" ino=520974 scontext=system_u:system_r:svirt_lxc_net_t:s0:c339,c736 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 43.425543] audit: type=1300 audit(1755046945.984:596): arch=c000003e syscall=254 success=no exit=-13 a0=42 a1=c003abfce0 a2=fc6 a3=0 items=0 ppid=2306 pid=2431 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c339,c736 key=(null) [ 43.435641] audit: type=1327 audit(1755046945.984:596): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D3137322E33312E32312E3634002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B7562 [ 43.447225] audit: type=1400 audit(1755046945.996:597): avc: denied { watch } for pid=2431 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-client.crt" dev="nvme0n1p9" ino=520980 scontext=system_u:system_r:svirt_lxc_net_t:s0:c339,c736 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 43.458223] audit: type=1300 audit(1755046945.996:597): arch=c000003e syscall=254 success=no exit=-13 a0=4a a1=c003abfe60 a2=fc6 a3=0 items=0 ppid=2306 pid=2431 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c339,c736 key=(null) [ 43.468128] audit: type=1327 audit(1755046945.996:597): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D3137322E33312E32312E3634002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B7562 [ 43.477149] audit: type=1131 audit(1755046945.999:598): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 43.501538] audit: type=1400 audit(1755046946.001:599): avc: denied { watch } for pid=2431 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520972 scontext=system_u:system_r:svirt_lxc_net_t:s0:c339,c736 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 43.514307] audit: type=1300 audit(1755046946.001:599): arch=c000003e syscall=254 success=no exit=-13 a0=4b a1=c004a1f6a0 a2=fc6 a3=0 items=0 ppid=2306 pid=2431 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c339,c736 key=(null) [ 51.010056] kauditd_printk_skb: 279 callbacks suppressed [ 51.010059] audit: type=1400 audit(1755046953.598:857): avc: denied { watch } for pid=2473 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520972 scontext=system_u:system_r:svirt_lxc_net_t:s0:c373,c877 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 51.019361] audit: type=1300 audit(1755046953.598:857): arch=c000003e syscall=254 success=no exit=-13 a0=9 a1=c000e409a0 a2=fc6 a3=0 items=0 ppid=2283 pid=2473 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c373,c877 key=(null) [ 51.028164] audit: type=1327 audit(1755046953.598:857): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 51.035827] audit: type=1400 audit(1755046953.599:858): avc: denied { watch } for pid=2473 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520972 scontext=system_u:system_r:svirt_lxc_net_t:s0:c373,c877 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 51.041900] audit: type=1300 audit(1755046953.599:858): arch=c000003e syscall=254 success=no exit=-13 a0=9 a1=c000e409e0 a2=fc6 a3=0 items=0 ppid=2283 pid=2473 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c373,c877 key=(null) [ 51.050153] audit: type=1327 audit(1755046953.599:858): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 51.058306] audit: type=1400 audit(1755046953.600:859): avc: denied { watch } for pid=2473 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520972 scontext=system_u:system_r:svirt_lxc_net_t:s0:c373,c877 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 51.067278] audit: type=1300 audit(1755046953.600:859): arch=c000003e syscall=254 success=no exit=-13 a0=9 a1=c000e40d60 a2=fc6 a3=0 items=0 ppid=2283 pid=2473 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c373,c877 key=(null) [ 51.079198] audit: type=1327 audit(1755046953.600:859): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 51.086437] audit: type=1400 audit(1755046953.600:860): avc: denied { watch } for pid=2473 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520972 scontext=system_u:system_r:svirt_lxc_net_t:s0:c373,c877 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 56.596740] kauditd_printk_skb: 312 callbacks suppressed [ 56.596743] audit: type=1400 audit(1755046959.184:954): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 56.607763] audit: type=1400 audit(1755046959.184:955): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 56.616466] audit: type=1400 audit(1755046959.184:956): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 56.626283] audit: type=1400 audit(1755046959.184:957): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 56.636042] audit: type=1400 audit(1755046959.184:958): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 56.647045] audit: type=1400 audit(1755046959.184:959): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 56.656410] audit: type=1400 audit(1755046959.184:960): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 56.665449] audit: type=1400 audit(1755046959.184:961): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 56.672850] audit: type=1400 audit(1755046959.184:962): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 56.681406] audit: type=1400 audit(1755046959.185:963): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 62.079218] kauditd_printk_skb: 47 callbacks suppressed [ 62.079221] audit: type=1106 audit(1755046964.667:972): pid=1989 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 62.092282] audit: type=1104 audit(1755046964.667:973): pid=1989 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 62.119706] audit: type=1106 audit(1755046964.708:974): pid=1986 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 62.132723] audit: type=1104 audit(1755046964.708:975): pid=1986 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 62.148305] audit: type=1131 audit(1755046964.736:976): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@6-172.31.21.64:22-147.75.109.163:59720 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 63.734040] audit: type=1325 audit(1755046966.322:977): table=filter:89 family=2 entries=14 op=nft_register_rule pid=3082 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 63.741879] audit: type=1300 audit(1755046966.322:977): arch=c000003e syscall=46 success=yes exit=5248 a0=3 a1=7ffc16b3bf80 a2=0 a3=7ffc16b3bf6c items=0 ppid=2710 pid=3082 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 63.762406] audit: type=1327 audit(1755046966.322:977): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 63.771040] audit: type=1325 audit(1755046966.351:978): table=nat:90 family=2 entries=12 op=nft_register_rule pid=3082 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 63.777506] audit: type=1300 audit(1755046966.351:978): arch=c000003e syscall=46 success=yes exit=2700 a0=3 a1=7ffc16b3bf80 a2=0 a3=0 items=0 ppid=2710 pid=3082 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 67.112721] kauditd_printk_skb: 19 callbacks suppressed [ 67.112724] audit: type=1400 audit(1755046969.701:985): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 67.121756] audit: type=1400 audit(1755046969.701:986): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 67.130789] audit: type=1400 audit(1755046969.701:987): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 67.141338] audit: type=1400 audit(1755046969.701:988): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 67.150968] audit: type=1400 audit(1755046969.701:989): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 67.162164] audit: type=1400 audit(1755046969.701:990): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 67.182560] audit: type=1400 audit(1755046969.701:991): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 67.192812] audit: type=1400 audit(1755046969.701:992): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 67.209353] audit: type=1400 audit(1755046969.701:993): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 67.218627] audit: type=1400 audit(1755046969.703:994): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 74.555558] kauditd_printk_skb: 211 callbacks suppressed [ 74.555561] audit: type=1325 audit(1755046977.145:1048): table=filter:99 family=2 entries=21 op=nft_register_rule pid=3342 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 74.563225] audit: type=1300 audit(1755046977.145:1048): arch=c000003e syscall=46 success=yes exit=7480 a0=3 a1=7ffeffec5d40 a2=0 a3=7ffeffec5d2c items=0 ppid=2710 pid=3342 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 74.573605] audit: type=1327 audit(1755046977.145:1048): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 74.577991] audit: type=1325 audit(1755046977.163:1049): table=nat:100 family=2 entries=19 op=nft_register_chain pid=3342 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 74.582038] audit: type=1300 audit(1755046977.163:1049): arch=c000003e syscall=46 success=yes exit=6276 a0=3 a1=7ffeffec5d40 a2=0 a3=7ffeffec5d2c items=0 ppid=2710 pid=3342 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 74.590486] audit: type=1327 audit(1755046977.163:1049): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 78.359140] audit: type=1400 audit(1755046980.948:1050): avc: denied { perfmon } for pid=3352 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 78.364866] audit: type=1300 audit(1755046980.948:1050): arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c0001456b0 a2=3c a3=7fcc95ca8b98 items=0 ppid=3169 pid=3352 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 78.373300] audit: type=1327 audit(1755046980.948:1050): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3631313862383831376138336164636633323338363037383965663564 [ 78.380947] audit: type=1400 audit(1755046980.948:1051): avc: denied { bpf } for pid=3352 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 81.388067] kauditd_printk_skb: 39 callbacks suppressed [ 81.388070] audit: type=1334 audit(1755046983.977:1056): prog-id=144 op=UNLOAD [ 89.285089] audit: type=1400 audit(1755046991.874:1057): avc: denied { perfmon } for pid=3777 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 89.290703] audit: type=1300 audit(1755046991.874:1057): arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c0001976b0 a2=3c a3=7fb4b4659a18 items=0 ppid=3169 pid=3777 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 89.303331] audit: type=1327 audit(1755046991.874:1057): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3231653133653633393862326334353461323030303863326564386532 [ 89.312279] audit: type=1400 audit(1755046991.874:1058): avc: denied { bpf } for pid=3777 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 89.320659] audit: type=1400 audit(1755046991.874:1058): avc: denied { bpf } for pid=3777 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 89.327494] audit: type=1400 audit(1755046991.874:1058): avc: denied { bpf } for pid=3777 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 89.334404] audit: type=1400 audit(1755046991.874:1058): avc: denied { perfmon } for pid=3777 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 89.340738] audit: type=1400 audit(1755046991.874:1058): avc: denied { perfmon } for pid=3777 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 89.348136] audit: type=1400 audit(1755046991.874:1058): avc: denied { perfmon } for pid=3777 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 89.353575] audit: type=1400 audit(1755046991.874:1058): avc: denied { perfmon } for pid=3777 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 89.805471] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information. [ 89.808293] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld . All Rights Reserved. [ 91.874017] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 91.882793] IPv6: ADDRCONF(NETDEV_CHANGE): cali398d4de6214: link becomes ready This is ip-172-31-21-64 (Linux x86_64 5.15.189-flatcar) 01:03:16 SSH host key: SHA256:nwp/VqXQOIMYKMlfD2ffGyw6TO+N0Scuceey7sNWlMA (ED25519) SSH host key: SHA256:9mBDWReFoyb9uRiL7QjmKReqqDAWq7m4QJFOJV1zVnw (ECDSA) SSH host key: SHA256:Xs79VI1dUz/BMfeRL6eYrwuGrfgz3ksTqAmPnMsYqww (RSA) eth0: 172.31.21.64 fe80::4e4:94ff:fef2:1e6f ip-172-31-21-64 login: [ 94.127183] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 94.128623] IPv6: ADDRCONF(NETDEV_CHANGE): cali23aaad86063: link becomes ready This is ip-172-31-21-64 (Linux x86_64 5.15.189-flatcar) 01:03:17 SSH host key: SHA256:nwp/VqXQOIMYKMlfD2ffGyw6TO+N0Scuceey7sNWlMA (ED25519) SSH host key: SHA256:9mBDWReFoyb9uRiL7QjmKReqqDAWq7m4QJFOJV1zVnw (ECDSA) SSH host key: SHA256:Xs79VI1dUz/BMfeRL6eYrwuGrfgz3ksTqAmPnMsYqww (RSA) eth0: 172.31.21.64 fe80::4e4:94ff:fef2:1e6f ip-172-31-21-64 login: [ 95.436529] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 95.437710] IPv6: ADDRCONF(NETDEV_CHANGE): calif4f35b7ca4d: link becomes ready [ 95.598334] IPv6: ADDRCONF(NETDEV_CHANGE): calic9e70e15cf3: link becomes ready [ 95.651231] kauditd_printk_skb: 773 callbacks suppressed [ 95.651234] audit: type=1400 audit(1755046998.241:1228): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 95.655795] audit: type=1400 audit(1755046998.241:1229): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 95.662182] audit: type=1400 audit(1755046998.241:1230): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 95.669404] audit: type=1400 audit(1755046998.241:1231): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 95.675679] audit: type=1400 audit(1755046998.241:1232): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 95.681392] audit: type=1400 audit(1755046998.241:1233): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 95.689141] audit: type=1400 audit(1755046998.241:1234): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 This is ip-172-31-21-64 (Linux x86_64 5.15.189-flatcar) 01:03:18 SSH host key: SHA256:nwp/VqXQOIMYKMlfD2ffGyw6TO+N0Scuceey7sNWlMA (ED25519) SSH host key: SHA256:9mBDWReFoyb9uRiL7QjmKReqqDAWq7m4QJFOJV1zVnw (ECDSA) SSH host key: SHA256:Xs79VI1dUz/BMfeRL6eYrwuGrfgz3ksTqAmPnMsYqww (RSA) eth0: 172.31.21.64 fe80::4e4:94ff:fef2:1e6f ip-172-31-21-64 login: [ 95.702750] audit: type=1400 audit(1755046998.241:1235): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 95.712154] audit: type=1400 audit(1755046998.241:1236): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 95.720233] audit: type=1400 audit(1755046998.245:1237): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 This is ip-172-31-21-64 (Linux x86_64 5.15.189-flatcar) 01:03:19 SSH host key: SHA256:nwp/VqXQOIMYKMlfD2ffGyw6TO+N0Scuceey7sNWlMA (ED25519) SSH host key: SHA256:9mBDWReFoyb9uRiL7QjmKReqqDAWq7m4QJFOJV1zVnw (ECDSA) SSH host key: SHA256:Xs79VI1dUz/BMfeRL6eYrwuGrfgz3ksTqAmPnMsYqww (RSA) eth0: 172.31.21.64 fe80::4e4:94ff:fef2:1e6f ip-172-31-21-64 login: [ 97.117837] IPv6: ADDRCONF(NETDEV_CHANGE): cali571f516c81a: link becomes ready This is ip-172-31-21-64 (Linux x86_64 5.15.189-flatcar) 01:03:20 SSH host key: SHA256:nwp/VqXQOIMYKMlfD2ffGyw6TO+N0Scuceey7sNWlMA (ED25519) SSH host key: SHA256:9mBDWReFoyb9uRiL7QjmKReqqDAWq7m4QJFOJV1zVnw (ECDSA) SSH host key: SHA256:Xs79VI1dUz/BMfeRL6eYrwuGrfgz3ksTqAmPnMsYqww (RSA) eth0: 172.31.21.64 fe80::4e4:94ff:fef2:1e6f ip-172-31-21-64 login: [ 98.287669] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 98.289073] IPv6: ADDRCONF(NETDEV_CHANGE): cali08eb26b42ac: link becomes ready [ 99.346698] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 99.348171] IPv6: ADDRCONF(NETDEV_CHANGE): cali13c7b545f1b: link becomes ready [ 99.564300] IPv6: ADDRCONF(NETDEV_CHANGE): calib75dd1dcbf2: link becomes ready This is ip-172-31-21-64 (Linux x86_64 5.15.189-flatcar) 01:03:22 SSH host key: SHA256:nwp/VqXQOIMYKMlfD2ffGyw6TO+N0Scuceey7sNWlMA (ED25519) SSH host key: SHA256:9mBDWReFoyb9uRiL7QjmKReqqDAWq7m4QJFOJV1zVnw (ECDSA) SSH host key: SHA256:Xs79VI1dUz/BMfeRL6eYrwuGrfgz3ksTqAmPnMsYqww (RSA) eth0: 172.31.21.64 fe80::4e4:94ff:fef2:1e6f ip-172-31-21-64 login: This is ip-172-31-21-64 (Linux x86_64 5.15.189-flatcar) 01:03:23 SSH host key: SHA256:nwp/VqXQOIMYKMlfD2ffGyw6TO+N0Scuceey7sNWlMA (ED25519) SSH host key: SHA256:9mBDWReFoyb9uRiL7QjmKReqqDAWq7m4QJFOJV1zVnw (ECDSA) SSH host key: SHA256:Xs79VI1dUz/BMfeRL6eYrwuGrfgz3ksTqAmPnMsYqww (RSA) eth0: 172.31.21.64 fe80::4e4:94ff:fef2:1e6f ip-172-31-21-64 login: [ 101.318578] kauditd_printk_skb: 591 callbacks suppressed [ 101.318582] audit: type=1325 audit(1755047003.908:1411): table=filter:119 family=2 entries=12 op=nft_register_rule pid=5009 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 101.333264] audit: type=1300 audit(1755047003.908:1411): arch=c000003e syscall=46 success=yes exit=4504 a0=3 a1=7ffef9e04ed0 a2=0 a3=7ffef9e04ebc items=0 ppid=2710 pid=5009 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 101.340126] audit: type=1327 audit(1755047003.908:1411): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 101.422684] audit: type=1325 audit(1755047004.011:1412): table=nat:120 family=2 entries=58 op=nft_register_chain pid=5009 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 101.425437] audit: type=1300 audit(1755047004.011:1412): arch=c000003e syscall=46 success=yes exit=20628 a0=3 a1=7ffef9e04ed0 a2=0 a3=7ffef9e04ebc items=0 ppid=2710 pid=5009 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 101.431895] audit: type=1327 audit(1755047004.011:1412): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 101.662682] audit: type=1130 audit(1755047004.252:1413): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@7-172.31.21.64:22-147.75.109.163:58278 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 101.924132] audit: type=1101 audit(1755047004.513:1414): pid=5015 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 101.935817] audit: type=1103 audit(1755047004.520:1415): pid=5015 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 101.946637] audit: type=1006 audit(1755047004.520:1416): pid=5015 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=8 res=1 This is ip-172-31-21-64 (Linux x86_64 5.15.189-flatcar) 01:03:24 SSH host key: SHA256:nwp/VqXQOIMYKMlfD2ffGyw6TO+N0Scuceey7sNWlMA (ED25519) SSH host key: SHA256:9mBDWReFoyb9uRiL7QjmKReqqDAWq7m4QJFOJV1zVnw (ECDSA) SSH host key: SHA256:Xs79VI1dUz/BMfeRL6eYrwuGrfgz3ksTqAmPnMsYqww (RSA) eth0: 172.31.21.64 fe80::4e4:94ff:fef2:1e6f ip-172-31-21-64 login: This is ip-172-31-21-64 (Linux x86_64 5.15.189-flatcar) 01:03:25 SSH host key: SHA256:nwp/VqXQOIMYKMlfD2ffGyw6TO+N0Scuceey7sNWlMA (ED25519) SSH host key: SHA256:9mBDWReFoyb9uRiL7QjmKReqqDAWq7m4QJFOJV1zVnw (ECDSA) SSH host key: SHA256:Xs79VI1dUz/BMfeRL6eYrwuGrfgz3ksTqAmPnMsYqww (RSA) eth0: 172.31.21.64 fe80::4e4:94ff:fef2:1e6f ip-172-31-21-64 login: [ 107.664892] kauditd_printk_skb: 94 callbacks suppressed [ 107.664895] audit: type=1325 audit(1755047010.254:1450): table=filter:123 family=2 entries=11 op=nft_register_rule pid=5116 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 107.669735] audit: type=1300 audit(1755047010.254:1450): arch=c000003e syscall=46 success=yes exit=3760 a0=3 a1=7ffdad137b70 a2=0 a3=7ffdad137b5c items=0 ppid=2710 pid=5116 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 107.678564] audit: type=1327 audit(1755047010.254:1450): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 107.684582] audit: type=1325 audit(1755047010.274:1451): table=nat:124 family=2 entries=29 op=nft_register_chain pid=5116 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 107.689394] audit: type=1300 audit(1755047010.274:1451): arch=c000003e syscall=46 success=yes exit=10116 a0=3 a1=7ffdad137b70 a2=0 a3=7ffdad137b5c items=0 ppid=2710 pid=5116 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 107.700176] audit: type=1327 audit(1755047010.274:1451): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 108.756350] audit: type=1130 audit(1755047011.346:1452): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@8-172.31.21.64:22-147.75.109.163:48506 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 109.930195] audit: type=1101 audit(1755047012.519:1453): pid=5135 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 109.940141] audit: type=1103 audit(1755047012.528:1454): pid=5135 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 109.947934] audit: type=1006 audit(1755047012.528:1455): pid=5135 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=9 res=1 [ 113.243650] kauditd_printk_skb: 139 callbacks suppressed [ 113.243653] audit: type=1325 audit(1755047015.832:1503): table=filter:127 family=2 entries=10 op=nft_register_rule pid=5421 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 113.256595] audit: type=1300 audit(1755047015.832:1503): arch=c000003e syscall=46 success=yes exit=3760 a0=3 a1=7ffeb2530e50 a2=0 a3=7ffeb2530e3c items=0 ppid=2710 pid=5421 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 113.284420] audit: type=1327 audit(1755047015.832:1503): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 113.294652] audit: type=1325 audit(1755047015.845:1504): table=nat:128 family=2 entries=24 op=nft_register_rule pid=5421 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 113.303721] audit: type=1300 audit(1755047015.845:1504): arch=c000003e syscall=46 success=yes exit=7308 a0=3 a1=7ffeb2530e50 a2=0 a3=7ffeb2530e3c items=0 ppid=2710 pid=5421 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 113.319956] audit: type=1327 audit(1755047015.845:1504): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 113.412506] audit: type=1400 audit(1755047016.001:1505): avc: denied { perfmon } for pid=5424 comm="runc" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 113.424485] audit: type=1300 audit(1755047016.001:1505): arch=c000003e syscall=321 success=yes exit=15 a0=0 a1=c0001bd6b0 a2=3c a3=7f6999ccae18 items=0 ppid=4255 pid=5424 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/run/torcx/unpack/docker/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 113.444720] audit: type=1327 audit(1755047016.001:1505): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3037393233356566613566646162383638363061663963633663353964 [ 113.463622] audit: type=1400 audit(1755047016.026:1506): avc: denied { bpf } for pid=5424 comm="runc" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 120.014784] kauditd_printk_skb: 65 callbacks suppressed [ 120.014787] audit: type=1106 audit(1755047022.603:1523): pid=5618 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 120.028187] audit: type=1104 audit(1755047022.603:1524): pid=5618 uid=0 auid=500 ses=10 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 120.038212] audit: type=1131 audit(1755047022.607:1525): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@9-172.31.21.64:22-147.75.109.163:38196 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 120.056313] audit: type=1130 audit(1755047022.643:1526): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@10-172.31.21.64:22-147.75.109.163:38204 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 120.284750] audit: type=1101 audit(1755047022.872:1527): pid=5634 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 120.300843] audit: type=1103 audit(1755047022.883:1528): pid=5634 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 120.309676] audit: type=1006 audit(1755047022.883:1529): pid=5634 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=11 res=1 [ 120.330213] audit: type=1300 audit(1755047022.883:1529): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc59732860 a2=3 a3=0 items=0 ppid=1 pid=5634 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=11 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 120.340233] audit: type=1327 audit(1755047022.883:1529): proctitle=737368643A20636F7265205B707269765D [ 120.357390] audit: type=1105 audit(1755047022.946:1530): pid=5634 uid=0 auid=500 ses=11 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 127.388765] kauditd_printk_skb: 72 callbacks suppressed [ 127.388767] audit: type=1130 audit(1755047029.978:1562): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@12-172.31.21.64:22-147.75.109.163:52976 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 127.664166] audit: type=1101 audit(1755047030.252:1563): pid=5768 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 127.673077] audit: type=1103 audit(1755047030.262:1564): pid=5768 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 127.684122] audit: type=1006 audit(1755047030.262:1565): pid=5768 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=13 res=1 [ 127.690206] audit: type=1300 audit(1755047030.262:1565): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff8e0342d0 a2=3 a3=0 items=0 ppid=1 pid=5768 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=13 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 127.701633] audit: type=1327 audit(1755047030.262:1565): proctitle=737368643A20636F7265205B707269765D [ 127.751315] audit: type=1105 audit(1755047030.339:1566): pid=5768 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 127.768938] audit: type=1103 audit(1755047030.352:1567): pid=5770 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 129.082312] audit: type=1106 audit(1755047031.671:1568): pid=5768 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 129.097583] audit: type=1104 audit(1755047031.684:1569): pid=5768 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 133.318853] kauditd_printk_skb: 43 callbacks suppressed [ 133.318856] audit: type=1106 audit(1755047035.908:1599): pid=5821 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 133.332763] audit: type=1104 audit(1755047035.908:1600): pid=5821 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 133.343535] audit: type=1131 audit(1755047035.920:1601): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-172.31.21.64:22-147.75.109.163:53006 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 133.356116] audit: type=1130 audit(1755047035.942:1602): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@16-172.31.21.64:22-147.75.109.163:53010 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 133.631131] audit: type=1101 audit(1755047036.220:1603): pid=5841 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 133.641829] audit: type=1103 audit(1755047036.230:1604): pid=5841 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 133.652717] audit: type=1006 audit(1755047036.230:1605): pid=5841 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=17 res=1 [ 133.658158] audit: type=1300 audit(1755047036.230:1605): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd4689d580 a2=3 a3=0 items=0 ppid=1 pid=5841 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=17 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 133.669509] audit: type=1327 audit(1755047036.230:1605): proctitle=737368643A20636F7265205B707269765D [ 133.676410] audit: type=1105 audit(1755047036.265:1606): pid=5841 uid=0 auid=500 ses=17 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 140.330711] kauditd_printk_skb: 10 callbacks suppressed [ 140.330715] audit: type=1130 audit(1755047042.920:1613): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@17-172.31.21.64:22-147.75.109.163:45396 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 141.100279] audit: type=1101 audit(1755047043.689:1614): pid=5875 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 141.127675] audit: type=1103 audit(1755047043.717:1615): pid=5875 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 141.150394] audit: type=1006 audit(1755047043.717:1616): pid=5875 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=18 res=1 [ 141.166762] audit: type=1300 audit(1755047043.717:1616): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff36546090 a2=3 a3=0 items=0 ppid=1 pid=5875 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=18 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 141.177348] audit: type=1327 audit(1755047043.717:1616): proctitle=737368643A20636F7265205B707269765D [ 141.215372] audit: type=1105 audit(1755047043.804:1617): pid=5875 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 141.235187] audit: type=1103 audit(1755047043.824:1618): pid=5877 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 142.754310] audit: type=1106 audit(1755047045.343:1619): pid=5875 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 142.764831] audit: type=1104 audit(1755047045.343:1620): pid=5875 uid=0 auid=500 ses=18 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 147.789735] kauditd_printk_skb: 1 callbacks suppressed [ 147.789738] audit: type=1130 audit(1755047050.379:1622): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@18-172.31.21.64:22-147.75.109.163:46056 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 148.113021] audit: type=1101 audit(1755047050.702:1623): pid=5888 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 148.124374] audit: type=1103 audit(1755047050.713:1624): pid=5888 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 148.133751] audit: type=1006 audit(1755047050.714:1625): pid=5888 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=19 res=1 [ 148.139195] audit: type=1300 audit(1755047050.714:1625): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff20f0f940 a2=3 a3=0 items=0 ppid=1 pid=5888 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=19 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 148.148772] audit: type=1327 audit(1755047050.714:1625): proctitle=737368643A20636F7265205B707269765D [ 148.167594] audit: type=1105 audit(1755047050.757:1626): pid=5888 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 148.176933] audit: type=1103 audit(1755047050.762:1627): pid=5890 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 149.023525] audit: type=1106 audit(1755047051.613:1628): pid=5888 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 149.033154] audit: type=1104 audit(1755047051.621:1629): pid=5888 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 154.050755] kauditd_printk_skb: 1 callbacks suppressed [ 154.050757] audit: type=1130 audit(1755047056.639:1631): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@19-172.31.21.64:22-147.75.109.163:46058 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 154.371959] audit: type=1101 audit(1755047056.961:1632): pid=5944 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 154.382263] audit: type=1103 audit(1755047056.971:1633): pid=5944 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 154.392505] audit: type=1006 audit(1755047056.971:1634): pid=5944 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=20 res=1 [ 154.398296] audit: type=1300 audit(1755047056.971:1634): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd8f096ee0 a2=3 a3=0 items=0 ppid=1 pid=5944 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=20 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 154.410111] audit: type=1327 audit(1755047056.971:1634): proctitle=737368643A20636F7265205B707269765D [ 154.413974] audit: type=1105 audit(1755047056.999:1635): pid=5944 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 154.423205] audit: type=1103 audit(1755047057.005:1636): pid=5946 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 155.963779] audit: type=1106 audit(1755047058.553:1637): pid=5944 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 155.976335] audit: type=1104 audit(1755047058.553:1638): pid=5944 uid=0 auid=500 ses=20 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 161.023492] kauditd_printk_skb: 1 callbacks suppressed [ 161.023495] audit: type=1130 audit(1755047063.612:1640): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@20-172.31.21.64:22-147.75.109.163:57280 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 161.418191] audit: type=1101 audit(1755047064.005:1641): pid=5958 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 161.427800] audit: type=1103 audit(1755047064.007:1642): pid=5958 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 161.436457] audit: type=1006 audit(1755047064.007:1643): pid=5958 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=21 res=1 [ 161.440973] audit: type=1300 audit(1755047064.007:1643): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd88ef1900 a2=3 a3=0 items=0 ppid=1 pid=5958 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=21 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 161.452493] audit: type=1327 audit(1755047064.007:1643): proctitle=737368643A20636F7265205B707269765D [ 161.488927] audit: type=1105 audit(1755047064.077:1644): pid=5958 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 161.500869] audit: type=1103 audit(1755047064.089:1645): pid=5960 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=147.75.109.163 addr=147.75.109.163 terminal=ssh res=success' [ 163.452631] audit: type=1400 audit(1755047066.042:1646): avc: denied { watch } for pid=2431 comm="kube-apiserver" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520972 scontext=system_u:system_r:svirt_lxc_net_t:s0:c339,c736 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 163.461036] audit: type=1300 audit(1755047066.042:1646): arch=c000003e syscall=254 success=no exit=-13 a0=84 a1=c011cf7980 a2=fc6 a3=0 items=0 ppid=2306 pid=2431 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:svirt_lxc_net_t:s0:c339,c736 key=(null) [ 171.055114] kauditd_printk_skb: 25 callbacks suppressed [ 171.055117] audit: type=1400 audit(1755047073.645:1657): avc: denied { watch } for pid=2473 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520972 scontext=system_u:system_r:svirt_lxc_net_t:s0:c373,c877 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 171.064633] audit: type=1300 audit(1755047073.645:1657): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c000e9e5a0 a2=fc6 a3=0 items=0 ppid=2283 pid=2473 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c373,c877 key=(null) [ 171.073997] audit: type=1327 audit(1755047073.645:1657): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 171.082927] audit: type=1400 audit(1755047073.656:1658): avc: denied { watch } for pid=2473 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520972 scontext=system_u:system_r:svirt_lxc_net_t:s0:c373,c877 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 171.090825] audit: type=1300 audit(1755047073.656:1658): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c00203c3c0 a2=fc6 a3=0 items=0 ppid=2283 pid=2473 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c373,c877 key=(null) [ 171.099966] audit: type=1327 audit(1755047073.656:1658): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 171.107812] audit: type=1400 audit(1755047073.663:1659): avc: denied { watch } for pid=2473 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520972 scontext=system_u:system_r:svirt_lxc_net_t:s0:c373,c877 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 171.114599] audit: type=1300 audit(1755047073.663:1659): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c000e9e5c0 a2=fc6 a3=0 items=0 ppid=2283 pid=2473 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:svirt_lxc_net_t:s0:c373,c877 key=(null) [ 171.123537] audit: type=1327 audit(1755047073.663:1659): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 171.131681] audit: type=1400 audit(1755047073.677:1660): avc: denied { watch } for pid=2473 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="nvme0n1p9" ino=520972 scontext=system_u:system_r:svirt_lxc_net_t:s0:c373,c877 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 178.119111] kauditd_printk_skb: 8 callbacks suppressed [ 178.119114] audit: type=1334 audit(1755047080.709:1663): prog-id=90 op=UNLOAD [ 178.124483] audit: type=1334 audit(1755047080.710:1664): prog-id=111 op=UNLOAD [ 178.374160] audit: type=1334 audit(1755047080.963:1665): prog-id=123 op=UNLOAD [ 178.379343] audit: type=1334 audit(1755047080.968:1666): prog-id=126 op=UNLOAD [ 179.414004] audit: type=1400 audit(1755047082.004:1667): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 179.420945] audit: type=1400 audit(1755047082.004:1668): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 179.432467] audit: type=1400 audit(1755047082.004:1669): avc: denied { bpf } for pid=1 comm="systemd" capability=39 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 179.440754] audit: type=1400 audit(1755047082.004:1670): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 179.449742] audit: type=1400 audit(1755047082.004:1671): avc: denied { perfmon } for pid=1 comm="systemd" capability=38 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=0 [ 179.451988] audit: audit_backlog=65 > audit_backlog_limit=64