type=DAEMON_START msg=audit(1759764870.799:3532): op=start ver=3.1.5 format=enriched kernel=5.14.0-620.el9.x86_64 auid=4294967295 pid=1028 uid=0 ses=4294967295 subj=system_u:system_r:auditd_t:s0 res=successAUID="unset" UID="root" type=SERVICE_START msg=audit(1759764870.818:4): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rpcbind comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764870.826:5): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=ldconfig comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764870.832:6): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-journal-catalog-update comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=CONFIG_CHANGE msg=audit(1759764870.851:7): op=set audit_backlog_limit=8192 old=64 auid=4294967295 ses=4294967295 subj=system_u:system_r:unconfined_service_t:s0 res=1AUID="unset" type=SYSCALL msg=audit(1759764870.851:7): arch=c000003e syscall=44 success=yes exit=60 a0=3 a1=7ffed4407800 a2=3c a3=0 items=0 ppid=1033 pid=1049 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="auditctl" exe="/usr/sbin/auditctl" subj=system_u:system_r:unconfined_service_t:s0 key=(null)ARCH=x86_64 SYSCALL=sendto AUID="unset" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1759764870.851:7): proctitle=2F7362696E2F617564697463746C002D52002F6574632F61756469742F61756469742E72756C6573 type=CONFIG_CHANGE msg=audit(1759764870.851:8): op=set audit_failure=1 old=1 auid=4294967295 ses=4294967295 subj=system_u:system_r:unconfined_service_t:s0 res=1AUID="unset" type=SYSCALL msg=audit(1759764870.851:8): arch=c000003e syscall=44 success=yes exit=60 a0=3 a1=7ffed4407800 a2=3c a3=0 items=0 ppid=1033 pid=1049 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="auditctl" exe="/usr/sbin/auditctl" subj=system_u:system_r:unconfined_service_t:s0 key=(null)ARCH=x86_64 SYSCALL=sendto AUID="unset" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1759764870.851:8): proctitle=2F7362696E2F617564697463746C002D52002F6574632F61756469742F61756469742E72756C6573 type=CONFIG_CHANGE msg=audit(1759764870.851:9): op=set audit_backlog_wait_time=60000 old=60000 auid=4294967295 ses=4294967295 subj=system_u:system_r:unconfined_service_t:s0 res=1AUID="unset" type=SYSCALL msg=audit(1759764870.851:9): arch=c000003e syscall=44 success=yes exit=60 a0=3 a1=7ffed4407800 a2=3c a3=0 items=0 ppid=1033 pid=1049 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="auditctl" exe="/usr/sbin/auditctl" subj=system_u:system_r:unconfined_service_t:s0 key=(null)ARCH=x86_64 SYSCALL=sendto AUID="unset" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1759764870.851:9): proctitle=2F7362696E2F617564697463746C002D52002F6574632F61756469742F61756469742E72756C6573 type=SERVICE_START msg=audit(1759764870.875:10): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=auditd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SYSTEM_BOOT msg=audit(1759764870.889:11): pid=1056 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="systemd-update-utmp" exe="/usr/lib/systemd/systemd-update-utmp" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764870.895:12): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-done comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764870.913:13): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-utmp comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=BPF msg=audit(1759764870.943:14): prog-id=18 op=LOAD type=SERVICE_START msg=audit(1759764871.012:15): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=dbus-broker comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=BPF msg=audit(1759764871.018:16): prog-id=19 op=LOAD type=BPF msg=audit(1759764871.049:17): prog-id=20 op=LOAD type=BPF msg=audit(1759764871.049:18): prog-id=21 op=LOAD type=SERVICE_START msg=audit(1759764871.060:19): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=irqbalance comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764871.071:20): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=qemu-guest-agent comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764871.085:21): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rngd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=BPF msg=audit(1759764871.116:22): prog-id=22 op=LOAD type=BPF msg=audit(1759764871.117:23): prog-id=23 op=LOAD type=BPF msg=audit(1759764871.117:24): prog-id=24 op=LOAD type=SERVICE_START msg=audit(1759764871.127:25): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=chronyd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764871.131:26): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=dracut-shutdown comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764871.135:27): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sysstat comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764871.185:28): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-logind comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=BPF msg=audit(1759764871.998:29): prog-id=25 op=LOAD type=BPF msg=audit(1759764871.998:30): prog-id=26 op=LOAD type=SERVICE_START msg=audit(1759764872.080:31): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764872.221:32): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=cloud-init-local comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764872.630:33): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=ovsdb-server comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764872.676:34): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=ovs-delete-transient-ports comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764872.974:35): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=ovs-vswitchd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764872.999:36): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=openvswitch comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764873.120:37): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764873.171:38): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-wait-online comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764873.177:39): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=dynamic-login comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1759764873.177:40): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=dynamic-login comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764873.182:41): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=gssproxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764873.185:42): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764873.818:43): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=tuned comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764873.829:44): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=polkit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=ADD_GROUP msg=audit(1759764873.997:45): pid=1547 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:cloud_init_t:s0 msg='op=add-group acct="cloud-admin" exe="/usr/sbin/useradd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=ADD_USER msg=audit(1759764874.001:46): pid=1547 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:cloud_init_t:s0 msg='op=add-user acct="cloud-admin" exe="/usr/sbin/useradd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=USER_MGMT msg=audit(1759764874.086:47): pid=1547 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:cloud_init_t:s0 msg='op=add-home-dir id=1000 exe="/usr/sbin/useradd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" ID="cloud-admin" type=ACCT_LOCK msg=audit(1759764874.129:48): pid=1554 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:passwd_t:s0 msg='op=locked-password id=1000 exe="/usr/bin/passwd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" ID="cloud-admin" type=SERVICE_START msg=audit(1759764874.560:49): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=cloud-init comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764874.612:50): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sshd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764874.616:51): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rpc-statd-notify comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764874.620:52): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-user-sessions comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764874.636:53): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=crond comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764874.640:54): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=getty@tty1 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764874.667:55): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rsyslog comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SYSTEM_RUNLEVEL msg=audit(1759764874.707:56): pid=1574 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='old-level=N new-level=3 comm="systemd-update-utmp" exe="/usr/lib/systemd/systemd-update-utmp" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764874.710:57): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-utmp-runlevel comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1759764874.710:58): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-utmp-runlevel comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764875.010:59): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=cloud-config comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759764875.613:60): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=cloud-final comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1759764886.112:61): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1759764906.108:62): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=BPF msg=audit(1759764906.164:63): prog-id=26 op=UNLOAD type=BPF msg=audit(1759764906.164:64): prog-id=25 op=UNLOAD type=SERVICE_START msg=audit(1759765220.563:65): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sysstat-collect comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1759765220.563:66): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sysstat-collect comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759765810.564:67): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sysstat-collect comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1759765810.564:68): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sysstat-collect comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759765810.623:69): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-tmpfiles-clean comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1759765810.623:70): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-tmpfiles-clean comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759766420.556:71): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sysstat-collect comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1759766420.556:72): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sysstat-collect comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1759767020.560:73): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sysstat-collect comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1759767020.560:74): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sysstat-collect comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1759767295.386:75): pid=1646 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:92:11:d1:78:49:cb:dc:65:76:86:66:e3:4e:3b:b8:0a:23:85:0e:8f:eb:93:e0:a9:38:de:c3:14:ba:75:d1:12 direction=? spid=1646 suid=0 exe="/usr/libexec/openssh/sshd-session" hostname=? addr=192.168.122.1 terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_KEY_USER msg=audit(1759767295.386:76): pid=1646 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:69:47:f4:4a:fb:3c:12:bd:77:02:63:bb:94:2f:78:bf:a7:79:56:4e:e0:68:f0:ce:40:76:9b:36:39:dd:de:10 direction=? spid=1646 suid=0 exe="/usr/libexec/openssh/sshd-session" hostname=? addr=192.168.122.1 terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_KEY_USER msg=audit(1759767295.386:77): pid=1646 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:73:f2:ab:e3:cd:aa:e7:5e:cb:df:8e:2c:31:83:dc:12:de:98:57:ca:0e:ed:3b:21:14:50:37:5d:33:82:3b:6c direction=? spid=1646 suid=0 exe="/usr/libexec/openssh/sshd-session" hostname=? addr=192.168.122.1 terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1759767295.388:78): pid=1645 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac= pfs=curve25519-sha256 spid=1646 suid=74 rport=33598 laddr=192.168.122.100 lport=22 exe="/usr/libexec/openssh/sshd-session" hostname=? addr=192.168.122.1 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1759767295.388:79): pid=1645 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac= pfs=curve25519-sha256 spid=1646 suid=74 rport=33598 laddr=192.168.122.100 lport=22 exe="/usr/libexec/openssh/sshd-session" hostname=? addr=192.168.122.1 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1759767295.494:80): pid=1645 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="cloud-admin" exe="/usr/libexec/openssh/sshd-session" hostname=? addr=192.168.122.1 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1759767295.495:81): pid=1645 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:a9:19:e0:ba:03:c2:9c:60:0c:c7:0a:40:14:08:45:40:ae:e7:cc:79:8f:ae:c2:6a:ed:61:57:68:49:e8:91:3f exe="/usr/libexec/openssh/sshd-session" hostname=? addr=192.168.122.1 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1759767295.510:82): pid=1645 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="cloud-admin" exe="/usr/libexec/openssh/sshd-session" hostname=192.168.122.1 addr=192.168.122.1 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1759767295.511:83): pid=1645 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=1646 suid=74 rport=33598 laddr=192.168.122.100 lport=22 exe="/usr/libexec/openssh/sshd-session" hostname=? addr=192.168.122.1 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1759767295.514:84): pid=1645 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_localuser,pam_unix acct="cloud-admin" exe="/usr/libexec/openssh/sshd-session" hostname=192.168.122.1 addr=192.168.122.1 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1759767295.514:85): pid=1645 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=1 res=1UID="root" OLD-AUID="unset" AUID="cloud-admin" type=SYSCALL msg=audit(1759767295.514:85): arch=c000003e syscall=1 success=yes exit=4 a0=5 a1=7ffff7e61c50 a2=4 a3=3e8 items=0 ppid=1565 pid=1645 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=1 comm="sshd-session" exe="/usr/libexec/openssh/sshd-session" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="cloud-admin" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1759767295.514:85): proctitle=737368642D73657373696F6E3A20636C6F75642D61646D696E205B707269765D type=USER_ROLE_CHANGE msg=audit(1759767295.516:86): pid=1645 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/libexec/openssh/sshd-session" hostname=192.168.122.1 addr=192.168.122.1 terminal=ssh res=success'UID="root" AUID="cloud-admin" type=SERVICE_START msg=audit(1759767295.583:87): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=user-runtime-dir@1000 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1759767295.603:88): pid=1649 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='op=PAM:accounting grantors=pam_unix acct="cloud-admin" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=CRED_ACQ msg=audit(1759767295.603:89): pid=1649 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='op=PAM:setcred grantors=? acct="cloud-admin" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'UID="root" AUID="unset" type=USER_ROLE_CHANGE msg=audit(1759767295.604:90): pid=1649 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1759767295.604:91): pid=1649 uid=0 subj=system_u:system_r:init_t:s0 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=2 res=1UID="root" OLD-AUID="unset" AUID="cloud-admin" type=SYSCALL msg=audit(1759767295.604:91): arch=c000003e syscall=1 success=yes exit=4 a0=7 a1=7ffdb604f0c0 a2=4 a3=3e8 items=0 ppid=1 pid=1649 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="(systemd)" exe="/usr/lib/systemd/systemd" subj=system_u:system_r:init_t:s0 key=(null)ARCH=x86_64 SYSCALL=write AUID="cloud-admin" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1759767295.604:91): proctitle="(systemd)" type=USER_START msg=audit(1759767295.608:92): pid=1649 uid=0 auid=1000 ses=2 subj=system_u:system_r:init_t:s0 msg='op=PAM:session_open grantors=pam_selinux,pam_selinux,pam_loginuid,pam_keyinit,pam_umask,pam_namespace,pam_keyinit,pam_limits,pam_systemd,pam_unix acct="cloud-admin" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="cloud-admin" type=SERVICE_START msg=audit(1759767295.811:93): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=user@1000 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=USER_START msg=audit(1759767295.844:94): pid=1645 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="cloud-admin" exe="/usr/libexec/openssh/sshd-session" hostname=192.168.122.1 addr=192.168.122.1 terminal=ssh res=success'UID="root" AUID="cloud-admin" type=CRYPTO_KEY_USER msg=audit(1759767295.845:95): pid=1665 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:92:11:d1:78:49:cb:dc:65:76:86:66:e3:4e:3b:b8:0a:23:85:0e:8f:eb:93:e0:a9:38:de:c3:14:ba:75:d1:12 direction=? spid=1665 suid=0 exe="/usr/libexec/openssh/sshd-session" hostname=? addr=192.168.122.1 terminal=? res=success'UID="root" AUID="cloud-admin" SUID="root" type=CRYPTO_KEY_USER msg=audit(1759767295.846:96): pid=1665 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:69:47:f4:4a:fb:3c:12:bd:77:02:63:bb:94:2f:78:bf:a7:79:56:4e:e0:68:f0:ce:40:76:9b:36:39:dd:de:10 direction=? spid=1665 suid=0 exe="/usr/libexec/openssh/sshd-session" hostname=? addr=192.168.122.1 terminal=? res=success'UID="root" AUID="cloud-admin" SUID="root" type=CRYPTO_KEY_USER msg=audit(1759767295.846:97): pid=1665 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:73:f2:ab:e3:cd:aa:e7:5e:cb:df:8e:2c:31:83:dc:12:de:98:57:ca:0e:ed:3b:21:14:50:37:5d:33:82:3b:6c direction=? spid=1665 suid=0 exe="/usr/libexec/openssh/sshd-session" hostname=? addr=192.168.122.1 terminal=? res=success'UID="root" AUID="cloud-admin" SUID="root" type=CRED_ACQ msg=audit(1759767295.848:98): pid=1665 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_localuser,pam_unix acct="cloud-admin" exe="/usr/libexec/openssh/sshd-session" hostname=192.168.122.1 addr=192.168.122.1 terminal=ssh res=success'UID="root" AUID="cloud-admin" type=USER_LOGIN msg=audit(1759767295.891:99): pid=1645 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/libexec/openssh/sshd-session" hostname=? addr=192.168.122.1 terminal=ssh res=success'UID="root" AUID="cloud-admin" ID="cloud-admin" type=USER_START msg=audit(1759767295.891:100): pid=1645 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/libexec/openssh/sshd-session" hostname=? addr=192.168.122.1 terminal=ssh res=success'UID="root" AUID="cloud-admin" ID="cloud-admin" type=BPF msg=audit(1759767295.917:101): prog-id=27 op=LOAD type=BPF msg=audit(1759767295.917:102): prog-id=28 op=LOAD type=SERVICE_START msg=audit(1759767295.995:103): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1759767296.051:104): pid=1682 uid=1000 auid=1000 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="cloud-admin" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="cloud-admin" AUID="cloud-admin" type=USER_CMD msg=audit(1759767296.052:105): pid=1682 uid=1000 auid=1000 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='cwd="/home/cloud-admin" cmd=646E6620696E7374616C6C202D79207273796E63 exe="/usr/bin/sudo" terminal=? res=success'UID="cloud-admin" AUID="cloud-admin" type=CRED_REFR msg=audit(1759767296.055:106): pid=1682 uid=1000 auid=1000 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_localuser,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="cloud-admin" AUID="cloud-admin" type=USER_START msg=audit(1759767296.060:107): pid=1682 uid=1000 auid=1000 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="cloud-admin" AUID="cloud-admin" type=USER_END msg=audit(1759767296.412:108): pid=1682 uid=1000 auid=1000 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="cloud-admin" AUID="cloud-admin" type=CRED_DISP msg=audit(1759767296.412:109): pid=1682 uid=1000 auid=1000 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_localuser,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="cloud-admin" AUID="cloud-admin" type=USER_ACCT msg=audit(1759767296.432:110): pid=1686 uid=1000 auid=1000 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="cloud-admin" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="cloud-admin" AUID="cloud-admin" type=USER_CMD msg=audit(1759767296.432:111): pid=1686 uid=1000 auid=1000 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='cwd="/home/cloud-admin" cmd=7273796E63202D7271202D2D6578636C756465202A2A2F737368202D2D6578636C756465202A2A2F75626F756E64202D2D6578636C756465202A2A2F706B69202D2D6578636C756465202A2A2F706B63733132202D2D6578636C756465202A2A2F6175646974202D2D6578636C756465202A2A2F63727970742A202D2D6578636C756465202A2A2F666F6E7473202D2D6578636C756465202A2A2F6773732A202F6574632F202F746D702F3139322E3136382E3132322E3130302F657463 exe="/usr/bin/sudo" terminal=? res=success'UID="cloud-admin" AUID="cloud-admin" type=CRED_REFR msg=audit(1759767296.434:112): pid=1686 uid=1000 auid=1000 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_localuser,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="cloud-admin" AUID="cloud-admin" type=USER_START msg=audit(1759767296.437:113): pid=1686 uid=1000 auid=1000 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="cloud-admin" AUID="cloud-admin" type=USER_END msg=audit(1759767296.695:114): pid=1686 uid=1000 auid=1000 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="cloud-admin" AUID="cloud-admin" type=CRED_DISP msg=audit(1759767296.696:115): pid=1686 uid=1000 auid=1000 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_localuser,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="cloud-admin" AUID="cloud-admin" type=USER_ACCT msg=audit(1759767296.713:116): pid=1691 uid=1000 auid=1000 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="cloud-admin" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="cloud-admin" AUID="cloud-admin" type=USER_CMD msg=audit(1759767296.713:117): pid=1691 uid=1000 auid=1000 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='cwd="/home/cloud-admin" cmd=6370202D61202F7661722F6C6F672F202F746D702F3139322E3136382E3132322E313030 exe="/usr/bin/sudo" terminal=? res=success'UID="cloud-admin" AUID="cloud-admin" type=CRED_REFR msg=audit(1759767296.716:118): pid=1691 uid=1000 auid=1000 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_localuser,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="cloud-admin" AUID="cloud-admin" type=USER_START msg=audit(1759767296.718:119): pid=1691 uid=1000 auid=1000 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="cloud-admin" AUID="cloud-admin"