dit(1719903277.893:198): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@5-172.31.28.45:22-139.178.89.65:52678 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 27.397244] Initializing XFRM netlink socket This is ip-172-31-28-45 (Linux x86_64 6.1.96-flatcar) 06:54:40 SSH host key: SHA256:NRz0U8gTjpKaUsnXma5cPtDpw1n1i8CK3a6O0TgRtWk (ED25519) SSH host key: SHA256:6B5eeGF2p+IDeT47qXYVqaEcF2Y2UY8nrQ4c3dn1h4M (RSA) SSH host key: SHA256:Lq8b2eUmhIFrsgdcjbTJKHM+MCsyNf8pozYyzDacXJc (ECDSA) eth0: 172.31.28.45 fe80::469:e9ff:fe85:b787 ip-172-31-28-45 login: [ 39.839353] kauditd_printk_skb: 88 callbacks suppressed [ 39.839356] audit: type=1130 audit(1719903291.621:237): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 39.844120] audit: type=1131 audit(1719903291.621:238): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 40.145360] audit: type=1130 audit(1719903291.931:239): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 40.260565] audit: type=1131 audit(1719903292.046:240): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' [ 46.369746] audit: type=1131 audit(1719903298.157:241): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 46.386293] audit: type=1334 audit(1719903298.174:242): prog-id=40 op=UNLOAD [ 46.387392] audit: type=1334 audit(1719903298.174:243): prog-id=39 op=UNLOAD [ 46.388038] audit: type=1334 audit(1719903298.174:244): prog-id=38 op=UNLOAD [ 50.334382] audit: type=1130 audit(1719903302.122:245): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 50.342260] audit: type=1131 audit(1719903302.122:246): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 50.795609] audit: type=1130 audit(1719903302.584:247): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 50.928601] audit: type=1131 audit(1719903302.717:248): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' [ 52.359254] audit: type=1130 audit(1719903304.148:249): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 52.361168] audit: type=1131 audit(1719903304.150:250): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=kubelet comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 52.811282] audit: type=1334 audit(1719903304.600:251): prog-id=41 op=LOAD [ 52.812103] audit: type=1334 audit(1719903304.600:252): prog-id=24 op=UNLOAD [ 52.812950] audit: type=1334 audit(1719903304.600:253): prog-id=42 op=LOAD [ 52.813768] audit: type=1334 audit(1719903304.600:254): prog-id=43 op=LOAD [ 52.814503] audit: type=1334 audit(1719903304.600:255): prog-id=25 op=UNLOAD [ 52.816077] audit: type=1334 audit(1719903304.600:256): prog-id=26 op=UNLOAD [ 52.816884] audit: type=1334 audit(1719903304.603:257): prog-id=44 op=LOAD [ 52.817698] audit: type=1334 audit(1719903304.603:258): prog-id=33 op=UNLOAD [ 59.332512] kauditd_printk_skb: 131 callbacks suppressed [ 59.332515] audit: type=1400 audit(1719903311.122:330): avc: denied { watch } for pid=2833 comm="kube-controller" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="overlay" ino=7802 scontext=system_u:system_r:container_t:s0:c333,c374 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 59.336470] audit: type=1300 audit(1719903311.122:330): arch=c000003e syscall=254 success=no exit=-13 a0=7 a1=c0003b6b40 a2=fc6 a3=0 items=0 ppid=2673 pid=2833 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:container_t:s0:c333,c374 key=(null) [ 59.340484] audit: type=1327 audit(1719903311.122:330): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 59.343902] audit: type=1400 audit(1719903311.122:331): avc: denied { watch } for pid=2833 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="overlay" ino=7796 scontext=system_u:system_r:container_t:s0:c333,c374 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 59.347081] audit: type=1300 audit(1719903311.122:331): arch=c000003e syscall=254 success=no exit=-13 a0=7 a1=c0003006e0 a2=fc6 a3=0 items=0 ppid=2673 pid=2833 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:container_t:s0:c333,c374 key=(null) [ 59.350933] audit: type=1327 audit(1719903311.122:331): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 59.625109] audit: type=1400 audit(1719903311.415:332): avc: denied { watch } for pid=2801 comm="kube-apiserver" path="/etc/kubernetes/pki/front-proxy-ca.crt" dev="overlay" ino=7802 scontext=system_u:system_r:container_t:s0:c201,c209 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 59.627466] audit: type=1400 audit(1719903311.415:333): avc: denied { watch } for pid=2801 comm="kube-apiserver" path="/etc/kubernetes/pki/apiserver.crt" dev="overlay" ino=7798 scontext=system_u:system_r:container_t:s0:c201,c209 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 59.631812] audit: type=1300 audit(1719903311.415:333): arch=c000003e syscall=254 success=no exit=-13 a0=41 a1=c006394810 a2=fc6 a3=0 items=0 ppid=2653 pid=2801 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-apiserver" exe="/usr/local/bin/kube-apiserver" subj=system_u:system_r:container_t:s0:c201,c209 key=(null) [ 59.635973] audit: type=1327 audit(1719903311.415:333): proctitle=6B7562652D617069736572766572002D2D6164766572746973652D616464726573733D3137322E33312E32382E3435002D2D616C6C6F772D70726976696C656765643D74727565002D2D617574686F72697A6174696F6E2D6D6F64653D4E6F64652C52424143002D2D636C69656E742D63612D66696C653D2F6574632F6B7562 [ 61.220829] BTRFS warning: duplicate device /dev/nvme0n1p3 devid 1 generation 35 scanned by (udev-worker) (2891) [ 65.496326] kauditd_printk_skb: 68 callbacks suppressed [ 65.496330] audit: type=1400 audit(1719903317.287:384): avc: denied { watch } for pid=2833 comm="kube-controller" path="/opt/libexec/kubernetes/kubelet-plugins/volume/exec" dev="nvme0n1p9" ino=7830 scontext=system_u:system_r:container_t:s0:c333,c374 tcontext=system_u:object_r:usr_t:s0 tclass=dir permissive=0 [ 65.499360] audit: type=1300 audit(1719903317.287:384): arch=c000003e syscall=254 success=no exit=-13 a0=9 a1=c0005453c0 a2=fc6 a3=0 items=0 ppid=2673 pid=2833 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:container_t:s0:c333,c374 key=(null) [ 65.503221] audit: type=1327 audit(1719903317.287:384): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 70.845175] audit: type=1106 audit(1719903322.636:385): pid=2094 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_limits,pam_env,pam_unix,pam_permit,pam_systemd acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 70.847656] audit: type=1104 audit(1719903322.636:386): pid=2094 uid=500 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 70.873323] audit: type=1106 audit(1719903322.664:387): pid=2091 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 70.880826] audit: type=1104 audit(1719903322.664:388): pid=2091 uid=0 auid=500 ses=7 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 70.885328] audit: type=1131 audit(1719903322.671:389): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@6-172.31.28.45:22-139.178.89.65:52688 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 79.057654] audit: type=1334 audit(1719903330.850:390): prog-id=99 op=LOAD [ 79.059202] audit: type=1334 audit(1719903330.850:391): prog-id=100 op=LOAD [ 79.060901] audit: type=1300 audit(1719903330.850:391): arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c000131988 a2=78 a3=0 items=0 ppid=3133 pid=3143 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/usr/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 79.063961] audit: type=1327 audit(1719903330.850:391): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6663366236623237316338666232633431646338336235313137316164 [ 79.067785] audit: type=1334 audit(1719903330.850:392): prog-id=101 op=LOAD [ 79.068712] audit: type=1300 audit(1719903330.850:392): arch=c000003e syscall=321 success=yes exit=18 a0=5 a1=c000131720 a2=78 a3=0 items=0 ppid=3133 pid=3143 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/usr/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 79.072149] audit: type=1327 audit(1719903330.850:392): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6663366236623237316338666232633431646338336235313137316164 [ 79.075759] audit: type=1334 audit(1719903330.851:393): prog-id=101 op=UNLOAD [ 79.077144] audit: type=1334 audit(1719903330.851:394): prog-id=100 op=UNLOAD [ 79.078171] audit: type=1334 audit(1719903330.851:395): prog-id=102 op=LOAD [ 84.596997] kauditd_printk_skb: 190 callbacks suppressed [ 84.597000] audit: type=1325 audit(1719903336.388:464): table=filter:89 family=2 entries=15 op=nft_register_rule pid=3412 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 84.599209] audit: type=1300 audit(1719903336.388:464): arch=c000003e syscall=46 success=yes exit=5908 a0=3 a1=7ffed03981d0 a2=0 a3=7ffed03981bc items=0 ppid=3225 pid=3412 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 84.602180] audit: type=1327 audit(1719903336.388:464): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 84.604084] audit: type=1325 audit(1719903336.389:465): table=nat:90 family=2 entries=12 op=nft_register_rule pid=3412 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 84.605846] audit: type=1300 audit(1719903336.389:465): arch=c000003e syscall=46 success=yes exit=2700 a0=3 a1=7ffed03981d0 a2=0 a3=0 items=0 ppid=3225 pid=3412 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 84.609072] audit: type=1327 audit(1719903336.389:465): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 84.614035] audit: type=1325 audit(1719903336.404:466): table=filter:91 family=2 entries=16 op=nft_register_rule pid=3414 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 84.623763] audit: type=1300 audit(1719903336.404:466): arch=c000003e syscall=46 success=yes exit=5908 a0=3 a1=7ffddd8dbba0 a2=0 a3=7ffddd8dbb8c items=0 ppid=3225 pid=3414 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 84.634089] audit: type=1327 audit(1719903336.404:466): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 84.637923] audit: type=1325 audit(1719903336.405:467): table=nat:92 family=2 entries=12 op=nft_register_rule pid=3414 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 90.760841] kauditd_printk_skb: 44 callbacks suppressed [ 90.760844] audit: type=1334 audit(1719903342.552:488): prog-id=125 op=LOAD [ 90.764327] audit: type=1334 audit(1719903342.556:489): prog-id=126 op=LOAD [ 90.765559] audit: type=1300 audit(1719903342.556:489): arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c00018d988 a2=78 a3=0 items=0 ppid=3428 pid=3614 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/usr/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 90.777833] audit: type=1327 audit(1719903342.556:489): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3966303930666634383838376161363134376436626364326136643332 [ 90.781234] audit: type=1334 audit(1719903342.556:490): prog-id=127 op=LOAD [ 90.782230] audit: type=1300 audit(1719903342.556:490): arch=c000003e syscall=321 success=yes exit=18 a0=5 a1=c00018d720 a2=78 a3=0 items=0 ppid=3428 pid=3614 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/usr/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 90.786570] audit: type=1327 audit(1719903342.556:490): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3966303930666634383838376161363134376436626364326136643332 [ 90.790071] audit: type=1334 audit(1719903342.556:491): prog-id=127 op=UNLOAD [ 90.791235] audit: type=1334 audit(1719903342.556:492): prog-id=126 op=UNLOAD [ 90.792286] audit: type=1334 audit(1719903342.556:493): prog-id=128 op=LOAD [ 96.446672] kauditd_printk_skb: 2 callbacks suppressed [ 96.446674] audit: type=1334 audit(1719903348.238:494): prog-id=129 op=LOAD [ 96.448076] audit: type=1300 audit(1719903348.238:494): arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c0001a9988 a2=78 a3=0 items=0 ppid=3491 pid=3656 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/usr/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 96.450696] audit: type=1327 audit(1719903348.238:494): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3434363064363837383536303664623131393639653134623733656339 [ 96.454722] audit: type=1334 audit(1719903348.238:495): prog-id=130 op=LOAD [ 96.455622] audit: type=1300 audit(1719903348.238:495): arch=c000003e syscall=321 success=yes exit=17 a0=5 a1=c0001a9720 a2=78 a3=0 items=0 ppid=3491 pid=3656 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/usr/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 96.459130] audit: type=1327 audit(1719903348.238:495): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3434363064363837383536303664623131393639653134623733656339 [ 96.465359] audit: type=1334 audit(1719903348.238:496): prog-id=130 op=UNLOAD [ 96.466065] audit: type=1334 audit(1719903348.238:497): prog-id=129 op=UNLOAD [ 96.466746] audit: type=1334 audit(1719903348.238:498): prog-id=131 op=LOAD [ 96.467761] audit: type=1300 audit(1719903348.238:498): arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c0001a9be0 a2=78 a3=0 items=0 ppid=3491 pid=3656 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/usr/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 106.199668] kauditd_printk_skb: 2 callbacks suppressed [ 106.199671] audit: type=1334 audit(1719903357.992:500): prog-id=132 op=LOAD [ 106.201733] audit: type=1300 audit(1719903357.992:500): arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c0001a9988 a2=78 a3=0 items=0 ppid=3491 pid=3934 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/usr/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 106.204696] audit: type=1327 audit(1719903357.992:500): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6131393366393333356266316537616263316165333062666563326233 [ 106.207523] audit: type=1334 audit(1719903357.995:501): prog-id=133 op=LOAD [ 106.208318] audit: type=1300 audit(1719903357.995:501): arch=c000003e syscall=321 success=yes exit=17 a0=5 a1=c0001a9720 a2=78 a3=0 items=0 ppid=3491 pid=3934 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/usr/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 106.211213] audit: type=1327 audit(1719903357.995:501): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6131393366393333356266316537616263316165333062666563326233 [ 106.214424] audit: type=1334 audit(1719903357.995:502): prog-id=133 op=UNLOAD [ 106.215939] audit: type=1334 audit(1719903357.995:503): prog-id=132 op=UNLOAD [ 106.216764] audit: type=1334 audit(1719903357.995:504): prog-id=134 op=LOAD [ 106.217600] audit: type=1300 audit(1719903357.995:504): arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c0001a9be0 a2=78 a3=0 items=0 ppid=3491 pid=3934 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/usr/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 106.387877] wireguard: WireGuard 1.0.0 loaded. See www.wireguard.com for information. [ 106.388503] wireguard: Copyright (C) 2015-2019 Jason A. Donenfeld . All Rights Reserved. [ 111.456164] IPv6: ADDRCONF(NETDEV_CHANGE): cali48c289404f6: link becomes ready This is ip-172-31-28-45 (Linux x86_64 6.1.96-flatcar) 06:56:03 SSH host key: SHA256:NRz0U8gTjpKaUsnXma5cPtDpw1n1i8CK3a6O0TgRtWk (ED25519) SSH host key: SHA256:6B5eeGF2p+IDeT47qXYVqaEcF2Y2UY8nrQ4c3dn1h4M (RSA) SSH host key: SHA256:Lq8b2eUmhIFrsgdcjbTJKHM+MCsyNf8pozYyzDacXJc (ECDSA) eth0: 172.31.28.45 fe80::469:e9ff:fe85:b787 ip-172-31-28-45 login: [ 111.543163] kauditd_printk_skb: 82 callbacks suppressed [ 111.543166] audit: type=1325 audit(1719903363.336:530): table=filter:105 family=2 entries=34 op=nft_register_chain pid=4339 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" [ 111.545858] audit: type=1300 audit(1719903363.336:530): arch=c000003e syscall=46 success=yes exit=19148 a0=3 a1=7ffd2c43a890 a2=0 a3=7ffd2c43a87c items=0 ppid=4168 pid=4339 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 111.550500] audit: type=1327 audit(1719903363.336:530): proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 [ 111.674501] audit: type=1334 audit(1719903363.467:531): prog-id=139 op=LOAD [ 111.675830] audit: type=1334 audit(1719903363.469:532): prog-id=140 op=LOAD [ 111.677019] audit: type=1300 audit(1719903363.469:532): arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c00018d988 a2=78 a3=0 items=0 ppid=4350 pid=4360 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/usr/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 111.680649] audit: type=1327 audit(1719903363.469:532): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3234373631356533626634386166616535356361336262393937336565 [ 111.684567] audit: type=1334 audit(1719903363.469:533): prog-id=141 op=LOAD [ 111.685629] audit: type=1300 audit(1719903363.469:533): arch=c000003e syscall=321 success=yes exit=18 a0=5 a1=c00018d720 a2=78 a3=0 items=0 ppid=4350 pid=4360 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/usr/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 111.688359] audit: type=1327 audit(1719903363.469:533): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3234373631356533626634386166616535356361336262393937336565 [ 112.499944] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 112.500777] IPv6: ADDRCONF(NETDEV_CHANGE): cali280ec6a83d6: link becomes ready This is ip-172-31-28-45 (Linux x86_64 6.1.96-flatcar) 06:56:04 SSH host key: SHA256:NRz0U8gTjpKaUsnXma5cPtDpw1n1i8CK3a6O0TgRtWk (ED25519) SSH host key: SHA256:6B5eeGF2p+IDeT47qXYVqaEcF2Y2UY8nrQ4c3dn1h4M (RSA) SSH host key: SHA256:Lq8b2eUmhIFrsgdcjbTJKHM+MCsyNf8pozYyzDacXJc (ECDSA) eth0: 172.31.28.45 fe80::469:e9ff:fe85:b787 ip-172-31-28-45 login: [ 113.625041] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 113.625885] IPv6: ADDRCONF(NETDEV_CHANGE): cali6cc98a374af: link becomes ready This is ip-172-31-28-45 (Linux x86_64 6.1.96-flatcar) 06:56:05 SSH host key: SHA256:NRz0U8gTjpKaUsnXma5cPtDpw1n1i8CK3a6O0TgRtWk (ED25519) SSH host key: SHA256:6B5eeGF2p+IDeT47qXYVqaEcF2Y2UY8nrQ4c3dn1h4M (RSA) SSH host key: SHA256:Lq8b2eUmhIFrsgdcjbTJKHM+MCsyNf8pozYyzDacXJc (ECDSA) eth0: 172.31.28.45 fe80::469:e9ff:fe85:b787 ip-172-31-28-45 login: This is ip-172-31-28-45 (Linux x86_64 6.1.96-flatcar) 06:56:06 SSH host key: SHA256:NRz0U8gTjpKaUsnXma5cPtDpw1n1i8CK3a6O0TgRtWk (ED25519) SSH host key: SHA256:6B5eeGF2p+IDeT47qXYVqaEcF2Y2UY8nrQ4c3dn1h4M (RSA) SSH host key: SHA256:Lq8b2eUmhIFrsgdcjbTJKHM+MCsyNf8pozYyzDacXJc (ECDSA) eth0: 172.31.28.45 fe80::469:e9ff:fe85:b787 ip-172-31-28-45 login: [ 115.567506] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 115.568685] IPv6: ADDRCONF(NETDEV_CHANGE): calic25b8dfc488: link becomes ready This is ip-172-31-28-45 (Linux x86_64 6.1.96-flatcar) 06:56:07 SSH host key: SHA256:NRz0U8gTjpKaUsnXma5cPtDpw1n1i8CK3a6O0TgRtWk (ED25519) SSH host key: SHA256:6B5eeGF2p+IDeT47qXYVqaEcF2Y2UY8nrQ4c3dn1h4M (RSA) SSH host key: SHA256:Lq8b2eUmhIFrsgdcjbTJKHM+MCsyNf8pozYyzDacXJc (ECDSA) eth0: 172.31.28.45 fe80::469:e9ff:fe85:b787 ip-172-31-28-45 login: [ 117.434872] kauditd_printk_skb: 97 callbacks suppressed [ 117.434876] audit: type=1334 audit(1719903369.226:583): prog-id=163 op=LOAD [ 117.436191] audit: type=1334 audit(1719903369.228:584): prog-id=164 op=LOAD [ 117.437022] audit: type=1300 audit(1719903369.228:584): arch=c000003e syscall=321 success=yes exit=16 a0=5 a1=c000131988 a2=78 a3=0 items=0 ppid=4491 pid=4807 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/usr/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 117.439990] audit: type=1327 audit(1719903369.228:584): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3230313164623532316432663739323637326166306534636462343333 [ 117.443979] audit: type=1334 audit(1719903369.228:585): prog-id=165 op=LOAD [ 117.444798] audit: type=1300 audit(1719903369.228:585): arch=c000003e syscall=321 success=yes exit=18 a0=5 a1=c000131720 a2=78 a3=0 items=0 ppid=4491 pid=4807 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/usr/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 117.451970] audit: type=1327 audit(1719903369.228:585): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F3230313164623532316432663739323637326166306534636462343333 [ 117.456981] audit: type=1334 audit(1719903369.228:586): prog-id=165 op=UNLOAD [ 117.457776] audit: type=1334 audit(1719903369.228:587): prog-id=164 op=UNLOAD [ 117.458586] audit: type=1334 audit(1719903369.228:588): prog-id=166 op=LOAD This is ip-172-31-28-45 (Linux x86_64 6.1.96-flatcar) 06:56:09 SSH host key: SHA256:NRz0U8gTjpKaUsnXma5cPtDpw1n1i8CK3a6O0TgRtWk (ED25519) SSH host key: SHA256:6B5eeGF2p+IDeT47qXYVqaEcF2Y2UY8nrQ4c3dn1h4M (RSA) SSH host key: SHA256:Lq8b2eUmhIFrsgdcjbTJKHM+MCsyNf8pozYyzDacXJc (ECDSA) eth0: 172.31.28.45 fe80::469:e9ff:fe85:b787 ip-172-31-28-45 login: [ 124.303556] kauditd_printk_skb: 71 callbacks suppressed [ 124.303559] audit: type=1400 audit(1719903376.096:620): avc: denied { watch } for pid=2833 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="overlay" ino=7796 scontext=system_u:system_r:container_t:s0:c333,c374 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 124.306615] audit: type=1300 audit(1719903376.096:620): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c000eb68a0 a2=fc6 a3=0 items=0 ppid=2673 pid=2833 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:container_t:s0:c333,c374 key=(null) [ 124.310038] audit: type=1327 audit(1719903376.096:620): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 124.314120] audit: type=1400 audit(1719903376.096:621): avc: denied { watch } for pid=2833 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="overlay" ino=7796 scontext=system_u:system_r:container_t:s0:c333,c374 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 124.317326] audit: type=1300 audit(1719903376.096:621): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c000e0c580 a2=fc6 a3=0 items=0 ppid=2673 pid=2833 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:container_t:s0:c333,c374 key=(null) [ 124.321207] audit: type=1327 audit(1719903376.096:621): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 124.324463] audit: type=1400 audit(1719903376.109:622): avc: denied { watch } for pid=2833 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="overlay" ino=7796 scontext=system_u:system_r:container_t:s0:c333,c374 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 124.328188] audit: type=1300 audit(1719903376.109:622): arch=c000003e syscall=254 success=no exit=-13 a0=a a1=c000eb6ac0 a2=fc6 a3=0 items=0 ppid=2673 pid=2833 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="kube-controller" exe="/usr/local/bin/kube-controller-manager" subj=system_u:system_r:container_t:s0:c333,c374 key=(null) [ 124.334438] audit: type=1327 audit(1719903376.109:622): proctitle=6B7562652D636F6E74726F6C6C65722D6D616E61676572002D2D616C6C6F636174652D6E6F64652D63696472733D74727565002D2D61757468656E7469636174696F6E2D6B756265636F6E6669673D2F6574632F6B756265726E657465732F636F6E74726F6C6C65722D6D616E616765722E636F6E66002D2D617574686F7269 [ 124.338168] audit: type=1400 audit(1719903376.109:623): avc: denied { watch } for pid=2833 comm="kube-controller" path="/etc/kubernetes/pki/ca.crt" dev="overlay" ino=7796 scontext=system_u:system_r:container_t:s0:c333,c374 tcontext=system_u:object_r:etc_t:s0 tclass=file permissive=0 [ 132.736972] kauditd_printk_skb: 35 callbacks suppressed [ 132.736976] audit: type=1130 audit(1719903384.527:651): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@12-172.31.28.45:22-139.178.89.65:58228 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 132.906259] audit: type=1101 audit(1719903384.697:652): pid=5255 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 132.909056] audit: type=1103 audit(1719903384.697:653): pid=5255 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 132.913341] audit: type=1006 audit(1719903384.697:654): pid=5255 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=13 res=1 [ 132.915426] audit: type=1300 audit(1719903384.697:654): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd52bdd910 a2=3 a3=7fd542c8e480 items=0 ppid=1 pid=5255 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=13 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 132.919574] audit: type=1327 audit(1719903384.697:654): proctitle=737368643A20636F7265205B707269765D [ 132.940019] audit: type=1105 audit(1719903384.731:655): pid=5255 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 132.944124] audit: type=1103 audit(1719903384.735:656): pid=5257 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 133.206589] audit: type=1106 audit(1719903384.997:657): pid=5255 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 133.211934] audit: type=1104 audit(1719903384.997:658): pid=5255 uid=0 auid=500 ses=13 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 138.243818] kauditd_printk_skb: 1 callbacks suppressed [ 138.243821] audit: type=1130 audit(1719903390.034:660): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@13-172.31.28.45:22-139.178.89.65:34830 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 138.412918] audit: type=1101 audit(1719903390.203:661): pid=5292 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 138.415660] audit: type=1103 audit(1719903390.203:662): pid=5292 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 138.419281] audit: type=1006 audit(1719903390.203:663): pid=5292 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=14 res=1 [ 138.422118] audit: type=1300 audit(1719903390.203:663): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffee41dc830 a2=3 a3=7fb04518a480 items=0 ppid=1 pid=5292 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 138.425548] audit: type=1327 audit(1719903390.203:663): proctitle=737368643A20636F7265205B707269765D [ 138.435882] audit: type=1105 audit(1719903390.226:664): pid=5292 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 138.445281] audit: type=1103 audit(1719903390.234:665): pid=5294 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 138.664453] audit: type=1106 audit(1719903390.455:666): pid=5292 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 138.667865] audit: type=1104 audit(1719903390.455:667): pid=5292 uid=0 auid=500 ses=14 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 143.698356] kauditd_printk_skb: 1 callbacks suppressed [ 143.698359] audit: type=1130 audit(1719903395.489:669): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@14-172.31.28.45:22-139.178.89.65:34834 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 143.862008] audit: type=1101 audit(1719903395.652:670): pid=5313 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 143.865769] audit: type=1103 audit(1719903395.654:671): pid=5313 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 143.869704] audit: type=1006 audit(1719903395.654:672): pid=5313 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=15 res=1 [ 143.873095] audit: type=1300 audit(1719903395.654:672): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd64379380 a2=3 a3=7f2bf47ce480 items=0 ppid=1 pid=5313 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=15 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 143.879786] audit: type=1327 audit(1719903395.654:672): proctitle=737368643A20636F7265205B707269765D [ 143.913286] audit: type=1105 audit(1719903395.704:673): pid=5313 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 143.919179] audit: type=1103 audit(1719903395.710:674): pid=5315 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 144.164818] audit: type=1106 audit(1719903395.953:675): pid=5313 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 144.173966] audit: type=1104 audit(1719903395.953:676): pid=5313 uid=0 auid=500 ses=15 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 149.197954] kauditd_printk_skb: 1 callbacks suppressed [ 149.197956] audit: type=1130 audit(1719903400.988:678): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@15-172.31.28.45:22-139.178.89.65:34736 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 149.397278] audit: type=1101 audit(1719903401.188:679): pid=5324 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 149.401421] audit: type=1103 audit(1719903401.192:680): pid=5324 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 149.404445] audit: type=1006 audit(1719903401.192:681): pid=5324 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=16 res=1 [ 149.406972] audit: type=1300 audit(1719903401.192:681): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff05a1d8a0 a2=3 a3=7fb3bb448480 items=0 ppid=1 pid=5324 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=16 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 149.410435] audit: type=1327 audit(1719903401.192:681): proctitle=737368643A20636F7265205B707269765D [ 149.430437] audit: type=1105 audit(1719903401.220:682): pid=5324 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 149.436112] audit: type=1103 audit(1719903401.226:683): pid=5326 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 150.027662] audit: type=1106 audit(1719903401.818:684): pid=5324 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 150.032419] audit: type=1104 audit(1719903401.822:685): pid=5324 uid=0 auid=500 ses=16 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 154.221681] kauditd_printk_skb: 41 callbacks suppressed [ 154.221684] audit: type=1105 audit(1719903406.012:713): pid=5394 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 154.229918] audit: type=1103 audit(1719903406.020:714): pid=5396 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 154.985159] audit: type=1106 audit(1719903406.775:715): pid=5394 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 154.989723] audit: type=1104 audit(1719903406.776:716): pid=5394 uid=0 auid=500 ses=19 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 154.991934] audit: type=1131 audit(1719903406.778:717): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@18-172.31.28.45:22-139.178.89.65:34748 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 155.018250] audit: type=1130 audit(1719903406.808:718): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@19-172.31.28.45:22-139.178.89.65:34750 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 155.184983] audit: type=1101 audit(1719903406.975:719): pid=5404 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 155.187854] audit: type=1103 audit(1719903406.977:720): pid=5404 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 155.190363] audit: type=1006 audit(1719903406.977:721): pid=5404 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=20 res=1 [ 155.192759] audit: type=1300 audit(1719903406.977:721): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffd557a9f60 a2=3 a3=7f81aebee480 items=0 ppid=1 pid=5404 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=20 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 160.461296] kauditd_printk_skb: 6 callbacks suppressed [ 160.461299] audit: type=1130 audit(1719903412.252:727): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@20-172.31.28.45:22-139.178.89.65:56946 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 160.658492] audit: type=1101 audit(1719903412.450:728): pid=5437 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 160.662143] audit: type=1103 audit(1719903412.450:729): pid=5437 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 160.665004] audit: type=1006 audit(1719903412.450:730): pid=5437 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=21 res=1 [ 160.667254] audit: type=1300 audit(1719903412.450:730): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffdb552f0c0 a2=3 a3=7fb29fe4f480 items=0 ppid=1 pid=5437 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=21 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 160.671209] audit: type=1327 audit(1719903412.450:730): proctitle=737368643A20636F7265205B707269765D [ 160.687914] audit: type=1105 audit(1719903412.479:731): pid=5437 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 160.694614] audit: type=1103 audit(1719903412.484:732): pid=5439 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 160.904587] audit: type=1106 audit(1719903412.696:733): pid=5437 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 160.907717] audit: type=1104 audit(1719903412.696:734): pid=5437 uid=0 auid=500 ses=21 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 165.939271] kauditd_printk_skb: 7 callbacks suppressed [ 165.939274] audit: type=1130 audit(1719903417.730:738): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@21-172.31.28.45:22-139.178.89.65:56950 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 166.152382] audit: type=1101 audit(1719903417.943:739): pid=5457 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 166.156114] audit: type=1103 audit(1719903417.943:740): pid=5457 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 166.159561] audit: type=1006 audit(1719903417.943:741): pid=5457 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=22 res=1 [ 166.162362] audit: type=1300 audit(1719903417.943:741): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffc60a72870 a2=3 a3=7f83f7a31480 items=0 ppid=1 pid=5457 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=22 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 166.165714] audit: type=1327 audit(1719903417.943:741): proctitle=737368643A20636F7265205B707269765D [ 166.198658] audit: type=1105 audit(1719903417.990:742): pid=5457 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 166.203038] audit: type=1103 audit(1719903417.994:743): pid=5459 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 166.472842] audit: type=1106 audit(1719903418.264:744): pid=5457 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 166.476738] audit: type=1104 audit(1719903418.265:745): pid=5457 uid=0 auid=500 ses=22 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 171.249271] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 171.249998] IPv6: ADDRCONF(NETDEV_CHANGE): cali2bf85da09a7: link becomes ready [ 171.314265] kauditd_printk_skb: 13 callbacks suppressed [ 171.314268] audit: type=1325 audit(1719903423.104:751): table=filter:127 family=2 entries=61 op=nft_register_chain pid=5510 subj=system_u:system_r:kernel_t:s0 comm="iptables-nft-re" [ 171.316922] audit: type=1300 audit(1719903423.104:751): arch=c000003e syscall=46 success=yes exit=30316 a0=3 a1=7ffed6a43400 a2=0 a3=7ffed6a433ec items=0 ppid=4168 pid=5510 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-nft-re" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 171.320657] audit: type=1327 audit(1719903423.104:751): proctitle=69707461626C65732D6E66742D726573746F7265002D2D6E6F666C757368002D2D766572626F7365002D2D77616974003130002D2D776169742D696E74657276616C003530303030 [ 171.440570] audit: type=1334 audit(1719903423.232:752): prog-id=173 op=LOAD [ 171.441372] audit: type=1334 audit(1719903423.232:753): prog-id=174 op=LOAD [ 171.442193] audit: type=1300 audit(1719903423.232:753): arch=c000003e syscall=321 success=yes exit=15 a0=5 a1=c0001ab988 a2=78 a3=0 items=0 ppid=5519 pid=5531 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/usr/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 171.445202] audit: type=1327 audit(1719903423.232:753): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6531616235363337353364636239326563333665643334313830353532 [ 171.449146] audit: type=1334 audit(1719903423.232:754): prog-id=175 op=LOAD [ 171.449897] audit: type=1300 audit(1719903423.232:754): arch=c000003e syscall=321 success=yes exit=17 a0=5 a1=c0001ab720 a2=78 a3=0 items=0 ppid=5519 pid=5531 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="runc" exe="/usr/bin/runc" subj=system_u:system_r:kernel_t:s0 key=(null) [ 171.452525] audit: type=1327 audit(1719903423.232:754): proctitle=72756E63002D2D726F6F74002F72756E2F636F6E7461696E6572642F72756E632F6B38732E696F002D2D6C6F67002F72756E2F636F6E7461696E6572642F696F2E636F6E7461696E6572642E72756E74696D652E76322E7461736B2F6B38732E696F2F6531616235363337353364636239326563333665643334313830353532 This is ip-172-31-28-45 (Linux x86_64 6.1.96-flatcar) 06:57:05 SSH host key: SHA256:NRz0U8gTjpKaUsnXma5cPtDpw1n1i8CK3a6O0TgRtWk (ED25519) SSH host key: SHA256:6B5eeGF2p+IDeT47qXYVqaEcF2Y2UY8nrQ4c3dn1h4M (RSA) SSH host key: SHA256:Lq8b2eUmhIFrsgdcjbTJKHM+MCsyNf8pozYyzDacXJc (ECDSA) eth0: 172.31.28.45 fe80::469:e9ff:fe85:b787 ip-172-31-28-45 login: [ 176.829877] kauditd_printk_skb: 40 callbacks suppressed [ 176.829880] audit: type=1325 audit(1719903428.621:777): table=filter:132 family=2 entries=9 op=nft_register_rule pid=5620 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 176.835221] audit: type=1300 audit(1719903428.621:777): arch=c000003e syscall=46 success=yes exit=2932 a0=3 a1=7fff97f77f20 a2=0 a3=7fff97f77f0c items=0 ppid=3225 pid=5620 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 176.840788] audit: type=1327 audit(1719903428.621:777): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 176.845454] audit: type=1325 audit(1719903428.625:778): table=nat:133 family=2 entries=51 op=nft_register_chain pid=5620 subj=system_u:system_r:kernel_t:s0 comm="iptables-restor" [ 176.847883] audit: type=1300 audit(1719903428.625:778): arch=c000003e syscall=46 success=yes exit=18564 a0=3 a1=7fff97f77f20 a2=0 a3=7fff97f77f0c items=0 ppid=3225 pid=5620 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables-restor" exe="/usr/sbin/xtables-nft-multi" subj=system_u:system_r:kernel_t:s0 key=(null) [ 176.851101] audit: type=1327 audit(1719903428.625:778): proctitle=69707461626C65732D726573746F7265002D770035002D5700313030303030002D2D6E6F666C757368002D2D636F756E74657273 [ 177.371570] audit: type=1130 audit(1719903429.162:779): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@23-172.31.28.45:22-139.178.89.65:55912 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 177.570424] audit: type=1101 audit(1719903429.359:780): pid=5622 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 177.573325] audit: type=1103 audit(1719903429.364:781): pid=5622 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 177.576720] audit: type=1006 audit(1719903429.364:782): pid=5622 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=24 res=1 [ 183.451487] kauditd_printk_skb: 31 callbacks suppressed [ 183.451489] audit: type=1130 audit(1719903435.242:796): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@24-172.31.28.45:22-139.178.89.65:55924 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 183.662338] audit: type=1101 audit(1719903435.453:797): pid=5640 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 183.668193] audit: type=1103 audit(1719903435.456:798): pid=5640 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 183.674324] audit: type=1006 audit(1719903435.456:799): pid=5640 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=25 res=1 [ 183.688529] audit: type=1300 audit(1719903435.456:799): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fff1e99bbf0 a2=3 a3=7fcedb85d480 items=0 ppid=1 pid=5640 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=25 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 183.699290] audit: type=1327 audit(1719903435.456:799): proctitle=737368643A20636F7265205B707269765D [ 183.729506] audit: type=1105 audit(1719903435.519:800): pid=5640 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 183.746434] audit: type=1103 audit(1719903435.537:801): pid=5650 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 184.202715] audit: type=1106 audit(1719903435.994:802): pid=5640 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 184.217871] audit: type=1104 audit(1719903436.006:803): pid=5640 uid=0 auid=500 ses=25 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 189.238292] kauditd_printk_skb: 13 callbacks suppressed [ 189.238295] audit: type=1130 audit(1719903441.029:809): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@25-172.31.28.45:22-139.178.89.65:54522 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 189.404448] audit: type=1101 audit(1719903441.195:810): pid=5695 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 189.407979] audit: type=1103 audit(1719903441.199:811): pid=5695 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 189.410941] audit: type=1006 audit(1719903441.199:812): pid=5695 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=26 res=1 [ 189.413153] audit: type=1300 audit(1719903441.199:812): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7ffee35e7cf0 a2=3 a3=7f08af577480 items=0 ppid=1 pid=5695 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=26 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 189.417777] audit: type=1327 audit(1719903441.199:812): proctitle=737368643A20636F7265205B707269765D [ 189.438564] audit: type=1105 audit(1719903441.230:813): pid=5695 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 189.443071] audit: type=1103 audit(1719903441.234:814): pid=5697 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 189.705107] audit: type=1106 audit(1719903441.496:815): pid=5695 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 189.708369] audit: type=1104 audit(1719903441.496:816): pid=5695 uid=0 auid=500 ses=26 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 194.740317] kauditd_printk_skb: 1 callbacks suppressed [ 194.740320] audit: type=1130 audit(1719903446.531:818): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='unit=sshd@26-172.31.28.45:22-139.178.89.65:54526 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 194.938767] audit: type=1101 audit(1719903446.730:819): pid=5715 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_faillock,pam_permit acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 194.941735] audit: type=1103 audit(1719903446.730:820): pid=5715 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 194.944517] audit: type=1006 audit(1719903446.730:821): pid=5715 uid=0 subj=system_u:system_r:kernel_t:s0 old-auid=4294967295 auid=500 tty=(none) old-ses=4294967295 ses=27 res=1 [ 194.947844] audit: type=1300 audit(1719903446.730:821): arch=c000003e syscall=1 success=yes exit=3 a0=5 a1=7fffd325b260 a2=3 a3=7f9378b34480 items=0 ppid=1 pid=5715 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=27 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:kernel_t:s0 key=(null) [ 194.952207] audit: type=1327 audit(1719903446.730:821): proctitle=737368643A20636F7265205B707269765D [ 194.972617] audit: type=1105 audit(1719903446.764:822): pid=5715 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 194.976272] audit: type=1103 audit(1719903446.767:823): pid=5717 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 195.260493] audit: type=1106 audit(1719903447.051:824): pid=5715 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_lastlog,pam_limits,pam_env,pam_unix,pam_permit,pam_systemd,pam_mail acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success' [ 195.264344] audit: type=1104 audit(1719903447.051:825): pid=5715 uid=0 auid=500 ses=27 subj=system_u:system_r:kernel_t:s0 msg='op=PAM:setcred grantors=pam_env,pam_faillock,pam_unix acct="core" exe="/usr/sbin/sshd" hostname=139.178.89.65 addr=139.178.89.65 terminal=ssh res=success'