type=DAEMON_START msg=audit(1763738549.016:7426): op=start ver=3.1.5 format=enriched kernel=5.14.0-503.14.1.el9_5.x86_64 auid=4294967295 pid=696 uid=0 ses=4294967295 subj=system_u:system_r:auditd_t:s0 res=successAUID="unset" UID="root" type=SERVICE_START msg=audit(1763738549.023:5): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-journal-catalog-update comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738549.029:6): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rpcbind comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=CONFIG_CHANGE msg=audit(1763738549.062:7): op=set audit_backlog_limit=8192 old=64 auid=4294967295 ses=4294967295 subj=system_u:system_r:unconfined_service_t:s0 res=1AUID="unset" type=SYSCALL msg=audit(1763738549.062:7): arch=c000003e syscall=44 success=yes exit=60 a0=3 a1=7ffcf7ab9eb0 a2=3c a3=0 items=0 ppid=701 pid=716 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="auditctl" exe="/usr/sbin/auditctl" subj=system_u:system_r:unconfined_service_t:s0 key=(null)ARCH=x86_64 SYSCALL=sendto AUID="unset" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738549.062:7): proctitle=2F7362696E2F617564697463746C002D52002F6574632F61756469742F61756469742E72756C6573 type=CONFIG_CHANGE msg=audit(1763738549.062:8): op=set audit_failure=1 old=1 auid=4294967295 ses=4294967295 subj=system_u:system_r:unconfined_service_t:s0 res=1AUID="unset" type=SYSCALL msg=audit(1763738549.062:8): arch=c000003e syscall=44 success=yes exit=60 a0=3 a1=7ffcf7ab9eb0 a2=3c a3=0 items=0 ppid=701 pid=716 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="auditctl" exe="/usr/sbin/auditctl" subj=system_u:system_r:unconfined_service_t:s0 key=(null)ARCH=x86_64 SYSCALL=sendto AUID="unset" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738549.062:8): proctitle=2F7362696E2F617564697463746C002D52002F6574632F61756469742F61756469742E72756C6573 type=CONFIG_CHANGE msg=audit(1763738549.062:9): op=set audit_backlog_wait_time=60000 old=60000 auid=4294967295 ses=4294967295 subj=system_u:system_r:unconfined_service_t:s0 res=1AUID="unset" type=SYSCALL msg=audit(1763738549.062:9): arch=c000003e syscall=44 success=yes exit=60 a0=3 a1=7ffcf7ab9eb0 a2=3c a3=0 items=0 ppid=701 pid=716 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="auditctl" exe="/usr/sbin/auditctl" subj=system_u:system_r:unconfined_service_t:s0 key=(null)ARCH=x86_64 SYSCALL=sendto AUID="unset" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738549.062:9): proctitle=2F7362696E2F617564697463746C002D52002F6574632F61756469742F61756469742E72756C6573 type=SERVICE_START msg=audit(1763738549.064:10): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=auditd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SYSTEM_BOOT msg=audit(1763738549.082:11): pid=723 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="systemd-update-utmp" exe="/usr/lib/systemd/systemd-update-utmp" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738549.087:12): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-utmp comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738549.244:13): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=ldconfig comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738549.270:14): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-done comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=BPF msg=audit(1763738549.284:15): prog-id=20 op=LOAD type=SERVICE_START msg=audit(1763738549.340:16): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=dbus-broker comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=BPF msg=audit(1763738549.343:17): prog-id=21 op=LOAD type=BPF msg=audit(1763738549.374:18): prog-id=22 op=LOAD type=BPF msg=audit(1763738549.374:19): prog-id=23 op=LOAD type=SERVICE_START msg=audit(1763738549.378:20): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=irqbalance comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738549.383:21): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rngd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=BPF msg=audit(1763738549.388:22): prog-id=24 op=LOAD type=BPF msg=audit(1763738549.388:23): prog-id=25 op=LOAD type=BPF msg=audit(1763738549.388:24): prog-id=26 op=LOAD type=SERVICE_START msg=audit(1763738549.396:25): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=dracut-shutdown comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738549.432:26): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=chronyd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738549.452:27): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-logind comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=BPF msg=audit(1763738558.360:28): prog-id=27 op=LOAD type=BPF msg=audit(1763738558.360:29): prog-id=28 op=LOAD type=SERVICE_START msg=audit(1763738558.412:30): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738558.500:31): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=cloud-init-local comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738558.646:32): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738558.650:33): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738558.681:34): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=gssproxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738558.748:35): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-wait-online comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=ADD_GROUP msg=audit(1763738559.909:36): pid=901 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:cloud_init_t:s0 msg='op=add-group acct="rocky" exe="/usr/sbin/useradd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=ADD_USER msg=audit(1763738559.913:37): pid=901 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:cloud_init_t:s0 msg='op=add-user acct="rocky" exe="/usr/sbin/useradd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=USER_MGMT msg=audit(1763738559.913:38): pid=901 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:cloud_init_t:s0 msg='op=add-user-to-group grp="adm" acct="rocky" exe="/usr/sbin/useradd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=USER_MGMT msg=audit(1763738559.913:39): pid=901 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:cloud_init_t:s0 msg='op=add-user-to-group grp="systemd-journal" acct="rocky" exe="/usr/sbin/useradd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=USER_MGMT msg=audit(1763738559.913:40): pid=901 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:cloud_init_t:s0 msg='op=add-to-shadow-group grp="adm" acct="rocky" exe="/usr/sbin/useradd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=USER_MGMT msg=audit(1763738559.914:41): pid=901 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:cloud_init_t:s0 msg='op=add-to-shadow-group grp="systemd-journal" acct="rocky" exe="/usr/sbin/useradd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=USER_MGMT msg=audit(1763738560.006:42): pid=901 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:cloud_init_t:s0 msg='op=add-home-dir id=1000 exe="/usr/sbin/useradd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" ID="rocky" type=ACCT_LOCK msg=audit(1763738560.042:43): pid=908 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:passwd_t:s0 msg='op=locked-password id=1000 exe="/usr/bin/passwd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" ID="rocky" type=SERVICE_START msg=audit(1763738560.327:44): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=cloud-init comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738560.375:45): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rpc-statd-notify comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738560.384:46): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sshd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738560.403:47): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rsyslog comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738560.680:48): pid=919 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=919 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=SERVICE_STOP msg=audit(1763738560.682:49): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sshd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738560.707:50): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sshd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738560.748:51): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=cloud-config comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738560.768:52): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-user-sessions comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738560.777:53): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=crond comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738560.780:54): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=getty@tty1 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738560.783:55): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=serial-getty@ttyS0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SYSTEM_RUNLEVEL msg=audit(1763738560.793:56): pid=1217 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='old-level=N new-level=3 comm="systemd-update-utmp" exe="/usr/lib/systemd/systemd-update-utmp" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738560.796:57): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-utmp-runlevel comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1763738560.796:58): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-utmp-runlevel comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738561.229:59): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=cloud-final comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738568.625:60): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=kdump comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1763738568.820:61): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738570.297:62): pid=3923 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=3923 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738570.299:63): pid=3922 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=3923 suid=74 rport=52600 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738570.299:64): pid=3922 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=3923 suid=74 rport=52600 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738570.370:65): pid=3922 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738570.370:66): pid=3922 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738570.386:67): pid=3922 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738570.386:68): pid=3922 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=3923 suid=74 rport=52600 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738570.388:69): pid=3922 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738570.388:70): pid=3922 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=1 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738570.388:70): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffec9f1d6a0 a2=4 a3=3e8 items=0 ppid=1158 pid=3922 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=1 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738570.388:70): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738570.390:71): pid=3922 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=SERVICE_START msg=audit(1763738570.425:72): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=user-runtime-dir@1000 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738570.432:73): pid=3926 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=CRED_ACQ msg=audit(1763738570.432:74): pid=3926 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='op=PAM:setcred grantors=? acct="rocky" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'UID="root" AUID="unset" type=USER_ROLE_CHANGE msg=audit(1763738570.433:75): pid=3926 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738570.433:76): pid=3926 uid=0 subj=system_u:system_r:init_t:s0 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=2 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738570.433:76): arch=c000003e syscall=1 success=yes exit=4 a0=7 a1=7ffdd4d86500 a2=4 a3=3e8 items=0 ppid=1 pid=3926 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="(systemd)" exe="/usr/lib/systemd/systemd" subj=system_u:system_r:init_t:s0 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738570.433:76): proctitle="(systemd)" type=USER_START msg=audit(1763738570.434:77): pid=3926 uid=0 auid=1000 ses=2 subj=system_u:system_r:init_t:s0 msg='op=PAM:session_open grantors=pam_selinux,pam_selinux,pam_loginuid,pam_keyinit,pam_umask,pam_namespace,pam_keyinit,pam_limits,pam_systemd,pam_unix acct="rocky" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" type=SERVICE_START msg=audit(1763738570.531:78): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=user@1000 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=USER_START msg=audit(1763738570.537:79): pid=3922 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738570.538:80): pid=3935 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=3935 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738570.538:81): pid=3935 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738570.583:82): pid=3922 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738570.583:83): pid=3922 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738570.584:84): pid=3922 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=3936 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738570.611:85): pid=3922 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738570.611:86): pid=3922 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738570.611:87): pid=3922 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=3935 suid=1000 rport=52600 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738570.611:88): pid=3922 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=3935 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738570.613:89): pid=3922 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738570.613:90): pid=3922 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738570.613:91): pid=3922 uid=0 auid=1000 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=3922 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738578.018:92): pid=3957 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=3957 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738578.019:93): pid=3956 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=3957 suid=74 rport=52632 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738578.019:94): pid=3956 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=3957 suid=74 rport=52632 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738578.080:95): pid=3956 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738578.080:96): pid=3956 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738578.087:97): pid=3956 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738578.087:98): pid=3956 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=3957 suid=74 rport=52632 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738578.088:99): pid=3956 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738578.088:100): pid=3956 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=3 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738578.088:100): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffc50f1a590 a2=4 a3=3e8 items=0 ppid=1158 pid=3956 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=3 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738578.088:100): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738578.089:101): pid=3956 uid=0 auid=1000 ses=3 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738578.107:102): pid=3956 uid=0 auid=1000 ses=3 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738578.108:103): pid=3959 uid=0 auid=1000 ses=3 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=3959 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738578.109:104): pid=3959 uid=0 auid=1000 ses=3 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738578.154:105): pid=3956 uid=0 auid=1000 ses=3 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738578.154:106): pid=3956 uid=0 auid=1000 ses=3 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738578.155:107): pid=3956 uid=0 auid=1000 ses=3 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=3960 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738578.204:108): pid=3956 uid=0 auid=1000 ses=3 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=3959 suid=1000 rport=52632 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738578.205:109): pid=3956 uid=0 auid=1000 ses=3 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=3959 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738578.206:110): pid=3956 uid=0 auid=1000 ses=3 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738578.206:111): pid=3956 uid=0 auid=1000 ses=3 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_END msg=audit(1763738578.207:112): pid=3956 uid=0 auid=1000 ses=3 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738578.207:113): pid=3956 uid=0 auid=1000 ses=3 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738578.207:114): pid=3956 uid=0 auid=1000 ses=3 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=3956 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738578.224:115): pid=3978 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=3978 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738578.225:116): pid=3977 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=3978 suid=74 rport=52634 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738578.225:117): pid=3977 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=3978 suid=74 rport=52634 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738578.286:118): pid=3977 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738578.286:119): pid=3977 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738578.294:120): pid=3977 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738578.294:121): pid=3977 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=3978 suid=74 rport=52634 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738578.296:122): pid=3977 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738578.296:123): pid=3977 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=4 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738578.296:123): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffc5935b1b0 a2=4 a3=3e8 items=0 ppid=1158 pid=3977 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738578.296:123): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738578.297:124): pid=3977 uid=0 auid=1000 ses=4 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738578.313:125): pid=3977 uid=0 auid=1000 ses=4 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738578.314:126): pid=3980 uid=0 auid=1000 ses=4 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=3980 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738578.315:127): pid=3980 uid=0 auid=1000 ses=4 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738578.358:128): pid=3977 uid=0 auid=1000 ses=4 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738578.358:129): pid=3977 uid=0 auid=1000 ses=4 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738578.359:130): pid=3977 uid=0 auid=1000 ses=4 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=3981 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738578.413:131): pid=3977 uid=0 auid=1000 ses=4 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738578.413:132): pid=3977 uid=0 auid=1000 ses=4 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738578.413:133): pid=3977 uid=0 auid=1000 ses=4 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=3980 suid=1000 rport=52634 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738578.413:134): pid=3977 uid=0 auid=1000 ses=4 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=3980 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738578.414:135): pid=3977 uid=0 auid=1000 ses=4 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738578.414:136): pid=3977 uid=0 auid=1000 ses=4 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738578.415:137): pid=3977 uid=0 auid=1000 ses=4 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=3977 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738578.430:138): pid=3999 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=3999 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738578.431:139): pid=3998 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=3999 suid=74 rport=52636 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738578.431:140): pid=3998 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=3999 suid=74 rport=52636 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738578.493:141): pid=3998 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738578.493:142): pid=3998 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738578.501:143): pid=3998 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738578.501:144): pid=3998 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=3999 suid=74 rport=52636 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738578.502:145): pid=3998 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738578.502:146): pid=3998 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=5 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738578.502:146): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffe109bd2f0 a2=4 a3=3e8 items=0 ppid=1158 pid=3998 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=5 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738578.502:146): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738578.503:147): pid=3998 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738578.522:148): pid=3998 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738578.523:149): pid=4001 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4001 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738578.524:150): pid=4001 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738578.570:151): pid=3998 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738578.570:152): pid=3998 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738578.571:153): pid=3998 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4002 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_ACCT msg=audit(1763738578.628:154): pid=4020 uid=1000 auid=1000 ses=5 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_CMD msg=audit(1763738578.629:155): pid=4020 uid=1000 auid=1000 ses=5 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='cwd="/home/rocky" cmd=6370202D66202E2F7069702E636F6E66202F6574632F7069702E636F6E66 exe="/usr/bin/sudo" terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_REFR msg=audit(1763738578.629:156): pid=4020 uid=1000 auid=1000 ses=5 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_START msg=audit(1763738578.633:157): pid=4020 uid=1000 auid=1000 ses=5 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738578.638:158): pid=4020 uid=1000 auid=1000 ses=5 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_DISP msg=audit(1763738578.638:159): pid=4020 uid=1000 auid=1000 ses=5 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_ACCT msg=audit(1763738578.650:160): pid=4023 uid=1000 auid=1000 ses=5 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_CMD msg=audit(1763738578.650:161): pid=4023 uid=1000 auid=1000 ses=5 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='cwd="/home/rocky" cmd=6D6B646972202D70202F6574632F646F636B65722F exe="/usr/bin/sudo" terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_REFR msg=audit(1763738578.650:162): pid=4023 uid=1000 auid=1000 ses=5 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_START msg=audit(1763738578.652:163): pid=4023 uid=1000 auid=1000 ses=5 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738578.654:164): pid=4023 uid=1000 auid=1000 ses=5 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_DISP msg=audit(1763738578.654:165): pid=4023 uid=1000 auid=1000 ses=5 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_ACCT msg=audit(1763738578.666:166): pid=4026 uid=1000 auid=1000 ses=5 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_CMD msg=audit(1763738578.666:167): pid=4026 uid=1000 auid=1000 ses=5 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='cwd="/home/rocky" cmd=6370202D66202E2F646F636B65722D6461656D6F6E2E6A736F6E202F6574632F646F636B65722F6461656D6F6E2E6A736F6E exe="/usr/bin/sudo" terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_REFR msg=audit(1763738578.667:168): pid=4026 uid=1000 auid=1000 ses=5 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_START msg=audit(1763738578.668:169): pid=4026 uid=1000 auid=1000 ses=5 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738578.672:170): pid=4026 uid=1000 auid=1000 ses=5 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_DISP msg=audit(1763738578.672:171): pid=4026 uid=1000 auid=1000 ses=5 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738578.674:172): pid=3998 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738578.674:173): pid=3998 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738578.674:174): pid=3998 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=4001 suid=1000 rport=52636 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738578.675:175): pid=3998 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4001 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738578.676:176): pid=3998 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738578.676:177): pid=3998 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738578.677:178): pid=3998 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=3998 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738578.696:179): pid=4030 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4030 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738578.697:180): pid=4029 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=4030 suid=74 rport=52638 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738578.697:181): pid=4029 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=4030 suid=74 rport=52638 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738578.758:182): pid=4029 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738578.758:183): pid=4029 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738578.766:184): pid=4029 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738578.766:185): pid=4029 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=4030 suid=74 rport=52638 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738578.768:186): pid=4029 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738578.768:187): pid=4029 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=6 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738578.768:187): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7fff2d4711a0 a2=4 a3=3e8 items=0 ppid=1158 pid=4029 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=6 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738578.768:187): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738578.769:188): pid=4029 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738578.794:189): pid=4029 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738578.795:190): pid=4032 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4032 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738578.796:191): pid=4032 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738578.842:192): pid=4029 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738578.842:193): pid=4029 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738578.843:194): pid=4029 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4033 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738578.864:195): pid=4029 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=4032 suid=1000 rport=52638 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738578.865:196): pid=4029 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4032 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738578.866:197): pid=4029 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738578.866:198): pid=4029 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_END msg=audit(1763738578.867:199): pid=4029 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738578.867:200): pid=4029 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738578.867:201): pid=4029 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4029 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738578.884:202): pid=4050 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4050 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738578.885:203): pid=4049 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=4050 suid=74 rport=52642 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738578.885:204): pid=4049 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=4050 suid=74 rport=52642 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738578.948:205): pid=4049 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738578.948:206): pid=4049 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738578.955:207): pid=4049 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738578.955:208): pid=4049 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=4050 suid=74 rport=52642 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738578.957:209): pid=4049 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738578.957:210): pid=4049 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=7 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738578.957:210): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffc18a020e0 a2=4 a3=3e8 items=0 ppid=1158 pid=4049 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=7 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738578.957:210): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738578.957:211): pid=4049 uid=0 auid=1000 ses=7 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738578.974:212): pid=4049 uid=0 auid=1000 ses=7 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738578.975:213): pid=4052 uid=0 auid=1000 ses=7 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4052 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738578.975:214): pid=4052 uid=0 auid=1000 ses=7 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738579.018:215): pid=4049 uid=0 auid=1000 ses=7 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738579.018:216): pid=4049 uid=0 auid=1000 ses=7 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.019:217): pid=4049 uid=0 auid=1000 ses=7 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4053 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_ACCT msg=audit(1763738579.048:218): pid=4073 uid=1000 auid=1000 ses=7 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_CMD msg=audit(1763738579.049:219): pid=4073 uid=1000 auid=1000 ses=7 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='cwd="/home/rocky" cmd=657468746F6F6C202D4B2065746830207478206F6666 exe="/usr/bin/sudo" terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_REFR msg=audit(1763738579.049:220): pid=4073 uid=1000 auid=1000 ses=7 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_START msg=audit(1763738579.051:221): pid=4073 uid=1000 auid=1000 ses=7 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738579.054:222): pid=4073 uid=1000 auid=1000 ses=7 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_DISP msg=audit(1763738579.054:223): pid=4073 uid=1000 auid=1000 ses=7 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738579.056:224): pid=4049 uid=0 auid=1000 ses=7 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738579.056:225): pid=4049 uid=0 auid=1000 ses=7 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.056:226): pid=4049 uid=0 auid=1000 ses=7 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=4052 suid=1000 rport=52642 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.056:227): pid=4049 uid=0 auid=1000 ses=7 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4052 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738579.057:228): pid=4049 uid=0 auid=1000 ses=7 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738579.058:229): pid=4049 uid=0 auid=1000 ses=7 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.058:230): pid=4049 uid=0 auid=1000 ses=7 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4049 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738579.074:231): pid=4077 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4077 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738579.075:232): pid=4076 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=4077 suid=74 rport=52644 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738579.075:233): pid=4076 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=4077 suid=74 rport=52644 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738579.135:234): pid=4076 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738579.135:235): pid=4076 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738579.141:236): pid=4076 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738579.141:237): pid=4076 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=4077 suid=74 rport=52644 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738579.143:238): pid=4076 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738579.143:239): pid=4076 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=8 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738579.143:239): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffdc1d465b0 a2=4 a3=3e8 items=0 ppid=1158 pid=4076 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=8 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738579.143:239): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738579.143:240): pid=4076 uid=0 auid=1000 ses=8 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738579.164:241): pid=4076 uid=0 auid=1000 ses=8 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.165:242): pid=4079 uid=0 auid=1000 ses=8 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4079 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738579.165:243): pid=4079 uid=0 auid=1000 ses=8 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738579.210:244): pid=4076 uid=0 auid=1000 ses=8 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738579.210:245): pid=4076 uid=0 auid=1000 ses=8 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.210:246): pid=4076 uid=0 auid=1000 ses=8 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4080 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738579.253:247): pid=4076 uid=0 auid=1000 ses=8 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738579.253:248): pid=4076 uid=0 auid=1000 ses=8 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.253:249): pid=4076 uid=0 auid=1000 ses=8 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=4079 suid=1000 rport=52644 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.254:250): pid=4076 uid=0 auid=1000 ses=8 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4079 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738579.255:251): pid=4076 uid=0 auid=1000 ses=8 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738579.255:252): pid=4076 uid=0 auid=1000 ses=8 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.256:253): pid=4076 uid=0 auid=1000 ses=8 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4076 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738579.270:254): pid=4098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4098 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738579.270:255): pid=4097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=4098 suid=74 rport=52646 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738579.270:256): pid=4097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=4098 suid=74 rport=52646 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738579.331:257): pid=4097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738579.331:258): pid=4097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738579.338:259): pid=4097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738579.338:260): pid=4097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=4098 suid=74 rport=52646 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738579.339:261): pid=4097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738579.339:262): pid=4097 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=9 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738579.339:262): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffd9cce2d40 a2=4 a3=3e8 items=0 ppid=1158 pid=4097 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=9 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738579.339:262): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738579.340:263): pid=4097 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738579.353:264): pid=4097 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.354:265): pid=4100 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4100 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738579.355:266): pid=4100 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738579.398:267): pid=4097 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738579.398:268): pid=4097 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.398:269): pid=4097 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4101 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_ACCT msg=audit(1763738579.421:270): pid=4117 uid=1000 auid=1000 ses=9 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_CMD msg=audit(1763738579.421:271): pid=4117 uid=1000 auid=1000 ses=9 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='cwd="/home/rocky" cmd=726D202D66202F6574632F79756D2E7265706F732E642F726F636B792D6164646F6E732E7265706F202F6574632F79756D2E7265706F732E642F726F636B792D646576656C2E7265706F202F6574632F79756D2E7265706F732E642F726F636B792D6578747261732E7265706F202F6574632F79756D2E7265706F732E642F726F636B792E7265706F exe="/usr/bin/sudo" terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_REFR msg=audit(1763738579.422:272): pid=4117 uid=1000 auid=1000 ses=9 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_START msg=audit(1763738579.423:273): pid=4117 uid=1000 auid=1000 ses=9 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738579.425:274): pid=4117 uid=1000 auid=1000 ses=9 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_DISP msg=audit(1763738579.425:275): pid=4117 uid=1000 auid=1000 ses=9 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_ACCT msg=audit(1763738579.434:276): pid=4101 uid=1000 auid=1000 ses=9 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_CMD msg=audit(1763738579.434:277): pid=4101 uid=1000 auid=1000 ses=9 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='cwd="/home/rocky" cmd=6370206D6972726F722D626173652D726F636B79392E7265706F202F6574632F79756D2E7265706F732E642F exe="/usr/bin/sudo" terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_REFR msg=audit(1763738579.434:278): pid=4101 uid=1000 auid=1000 ses=9 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_START msg=audit(1763738579.435:279): pid=4101 uid=1000 auid=1000 ses=9 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738579.438:280): pid=4101 uid=1000 auid=1000 ses=9 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_DISP msg=audit(1763738579.439:281): pid=4101 uid=1000 auid=1000 ses=9 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738579.440:282): pid=4097 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738579.440:283): pid=4097 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.440:284): pid=4097 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=4100 suid=1000 rport=52646 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.440:285): pid=4097 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4100 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738579.441:286): pid=4097 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738579.441:287): pid=4097 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.442:288): pid=4097 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4097 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738579.458:289): pid=4123 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4123 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738579.459:290): pid=4122 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=4123 suid=74 rport=52648 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738579.459:291): pid=4122 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=4123 suid=74 rport=52648 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738579.518:292): pid=4122 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738579.518:293): pid=4122 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738579.525:294): pid=4122 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738579.525:295): pid=4122 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=4123 suid=74 rport=52648 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738579.526:296): pid=4122 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738579.526:297): pid=4122 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=10 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738579.526:297): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffc8271dca0 a2=4 a3=3e8 items=0 ppid=1158 pid=4122 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=10 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738579.526:297): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738579.527:298): pid=4122 uid=0 auid=1000 ses=10 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738579.544:299): pid=4122 uid=0 auid=1000 ses=10 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.545:300): pid=4125 uid=0 auid=1000 ses=10 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4125 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738579.546:301): pid=4125 uid=0 auid=1000 ses=10 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738579.590:302): pid=4122 uid=0 auid=1000 ses=10 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738579.590:303): pid=4122 uid=0 auid=1000 ses=10 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.590:304): pid=4122 uid=0 auid=1000 ses=10 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4126 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.635:305): pid=4122 uid=0 auid=1000 ses=10 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=4125 suid=1000 rport=52648 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.635:306): pid=4122 uid=0 auid=1000 ses=10 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4125 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738579.637:307): pid=4122 uid=0 auid=1000 ses=10 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738579.637:308): pid=4122 uid=0 auid=1000 ses=10 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_END msg=audit(1763738579.637:309): pid=4122 uid=0 auid=1000 ses=10 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738579.637:310): pid=4122 uid=0 auid=1000 ses=10 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.637:311): pid=4122 uid=0 auid=1000 ses=10 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4122 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738579.651:312): pid=4144 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4144 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738579.651:313): pid=4143 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=4144 suid=74 rport=52650 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738579.652:314): pid=4143 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=4144 suid=74 rport=52650 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738579.711:315): pid=4143 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738579.711:316): pid=4143 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738579.718:317): pid=4143 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738579.718:318): pid=4143 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=4144 suid=74 rport=52650 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738579.719:319): pid=4143 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738579.719:320): pid=4143 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=11 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738579.719:320): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7fff6e417e50 a2=4 a3=3e8 items=0 ppid=1158 pid=4143 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=11 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738579.719:320): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738579.720:321): pid=4143 uid=0 auid=1000 ses=11 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738579.736:322): pid=4143 uid=0 auid=1000 ses=11 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.737:323): pid=4146 uid=0 auid=1000 ses=11 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4146 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738579.738:324): pid=4146 uid=0 auid=1000 ses=11 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738579.782:325): pid=4143 uid=0 auid=1000 ses=11 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738579.782:326): pid=4143 uid=0 auid=1000 ses=11 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.782:327): pid=4143 uid=0 auid=1000 ses=11 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4147 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_ACCT msg=audit(1763738579.804:328): pid=4147 uid=1000 auid=1000 ses=11 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_CMD msg=audit(1763738579.805:329): pid=4147 uid=1000 auid=1000 ses=11 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='cwd="/home/rocky" cmd=6370206D6972726F722D6570656C392E7265706F202F6574632F79756D2E7265706F732E642F exe="/usr/bin/sudo" terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_REFR msg=audit(1763738579.805:330): pid=4147 uid=1000 auid=1000 ses=11 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_START msg=audit(1763738579.806:331): pid=4147 uid=1000 auid=1000 ses=11 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738579.809:332): pid=4147 uid=1000 auid=1000 ses=11 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_DISP msg=audit(1763738579.809:333): pid=4147 uid=1000 auid=1000 ses=11 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738579.811:334): pid=4143 uid=0 auid=1000 ses=11 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738579.811:335): pid=4143 uid=0 auid=1000 ses=11 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.811:336): pid=4143 uid=0 auid=1000 ses=11 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=4146 suid=1000 rport=52650 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.811:337): pid=4143 uid=0 auid=1000 ses=11 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4146 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738579.812:338): pid=4143 uid=0 auid=1000 ses=11 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738579.812:339): pid=4143 uid=0 auid=1000 ses=11 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.813:340): pid=4143 uid=0 auid=1000 ses=11 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4143 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738579.828:341): pid=4166 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4166 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738579.828:342): pid=4165 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=4166 suid=74 rport=52652 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738579.829:343): pid=4165 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=4166 suid=74 rport=52652 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738579.888:344): pid=4165 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738579.888:345): pid=4165 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738579.895:346): pid=4165 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738579.895:347): pid=4165 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=4166 suid=74 rport=52652 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738579.897:348): pid=4165 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738579.897:349): pid=4165 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=12 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738579.897:349): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffc213ef370 a2=4 a3=3e8 items=0 ppid=1158 pid=4165 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=12 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738579.897:349): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738579.898:350): pid=4165 uid=0 auid=1000 ses=12 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738579.913:351): pid=4165 uid=0 auid=1000 ses=12 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.914:352): pid=4168 uid=0 auid=1000 ses=12 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4168 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738579.915:353): pid=4168 uid=0 auid=1000 ses=12 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738579.958:354): pid=4165 uid=0 auid=1000 ses=12 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738579.958:355): pid=4165 uid=0 auid=1000 ses=12 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738579.958:356): pid=4165 uid=0 auid=1000 ses=12 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4169 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_ACCT msg=audit(1763738579.982:357): pid=4186 uid=1000 auid=1000 ses=12 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_CMD msg=audit(1763738579.982:358): pid=4186 uid=1000 auid=1000 ses=12 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='cwd="/home/rocky" cmd=746565202D61202F6574632F737973636F6E6669672F6E6574776F726B2D736372697074732F69666366672D65746831 exe="/usr/bin/sudo" terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_REFR msg=audit(1763738579.982:359): pid=4186 uid=1000 auid=1000 ses=12 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_START msg=audit(1763738579.983:360): pid=4186 uid=1000 auid=1000 ses=12 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738579.985:361): pid=4186 uid=1000 auid=1000 ses=12 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_DISP msg=audit(1763738579.985:362): pid=4186 uid=1000 auid=1000 ses=12 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_ACCT msg=audit(1763738579.994:363): pid=4169 uid=1000 auid=1000 ses=12 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_CMD msg=audit(1763738579.994:364): pid=4169 uid=1000 auid=1000 ses=12 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='cwd="/home/rocky" cmd=73797374656D63746C2072657374617274204E6574776F726B4D616E616765722E73657276696365 exe="/usr/bin/sudo" terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_REFR msg=audit(1763738579.994:365): pid=4169 uid=1000 auid=1000 ses=12 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_START msg=audit(1763738579.995:366): pid=4169 uid=1000 auid=1000 ses=12 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=SERVICE_STOP msg=audit(1763738580.004:367): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-wait-online comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738580.022:368): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1763738580.034:369): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738580.075:370): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=USER_END msg=audit(1763738580.079:371): pid=4169 uid=1000 auid=1000 ses=12 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_DISP msg=audit(1763738580.079:372): pid=4169 uid=1000 auid=1000 ses=12 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738580.081:373): pid=4165 uid=0 auid=1000 ses=12 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738580.081:374): pid=4165 uid=0 auid=1000 ses=12 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738580.081:375): pid=4165 uid=0 auid=1000 ses=12 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=4168 suid=1000 rport=52652 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738580.082:376): pid=4165 uid=0 auid=1000 ses=12 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4168 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738580.083:377): pid=4165 uid=0 auid=1000 ses=12 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738580.083:378): pid=4165 uid=0 auid=1000 ses=12 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738580.084:379): pid=4165 uid=0 auid=1000 ses=12 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4165 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738580.097:380): pid=4233 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4233 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738580.098:381): pid=4227 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=4233 suid=74 rport=52654 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738580.098:382): pid=4227 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=4233 suid=74 rport=52654 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738580.159:383): pid=4227 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738580.159:384): pid=4227 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738580.166:385): pid=4227 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738580.166:386): pid=4227 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=4233 suid=74 rport=52654 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738580.167:387): pid=4227 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738580.167:388): pid=4227 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=13 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738580.167:388): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7fff1d2bca20 a2=4 a3=3e8 items=0 ppid=1158 pid=4227 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=13 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738580.167:388): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738580.168:389): pid=4227 uid=0 auid=1000 ses=13 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738580.198:390): pid=4227 uid=0 auid=1000 ses=13 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738580.199:391): pid=4258 uid=0 auid=1000 ses=13 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4258 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738580.200:392): pid=4258 uid=0 auid=1000 ses=13 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738580.246:393): pid=4227 uid=0 auid=1000 ses=13 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738580.246:394): pid=4227 uid=0 auid=1000 ses=13 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738580.247:395): pid=4227 uid=0 auid=1000 ses=13 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4259 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_ACCT msg=audit(1763738580.275:396): pid=4259 uid=1000 auid=1000 ses=13 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_CMD msg=audit(1763738580.275:397): pid=4259 uid=1000 auid=1000 ses=13 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='cwd="/home/rocky" cmd=6D6F6470726F62652069705F7461626C6573 exe="/usr/bin/sudo" terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_REFR msg=audit(1763738580.275:398): pid=4259 uid=1000 auid=1000 ses=13 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_START msg=audit(1763738580.278:399): pid=4259 uid=1000 auid=1000 ses=13 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738580.295:400): pid=4259 uid=1000 auid=1000 ses=13 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_DISP msg=audit(1763738580.296:401): pid=4259 uid=1000 auid=1000 ses=13 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738580.298:402): pid=4227 uid=0 auid=1000 ses=13 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738580.298:403): pid=4227 uid=0 auid=1000 ses=13 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738580.298:404): pid=4227 uid=0 auid=1000 ses=13 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=4258 suid=1000 rport=52654 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738580.298:405): pid=4227 uid=0 auid=1000 ses=13 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4258 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738580.299:406): pid=4227 uid=0 auid=1000 ses=13 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738580.299:407): pid=4227 uid=0 auid=1000 ses=13 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738580.300:408): pid=4227 uid=0 auid=1000 ses=13 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4227 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738580.318:409): pid=4280 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4280 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738580.319:410): pid=4279 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=4280 suid=74 rport=52656 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738580.319:411): pid=4279 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=4280 suid=74 rport=52656 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738580.379:412): pid=4279 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738580.379:413): pid=4279 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738580.386:414): pid=4279 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738580.386:415): pid=4279 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=4280 suid=74 rport=52656 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738580.388:416): pid=4279 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738580.388:417): pid=4279 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=14 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738580.388:417): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffd33691480 a2=4 a3=3e8 items=0 ppid=1158 pid=4279 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=14 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738580.388:417): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738580.389:418): pid=4279 uid=0 auid=1000 ses=14 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738580.406:419): pid=4279 uid=0 auid=1000 ses=14 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738580.407:420): pid=4282 uid=0 auid=1000 ses=14 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4282 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738580.408:421): pid=4282 uid=0 auid=1000 ses=14 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738580.450:422): pid=4279 uid=0 auid=1000 ses=14 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738580.450:423): pid=4279 uid=0 auid=1000 ses=14 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738580.450:424): pid=4279 uid=0 auid=1000 ses=14 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4283 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_ACCT msg=audit(1763738580.476:425): pid=4283 uid=1000 auid=1000 ses=14 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_CMD msg=audit(1763738580.476:426): pid=4283 uid=1000 auid=1000 ses=14 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='cwd="/home/rocky" cmd=646E6620696E7374616C6C202D79206F70656E7373682D736572766572206F70656E73736C exe="/usr/bin/sudo" terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_REFR msg=audit(1763738580.476:427): pid=4283 uid=1000 auid=1000 ses=14 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_START msg=audit(1763738580.478:428): pid=4283 uid=1000 auid=1000 ses=14 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=SERVICE_STOP msg=audit(1763738590.151:429): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738594.990:430): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=run-r119e924c5757447cb848b37a9556685d comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738595.007:431): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=run-r9386aa414cd0482f9403e42a22db5640 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SOFTWARE_UPDATE msg=audit(1763738595.010:432): pid=4300 uid=0 auid=1000 ses=14 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=update sw="openssl-libs-1:3.2.2-6.el9_5.1.x86_64" sw_type=rpm key_enforce=0 gpg_res=1 root_dir="/" comm="dnf" exe="/usr/bin/python3.9" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" type=SOFTWARE_UPDATE msg=audit(1763738595.010:433): pid=4300 uid=0 auid=1000 ses=14 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=update sw="openssl-1:3.2.2-6.el9_5.1.x86_64" sw_type=rpm key_enforce=0 gpg_res=1 root_dir="/" comm="dnf" exe="/usr/bin/python3.9" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" type=SERVICE_START msg=audit(1763738595.428:434): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=polkit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738595.431:435): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=packagekit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=USER_END msg=audit(1763738595.545:436): pid=4283 uid=1000 auid=1000 ses=14 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_DISP msg=audit(1763738595.545:437): pid=4283 uid=1000 auid=1000 ses=14 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738595.546:438): pid=4279 uid=0 auid=1000 ses=14 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738595.546:439): pid=4279 uid=0 auid=1000 ses=14 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738595.547:440): pid=4279 uid=0 auid=1000 ses=14 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=4282 suid=1000 rport=52656 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738595.547:441): pid=4279 uid=0 auid=1000 ses=14 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4282 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738595.548:442): pid=4279 uid=0 auid=1000 ses=14 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738595.548:443): pid=4279 uid=0 auid=1000 ses=14 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738595.549:444): pid=4279 uid=0 auid=1000 ses=14 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=4279 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738595.567:445): pid=5265 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=5265 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738595.567:446): pid=5243 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=5265 suid=74 rport=52666 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738595.567:447): pid=5243 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=5265 suid=74 rport=52666 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738595.628:448): pid=5243 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738595.628:449): pid=5243 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738595.635:450): pid=5243 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738595.635:451): pid=5243 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=5265 suid=74 rport=52666 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738595.636:452): pid=5243 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738595.637:453): pid=5243 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=15 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738595.637:453): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffff92909f0 a2=4 a3=3e8 items=0 ppid=1158 pid=5243 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=15 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738595.637:453): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738595.637:454): pid=5243 uid=0 auid=1000 ses=15 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738595.653:455): pid=5243 uid=0 auid=1000 ses=15 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738595.654:456): pid=5466 uid=0 auid=1000 ses=15 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=5466 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738595.654:457): pid=5466 uid=0 auid=1000 ses=15 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738595.697:458): pid=5243 uid=0 auid=1000 ses=15 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738595.697:459): pid=5243 uid=0 auid=1000 ses=15 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738595.698:460): pid=5243 uid=0 auid=1000 ses=15 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=5565 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738595.715:461): pid=5243 uid=0 auid=1000 ses=15 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738595.715:462): pid=5243 uid=0 auid=1000 ses=15 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738595.715:463): pid=5243 uid=0 auid=1000 ses=15 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=5466 suid=1000 rport=52666 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738595.715:464): pid=5243 uid=0 auid=1000 ses=15 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=5466 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738595.716:465): pid=5243 uid=0 auid=1000 ses=15 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738595.717:466): pid=5243 uid=0 auid=1000 ses=15 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738595.717:467): pid=5243 uid=0 auid=1000 ses=15 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=5243 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738595.732:468): pid=5659 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=5659 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738595.732:469): pid=5636 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=5659 suid=74 rport=52668 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738595.732:470): pid=5636 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=5659 suid=74 rport=52668 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738595.791:471): pid=5636 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738595.791:472): pid=5636 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738595.798:473): pid=5636 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738595.798:474): pid=5636 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=5659 suid=74 rport=52668 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738595.799:475): pid=5636 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738595.799:476): pid=5636 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=16 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738595.799:476): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffeb7b17650 a2=4 a3=3e8 items=0 ppid=1158 pid=5636 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=16 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738595.799:476): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738595.800:477): pid=5636 uid=0 auid=1000 ses=16 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738595.813:478): pid=5636 uid=0 auid=1000 ses=16 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738595.814:479): pid=5860 uid=0 auid=1000 ses=16 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=5860 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738595.815:480): pid=5860 uid=0 auid=1000 ses=16 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738595.857:481): pid=5636 uid=0 auid=1000 ses=16 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738595.857:482): pid=5636 uid=0 auid=1000 ses=16 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738595.858:483): pid=5636 uid=0 auid=1000 ses=16 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=5958 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738595.875:484): pid=5636 uid=0 auid=1000 ses=16 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738595.875:485): pid=5636 uid=0 auid=1000 ses=16 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738595.875:486): pid=5636 uid=0 auid=1000 ses=16 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=5860 suid=1000 rport=52668 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738595.875:487): pid=5636 uid=0 auid=1000 ses=16 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=5860 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738595.877:488): pid=5636 uid=0 auid=1000 ses=16 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738595.877:489): pid=5636 uid=0 auid=1000 ses=16 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738595.877:490): pid=5636 uid=0 auid=1000 ses=16 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=5636 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=SERVICE_START msg=audit(1763738599.975:491): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=man-db-cache-update comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1763738599.975:492): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=man-db-cache-update comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1763738599.994:493): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=run-r119e924c5757447cb848b37a9556685d comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1763738599.995:494): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=run-r9386aa414cd0482f9403e42a22db5640 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1763738606.026:495): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=user@1000 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1763738606.044:496): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=user-runtime-dir@1000 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1763738610.095:497): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=BPF msg=audit(1763738610.128:498): prog-id=28 op=UNLOAD type=BPF msg=audit(1763738610.128:499): prog-id=27 op=UNLOAD type=SERVICE_START msg=audit(1763738611.955:500): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738611.960:501): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-wait-online comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738619.243:502): pid=14424 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14424 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738619.244:503): pid=14423 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=14424 suid=74 rport=52736 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738619.244:504): pid=14423 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=14424 suid=74 rport=52736 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738619.308:505): pid=14423 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738619.308:506): pid=14423 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738619.314:507): pid=14423 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738619.314:508): pid=14423 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=14424 suid=74 rport=52736 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738619.316:509): pid=14423 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738619.316:510): pid=14423 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=17 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738619.316:510): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffc642120a0 a2=4 a3=3e8 items=0 ppid=1158 pid=14423 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=17 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738619.316:510): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738619.316:511): pid=14423 uid=0 auid=1000 ses=17 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=SERVICE_START msg=audit(1763738619.339:512): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=user-runtime-dir@1000 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738619.345:513): pid=14427 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=CRED_ACQ msg=audit(1763738619.345:514): pid=14427 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='op=PAM:setcred grantors=? acct="rocky" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'UID="root" AUID="unset" type=USER_ROLE_CHANGE msg=audit(1763738619.346:515): pid=14427 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738619.346:516): pid=14427 uid=0 subj=system_u:system_r:init_t:s0 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=18 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738619.346:516): arch=c000003e syscall=1 success=yes exit=4 a0=7 a1=7ffdd4d86500 a2=4 a3=3e8 items=0 ppid=1 pid=14427 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=18 comm="(systemd)" exe="/usr/lib/systemd/systemd" subj=system_u:system_r:init_t:s0 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738619.346:516): proctitle="(systemd)" type=USER_START msg=audit(1763738619.347:517): pid=14427 uid=0 auid=1000 ses=18 subj=system_u:system_r:init_t:s0 msg='op=PAM:session_open grantors=pam_selinux,pam_selinux,pam_loginuid,pam_keyinit,pam_umask,pam_namespace,pam_keyinit,pam_limits,pam_systemd,pam_unix acct="rocky" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" type=SERVICE_START msg=audit(1763738619.426:518): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=user@1000 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=USER_START msg=audit(1763738619.438:519): pid=14423 uid=0 auid=1000 ses=17 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738619.439:520): pid=14436 uid=0 auid=1000 ses=17 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14436 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738619.440:521): pid=14436 uid=0 auid=1000 ses=17 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738619.485:522): pid=14423 uid=0 auid=1000 ses=17 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738619.485:523): pid=14423 uid=0 auid=1000 ses=17 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738619.486:524): pid=14423 uid=0 auid=1000 ses=17 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14437 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738619.516:525): pid=14423 uid=0 auid=1000 ses=17 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=14436 suid=1000 rport=52736 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738619.518:526): pid=14423 uid=0 auid=1000 ses=17 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14436 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738619.520:527): pid=14423 uid=0 auid=1000 ses=17 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738619.520:528): pid=14423 uid=0 auid=1000 ses=17 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_END msg=audit(1763738619.520:529): pid=14423 uid=0 auid=1000 ses=17 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738619.520:530): pid=14423 uid=0 auid=1000 ses=17 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738619.520:531): pid=14423 uid=0 auid=1000 ses=17 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14423 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738619.535:532): pid=14455 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14455 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738619.536:533): pid=14454 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=14455 suid=74 rport=52738 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738619.536:534): pid=14454 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=14455 suid=74 rport=52738 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738619.595:535): pid=14454 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738619.595:536): pid=14454 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738619.603:537): pid=14454 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738619.603:538): pid=14454 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=14455 suid=74 rport=52738 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738619.605:539): pid=14454 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738619.605:540): pid=14454 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=19 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738619.605:540): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffee0716240 a2=4 a3=3e8 items=0 ppid=1158 pid=14454 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=19 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738619.605:540): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738619.606:541): pid=14454 uid=0 auid=1000 ses=19 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738619.624:542): pid=14454 uid=0 auid=1000 ses=19 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738619.625:543): pid=14457 uid=0 auid=1000 ses=19 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14457 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738619.625:544): pid=14457 uid=0 auid=1000 ses=19 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738619.669:545): pid=14454 uid=0 auid=1000 ses=19 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738619.669:546): pid=14454 uid=0 auid=1000 ses=19 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738619.670:547): pid=14454 uid=0 auid=1000 ses=19 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14458 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738619.697:548): pid=14454 uid=0 auid=1000 ses=19 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738619.697:549): pid=14454 uid=0 auid=1000 ses=19 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738619.697:550): pid=14454 uid=0 auid=1000 ses=19 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=14457 suid=1000 rport=52738 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738619.697:551): pid=14454 uid=0 auid=1000 ses=19 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14457 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738619.698:552): pid=14454 uid=0 auid=1000 ses=19 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738619.699:553): pid=14454 uid=0 auid=1000 ses=19 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738619.699:554): pid=14454 uid=0 auid=1000 ses=19 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14454 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738619.717:555): pid=14475 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14475 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738619.717:556): pid=14474 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=14475 suid=74 rport=52740 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738619.717:557): pid=14474 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=14475 suid=74 rport=52740 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738619.777:558): pid=14474 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738619.777:559): pid=14474 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738619.785:560): pid=14474 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738619.785:561): pid=14474 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=14475 suid=74 rport=52740 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738619.786:562): pid=14474 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738619.786:563): pid=14474 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=20 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738619.786:563): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffec798f240 a2=4 a3=3e8 items=0 ppid=1158 pid=14474 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=20 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738619.786:563): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738619.787:564): pid=14474 uid=0 auid=1000 ses=20 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738619.807:565): pid=14474 uid=0 auid=1000 ses=20 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738619.808:566): pid=14477 uid=0 auid=1000 ses=20 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14477 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738619.809:567): pid=14477 uid=0 auid=1000 ses=20 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738619.853:568): pid=14474 uid=0 auid=1000 ses=20 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738619.853:569): pid=14474 uid=0 auid=1000 ses=20 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738619.854:570): pid=14474 uid=0 auid=1000 ses=20 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14478 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738619.881:571): pid=14474 uid=0 auid=1000 ses=20 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738619.881:572): pid=14474 uid=0 auid=1000 ses=20 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738619.881:573): pid=14474 uid=0 auid=1000 ses=20 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=14477 suid=1000 rport=52740 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738619.882:574): pid=14474 uid=0 auid=1000 ses=20 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14477 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738619.884:575): pid=14474 uid=0 auid=1000 ses=20 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738619.884:576): pid=14474 uid=0 auid=1000 ses=20 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738619.884:577): pid=14474 uid=0 auid=1000 ses=20 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14474 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738619.900:578): pid=14495 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14495 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738619.901:579): pid=14494 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=14495 suid=74 rport=52742 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738619.901:580): pid=14494 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=14495 suid=74 rport=52742 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738619.962:581): pid=14494 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738619.962:582): pid=14494 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738619.969:583): pid=14494 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738619.970:584): pid=14494 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=14495 suid=74 rport=52742 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738619.971:585): pid=14494 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738619.971:586): pid=14494 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=21 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738619.971:586): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffd6070db40 a2=4 a3=3e8 items=0 ppid=1158 pid=14494 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=21 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738619.971:586): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738619.972:587): pid=14494 uid=0 auid=1000 ses=21 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738619.995:588): pid=14494 uid=0 auid=1000 ses=21 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738619.997:589): pid=14497 uid=0 auid=1000 ses=21 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14497 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738619.998:590): pid=14497 uid=0 auid=1000 ses=21 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738620.041:591): pid=14494 uid=0 auid=1000 ses=21 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738620.041:592): pid=14494 uid=0 auid=1000 ses=21 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738620.042:593): pid=14494 uid=0 auid=1000 ses=21 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14498 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738620.060:594): pid=14494 uid=0 auid=1000 ses=21 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738620.060:595): pid=14494 uid=0 auid=1000 ses=21 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738620.061:596): pid=14494 uid=0 auid=1000 ses=21 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=14497 suid=1000 rport=52742 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738620.061:597): pid=14494 uid=0 auid=1000 ses=21 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14497 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738620.062:598): pid=14494 uid=0 auid=1000 ses=21 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738620.062:599): pid=14494 uid=0 auid=1000 ses=21 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738620.063:600): pid=14494 uid=0 auid=1000 ses=21 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14494 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738620.079:601): pid=14517 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14517 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738620.080:602): pid=14516 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=14517 suid=74 rport=52744 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738620.080:603): pid=14516 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=14517 suid=74 rport=52744 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738620.144:604): pid=14516 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738620.144:605): pid=14516 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738620.151:606): pid=14516 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738620.151:607): pid=14516 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=14517 suid=74 rport=52744 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738620.152:608): pid=14516 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738620.152:609): pid=14516 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=22 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738620.152:609): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffe3ef48ac0 a2=4 a3=3e8 items=0 ppid=1158 pid=14516 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=22 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738620.152:609): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738620.153:610): pid=14516 uid=0 auid=1000 ses=22 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738620.173:611): pid=14516 uid=0 auid=1000 ses=22 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738620.174:612): pid=14519 uid=0 auid=1000 ses=22 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14519 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738620.175:613): pid=14519 uid=0 auid=1000 ses=22 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738620.217:614): pid=14516 uid=0 auid=1000 ses=22 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738620.217:615): pid=14516 uid=0 auid=1000 ses=22 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738620.218:616): pid=14516 uid=0 auid=1000 ses=22 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14520 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738620.234:617): pid=14516 uid=0 auid=1000 ses=22 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=14519 suid=1000 rport=52744 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738620.235:618): pid=14516 uid=0 auid=1000 ses=22 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14519 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738620.236:619): pid=14516 uid=0 auid=1000 ses=22 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738620.236:620): pid=14516 uid=0 auid=1000 ses=22 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_END msg=audit(1763738620.236:621): pid=14516 uid=0 auid=1000 ses=22 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738620.236:622): pid=14516 uid=0 auid=1000 ses=22 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738620.236:623): pid=14516 uid=0 auid=1000 ses=22 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14516 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738620.256:624): pid=14537 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14537 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738620.256:625): pid=14536 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=14537 suid=74 rport=52746 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738620.256:626): pid=14536 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=14537 suid=74 rport=52746 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738620.318:627): pid=14536 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738620.318:628): pid=14536 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738620.325:629): pid=14536 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738620.326:630): pid=14536 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=14537 suid=74 rport=52746 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738620.327:631): pid=14536 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738620.327:632): pid=14536 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=23 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738620.327:632): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffee7ef4930 a2=4 a3=3e8 items=0 ppid=1158 pid=14536 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=23 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738620.327:632): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738620.329:633): pid=14536 uid=0 auid=1000 ses=23 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738620.342:634): pid=14536 uid=0 auid=1000 ses=23 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738620.343:635): pid=14539 uid=0 auid=1000 ses=23 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14539 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738620.344:636): pid=14539 uid=0 auid=1000 ses=23 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738620.389:637): pid=14536 uid=0 auid=1000 ses=23 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738620.389:638): pid=14536 uid=0 auid=1000 ses=23 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738620.390:639): pid=14536 uid=0 auid=1000 ses=23 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14540 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_ACCT msg=audit(1763738620.416:640): pid=14540 uid=1000 auid=1000 ses=23 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_CMD msg=audit(1763738620.416:641): pid=14540 uid=1000 auid=1000 ses=23 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='cwd="/home/rocky" cmd=62617368202D63207072696E746620225C6E31302E302E302E32343920202020636E2D6A656E6B696E732D6465706C6F792D706C6174666F726D2D616E7369626C652D6B38732D3431362D315C6E22203E3E202F6574632F686F737473 exe="/usr/bin/sudo" terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_REFR msg=audit(1763738620.416:642): pid=14540 uid=1000 auid=1000 ses=23 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_START msg=audit(1763738620.418:643): pid=14540 uid=1000 auid=1000 ses=23 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738620.420:644): pid=14540 uid=1000 auid=1000 ses=23 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_DISP msg=audit(1763738620.420:645): pid=14540 uid=1000 auid=1000 ses=23 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738620.422:646): pid=14536 uid=0 auid=1000 ses=23 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738620.422:647): pid=14536 uid=0 auid=1000 ses=23 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738620.422:648): pid=14536 uid=0 auid=1000 ses=23 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=14539 suid=1000 rport=52746 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738620.422:649): pid=14536 uid=0 auid=1000 ses=23 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14539 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738620.423:650): pid=14536 uid=0 auid=1000 ses=23 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738620.423:651): pid=14536 uid=0 auid=1000 ses=23 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738620.424:652): pid=14536 uid=0 auid=1000 ses=23 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14536 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=SERVICE_STOP msg=audit(1763738621.995:653): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738622.330:654): pid=14559 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14559 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738622.330:655): pid=14558 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=14559 suid=74 rport=52750 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738622.330:656): pid=14558 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=14559 suid=74 rport=52750 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738622.393:657): pid=14558 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738622.393:658): pid=14558 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738622.400:659): pid=14558 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738622.400:660): pid=14558 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=14559 suid=74 rport=52750 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738622.402:661): pid=14558 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738622.402:662): pid=14558 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=24 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738622.402:662): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7fffedb45550 a2=4 a3=3e8 items=0 ppid=1158 pid=14558 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=24 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738622.402:662): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738622.403:663): pid=14558 uid=0 auid=1000 ses=24 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738622.419:664): pid=14558 uid=0 auid=1000 ses=24 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738622.421:665): pid=14561 uid=0 auid=1000 ses=24 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14561 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738622.422:666): pid=14561 uid=0 auid=1000 ses=24 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738622.465:667): pid=14558 uid=0 auid=1000 ses=24 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738622.465:668): pid=14558 uid=0 auid=1000 ses=24 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738622.466:669): pid=14558 uid=0 auid=1000 ses=24 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14562 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738622.686:670): pid=14558 uid=0 auid=1000 ses=24 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=14561 suid=1000 rport=52750 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738622.686:671): pid=14558 uid=0 auid=1000 ses=24 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14561 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738622.688:672): pid=14558 uid=0 auid=1000 ses=24 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738622.688:673): pid=14558 uid=0 auid=1000 ses=24 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_END msg=audit(1763738622.689:674): pid=14558 uid=0 auid=1000 ses=24 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738622.689:675): pid=14558 uid=0 auid=1000 ses=24 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738622.689:676): pid=14558 uid=0 auid=1000 ses=24 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14558 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738622.703:677): pid=14580 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14580 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738622.703:678): pid=14579 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=14580 suid=74 rport=52754 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738622.703:679): pid=14579 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=14580 suid=74 rport=52754 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738622.764:680): pid=14579 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738622.764:681): pid=14579 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738622.772:682): pid=14579 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738622.772:683): pid=14579 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=14580 suid=74 rport=52754 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738622.773:684): pid=14579 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738622.773:685): pid=14579 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=25 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738622.773:685): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffe605455d0 a2=4 a3=3e8 items=0 ppid=1158 pid=14579 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=25 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738622.773:685): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738622.774:686): pid=14579 uid=0 auid=1000 ses=25 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738622.792:687): pid=14579 uid=0 auid=1000 ses=25 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738622.793:688): pid=14582 uid=0 auid=1000 ses=25 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14582 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738622.794:689): pid=14582 uid=0 auid=1000 ses=25 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738622.837:690): pid=14579 uid=0 auid=1000 ses=25 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738622.837:691): pid=14579 uid=0 auid=1000 ses=25 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738622.839:692): pid=14579 uid=0 auid=1000 ses=25 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14583 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_ACCT msg=audit(1763738622.925:693): pid=14657 uid=1000 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_CMD msg=audit(1763738622.925:694): pid=14657 uid=1000 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='cwd="/home/rocky" cmd=646E6620636865636B2D757064617465 exe="/usr/bin/sudo" terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_REFR msg=audit(1763738622.925:695): pid=14657 uid=1000 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_START msg=audit(1763738622.927:696): pid=14657 uid=1000 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738623.467:697): pid=14657 uid=1000 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_DISP msg=audit(1763738623.467:698): pid=14657 uid=1000 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_ACCT msg=audit(1763738623.477:699): pid=14660 uid=1000 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_CMD msg=audit(1763738623.477:700): pid=14660 uid=1000 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='cwd="/home/rocky" cmd=646E6620696E7374616C6C202D79206375726C20707974686F6E3320707974686F6E332D7365747570746F6F6C73206C696273656C696E75782D707974686F6E33206970726F757465206A712062696E642D7574696C7320707974686F6E332D706970206F70656E7373682D736572766572206F70656E7373682D636C69656E747320707974686F6E332D7669727475616C656E76 exe="/usr/bin/sudo" terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_REFR msg=audit(1763738623.478:701): pid=14660 uid=1000 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_START msg=audit(1763738623.479:702): pid=14660 uid=1000 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=SERVICE_START msg=audit(1763738627.033:703): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=run-r633988afa8b44b43b029a4dfdf28cc47 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_START msg=audit(1763738627.048:704): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=run-r04e07b94672f455fad51f67df4cc6822 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SOFTWARE_UPDATE msg=audit(1763738627.059:705): pid=14662 uid=0 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=update sw="python3-libs-3.9.21-1.el9_5.x86_64" sw_type=rpm key_enforce=0 gpg_res=1 root_dir="/" comm="dnf" exe=2F7573722F62696E2F707974686F6E332E39202864656C6574656429 hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" type=SOFTWARE_UPDATE msg=audit(1763738627.059:706): pid=14662 uid=0 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=update sw="python-unversioned-command-3.9.21-1.el9_5.noarch" sw_type=rpm key_enforce=0 gpg_res=1 root_dir="/" comm="dnf" exe=2F7573722F62696E2F707974686F6E332E39202864656C6574656429 hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" type=SOFTWARE_UPDATE msg=audit(1763738627.059:707): pid=14662 uid=0 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=update sw="python3-3.9.21-1.el9_5.x86_64" sw_type=rpm key_enforce=0 gpg_res=1 root_dir="/" comm="dnf" exe=2F7573722F62696E2F707974686F6E332E39202864656C6574656429 hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" type=SOFTWARE_UPDATE msg=audit(1763738627.059:708): pid=14662 uid=0 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=install sw="protobuf-c-1.3.3-13.el9.x86_64" sw_type=rpm key_enforce=0 gpg_res=1 root_dir="/" comm="dnf" exe=2F7573722F62696E2F707974686F6E332E39202864656C6574656429 hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" type=SOFTWARE_UPDATE msg=audit(1763738627.059:709): pid=14662 uid=0 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=install sw="python3-distlib-0.3.2-1.el9.noarch" sw_type=rpm key_enforce=0 gpg_res=0 root_dir="/" comm="dnf" exe=2F7573722F62696E2F707974686F6E332E39202864656C6574656429 hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" type=SOFTWARE_UPDATE msg=audit(1763738627.059:710): pid=14662 uid=0 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=install sw="python3-filelock-3.7.1-1.el9.noarch" sw_type=rpm key_enforce=0 gpg_res=0 root_dir="/" comm="dnf" exe=2F7573722F62696E2F707974686F6E332E39202864656C6574656429 hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" type=SOFTWARE_UPDATE msg=audit(1763738627.059:711): pid=14662 uid=0 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=install sw="python3-platformdirs-2.5.4-1.el9.noarch" sw_type=rpm key_enforce=0 gpg_res=0 root_dir="/" comm="dnf" exe=2F7573722F62696E2F707974686F6E332E39202864656C6574656429 hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" type=SOFTWARE_UPDATE msg=audit(1763738627.059:712): pid=14662 uid=0 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=install sw="python3-wheel-wheel-1:0.36.2-8.el9.noarch" sw_type=rpm key_enforce=0 gpg_res=1 root_dir="/" comm="dnf" exe=2F7573722F62696E2F707974686F6E332E39202864656C6574656429 hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" type=SOFTWARE_UPDATE msg=audit(1763738627.059:713): pid=14662 uid=0 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=install sw="libuv-1:1.42.0-2.el9_4.x86_64" sw_type=rpm key_enforce=0 gpg_res=1 root_dir="/" comm="dnf" exe=2F7573722F62696E2F707974686F6E332E39202864656C6574656429 hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" type=SOFTWARE_UPDATE msg=audit(1763738627.059:714): pid=14662 uid=0 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=install sw="fstrm-0.6.1-3.el9.x86_64" sw_type=rpm key_enforce=0 gpg_res=1 root_dir="/" comm="dnf" exe=2F7573722F62696E2F707974686F6E332E39202864656C6574656429 hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" type=SOFTWARE_UPDATE msg=audit(1763738627.059:715): pid=14662 uid=0 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=install sw="bind-license-32:9.16.23-24.el9_5.3.noarch" sw_type=rpm key_enforce=0 gpg_res=1 root_dir="/" comm="dnf" exe=2F7573722F62696E2F707974686F6E332E39202864656C6574656429 hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" type=SOFTWARE_UPDATE msg=audit(1763738627.059:716): pid=14662 uid=0 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=install sw="bind-libs-32:9.16.23-24.el9_5.3.x86_64" sw_type=rpm key_enforce=0 gpg_res=1 root_dir="/" comm="dnf" exe=2F7573722F62696E2F707974686F6E332E39202864656C6574656429 hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" type=SOFTWARE_UPDATE msg=audit(1763738627.059:717): pid=14662 uid=0 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=install sw="bind-utils-32:9.16.23-24.el9_5.3.x86_64" sw_type=rpm key_enforce=0 gpg_res=1 root_dir="/" comm="dnf" exe=2F7573722F62696E2F707974686F6E332E39202864656C6574656429 hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" type=SOFTWARE_UPDATE msg=audit(1763738627.059:718): pid=14662 uid=0 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=install sw="python3-virtualenv-20.21.1-14.el9.noarch" sw_type=rpm key_enforce=0 gpg_res=0 root_dir="/" comm="dnf" exe=2F7573722F62696E2F707974686F6E332E39202864656C6574656429 hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" type=SOFTWARE_UPDATE msg=audit(1763738627.059:719): pid=14662 uid=0 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=install sw="python3-pip-21.3.1-1.el9.noarch" sw_type=rpm key_enforce=0 gpg_res=1 root_dir="/" comm="dnf" exe=2F7573722F62696E2F707974686F6E332E39202864656C6574656429 hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" type=USER_END msg=audit(1763738628.139:720): pid=14660 uid=1000 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_DISP msg=audit(1763738628.139:721): pid=14660 uid=1000 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=SERVICE_START msg=audit(1763738628.146:722): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=man-db-cache-update comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1763738628.146:723): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=man-db-cache-update comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1763738628.161:724): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=run-r633988afa8b44b43b029a4dfdf28cc47 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=SERVICE_STOP msg=audit(1763738628.162:725): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=run-r04e07b94672f455fad51f67df4cc6822 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738743.928:726): pid=15013 uid=1000 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_CMD msg=audit(1763738743.928:727): pid=15013 uid=1000 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='cwd="/home/rocky" cmd="/home/rocky/src/opensdn-io/tf-devstack/common/create_docker_config.sh" exe="/usr/bin/sudo" terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_REFR msg=audit(1763738743.929:728): pid=15013 uid=1000 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_START msg=audit(1763738743.932:729): pid=15013 uid=1000 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738744.182:730): pid=15013 uid=1000 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_DISP msg=audit(1763738744.182:731): pid=15013 uid=1000 auid=1000 ses=25 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738744.186:732): pid=14579 uid=0 auid=1000 ses=25 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738744.186:733): pid=14579 uid=0 auid=1000 ses=25 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738744.186:734): pid=14579 uid=0 auid=1000 ses=25 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=14582 suid=1000 rport=52754 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738744.187:735): pid=14579 uid=0 auid=1000 ses=25 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14582 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738744.188:736): pid=14579 uid=0 auid=1000 ses=25 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738744.188:737): pid=14579 uid=0 auid=1000 ses=25 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738744.189:738): pid=14579 uid=0 auid=1000 ses=25 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=14579 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738744.225:739): pid=15055 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15055 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738744.226:740): pid=15054 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=15055 suid=74 rport=52822 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738744.226:741): pid=15054 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=15055 suid=74 rport=52822 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738744.287:742): pid=15054 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738744.287:743): pid=15054 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738744.295:744): pid=15054 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738744.295:745): pid=15054 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=15055 suid=74 rport=52822 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738744.297:746): pid=15054 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738744.297:747): pid=15054 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=26 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738744.297:747): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffdbd602050 a2=4 a3=3e8 items=0 ppid=1158 pid=15054 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=26 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738744.297:747): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738744.298:748): pid=15054 uid=0 auid=1000 ses=26 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738744.319:749): pid=15054 uid=0 auid=1000 ses=26 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738744.320:750): pid=15057 uid=0 auid=1000 ses=26 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15057 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738744.321:751): pid=15057 uid=0 auid=1000 ses=26 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738744.364:752): pid=15054 uid=0 auid=1000 ses=26 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738744.364:753): pid=15054 uid=0 auid=1000 ses=26 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738744.365:754): pid=15054 uid=0 auid=1000 ses=26 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15058 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738744.384:755): pid=15054 uid=0 auid=1000 ses=26 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738744.384:756): pid=15054 uid=0 auid=1000 ses=26 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738744.384:757): pid=15054 uid=0 auid=1000 ses=26 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=15057 suid=1000 rport=52822 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738744.384:758): pid=15054 uid=0 auid=1000 ses=26 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15057 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738744.385:759): pid=15054 uid=0 auid=1000 ses=26 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738744.386:760): pid=15054 uid=0 auid=1000 ses=26 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738744.386:761): pid=15054 uid=0 auid=1000 ses=26 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15054 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738744.416:762): pid=15075 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15075 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738744.417:763): pid=15074 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=15075 suid=74 rport=52826 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738744.417:764): pid=15074 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=15075 suid=74 rport=52826 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738744.480:765): pid=15074 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738744.480:766): pid=15074 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738744.487:767): pid=15074 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738744.487:768): pid=15074 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=15075 suid=74 rport=52826 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738744.488:769): pid=15074 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738744.488:770): pid=15074 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=27 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738744.488:770): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffcc09c9cd0 a2=4 a3=3e8 items=0 ppid=1158 pid=15074 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=27 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738744.488:770): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738744.489:771): pid=15074 uid=0 auid=1000 ses=27 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738744.506:772): pid=15074 uid=0 auid=1000 ses=27 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738744.507:773): pid=15077 uid=0 auid=1000 ses=27 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15077 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738744.508:774): pid=15077 uid=0 auid=1000 ses=27 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738744.552:775): pid=15074 uid=0 auid=1000 ses=27 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738744.552:776): pid=15074 uid=0 auid=1000 ses=27 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738744.553:777): pid=15074 uid=0 auid=1000 ses=27 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15078 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738744.610:778): pid=15074 uid=0 auid=1000 ses=27 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=15077 suid=1000 rport=52826 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738744.611:779): pid=15074 uid=0 auid=1000 ses=27 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15077 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738744.612:780): pid=15074 uid=0 auid=1000 ses=27 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738744.612:781): pid=15074 uid=0 auid=1000 ses=27 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_END msg=audit(1763738744.613:782): pid=15074 uid=0 auid=1000 ses=27 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738744.613:783): pid=15074 uid=0 auid=1000 ses=27 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738744.613:784): pid=15074 uid=0 auid=1000 ses=27 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15074 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738744.628:785): pid=15096 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15096 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738744.629:786): pid=15095 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=15096 suid=74 rport=52828 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738744.629:787): pid=15095 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256 spid=15096 suid=74 rport=52828 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738744.689:788): pid=15095 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738744.689:789): pid=15095 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:ae:fa:7f:d9:b8:d5:af:f6:9e:8b:ef:bd:d3:40:20:24:0b:d0:a4:08:26:68:ad:f8:4d:f1:fc:07:ba:40:a5:df exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738744.696:790): pid=15095 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738744.696:791): pid=15095 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=15096 suid=74 rport=52828 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738744.697:792): pid=15095 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738744.697:793): pid=15095 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=28 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738744.697:793): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffe75307840 a2=4 a3=3e8 items=0 ppid=1158 pid=15095 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=28 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738744.697:793): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738744.698:794): pid=15095 uid=0 auid=1000 ses=28 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738744.722:795): pid=15095 uid=0 auid=1000 ses=28 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738744.722:796): pid=15098 uid=0 auid=1000 ses=28 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15098 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738744.723:797): pid=15098 uid=0 auid=1000 ses=28 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.25 addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738744.771:798): pid=15095 uid=0 auid=1000 ses=28 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738744.771:799): pid=15095 uid=0 auid=1000 ses=28 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.25 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738744.773:800): pid=15095 uid=0 auid=1000 ses=28 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15099 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738744.900:801): pid=15193 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15193 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738744.901:802): pid=15192 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac= pfs=curve25519-sha256 spid=15193 suid=74 rport=42028 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738744.901:803): pid=15192 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac= pfs=curve25519-sha256 spid=15193 suid=74 rport=42028 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=SERVICE_START msg=audit(1763738745.042:804): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sssd-kcm comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" type=USER_AUTH msg=audit(1763738745.075:805): pid=15192 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738745.075:806): pid=15192 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:44:2f:dd:6e:02:ee:94:f7:ff:a8:18:0c:32:2f:26:0b:5f:99:98:b7:b6:6f:bb:62:8a:82:72:db:5e:3d:82:f2 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738745.083:807): pid=15192 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738745.083:808): pid=15192 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=15193 suid=74 rport=42028 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738745.085:809): pid=15192 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738745.085:810): pid=15192 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=29 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738745.085:810): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffdf1b08840 a2=4 a3=3e8 items=0 ppid=1158 pid=15192 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=29 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738745.085:810): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738745.086:811): pid=15192 uid=0 auid=1000 ses=29 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738745.099:812): pid=15192 uid=0 auid=1000 ses=29 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738745.100:813): pid=15197 uid=0 auid=1000 ses=29 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15197 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738745.101:814): pid=15197 uid=0 auid=1000 ses=29 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738745.143:815): pid=15192 uid=0 auid=1000 ses=29 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738745.143:816): pid=15192 uid=0 auid=1000 ses=29 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738745.144:817): pid=15192 uid=0 auid=1000 ses=29 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15198 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738745.163:818): pid=15192 uid=0 auid=1000 ses=29 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=15197 suid=1000 rport=42028 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738745.163:819): pid=15192 uid=0 auid=1000 ses=29 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15197 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738745.164:820): pid=15192 uid=0 auid=1000 ses=29 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738745.164:821): pid=15192 uid=0 auid=1000 ses=29 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_END msg=audit(1763738745.165:822): pid=15192 uid=0 auid=1000 ses=29 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738745.165:823): pid=15192 uid=0 auid=1000 ses=29 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738745.165:824): pid=15192 uid=0 auid=1000 ses=29 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15192 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738745.181:825): pid=15217 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15217 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738745.181:826): pid=15216 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac= pfs=curve25519-sha256 spid=15217 suid=74 rport=42032 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738745.181:827): pid=15216 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac= pfs=curve25519-sha256 spid=15217 suid=74 rport=42032 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738745.251:828): pid=15216 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738745.251:829): pid=15216 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:44:2f:dd:6e:02:ee:94:f7:ff:a8:18:0c:32:2f:26:0b:5f:99:98:b7:b6:6f:bb:62:8a:82:72:db:5e:3d:82:f2 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738745.258:830): pid=15216 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738745.259:831): pid=15216 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=15217 suid=74 rport=42032 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738745.260:832): pid=15216 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738745.260:833): pid=15216 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=30 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738745.260:833): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffd68417af0 a2=4 a3=3e8 items=0 ppid=1158 pid=15216 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=30 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738745.260:833): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738745.261:834): pid=15216 uid=0 auid=1000 ses=30 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738745.288:835): pid=15216 uid=0 auid=1000 ses=30 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738745.288:836): pid=15219 uid=0 auid=1000 ses=30 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15219 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738745.289:837): pid=15219 uid=0 auid=1000 ses=30 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738745.330:838): pid=15216 uid=0 auid=1000 ses=30 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738745.330:839): pid=15216 uid=0 auid=1000 ses=30 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738745.331:840): pid=15216 uid=0 auid=1000 ses=30 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15220 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738745.355:841): pid=15216 uid=0 auid=1000 ses=30 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738745.355:842): pid=15216 uid=0 auid=1000 ses=30 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738745.355:843): pid=15216 uid=0 auid=1000 ses=30 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=15219 suid=1000 rport=42032 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738745.355:844): pid=15216 uid=0 auid=1000 ses=30 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15219 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738745.356:845): pid=15216 uid=0 auid=1000 ses=30 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738745.356:846): pid=15216 uid=0 auid=1000 ses=30 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738745.356:847): pid=15216 uid=0 auid=1000 ses=30 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15216 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738745.374:848): pid=15239 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15239 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738745.375:849): pid=15238 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac= pfs=curve25519-sha256 spid=15239 suid=74 rport=42046 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738745.375:850): pid=15238 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac= pfs=curve25519-sha256 spid=15239 suid=74 rport=42046 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738745.443:851): pid=15238 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738745.443:852): pid=15238 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:44:2f:dd:6e:02:ee:94:f7:ff:a8:18:0c:32:2f:26:0b:5f:99:98:b7:b6:6f:bb:62:8a:82:72:db:5e:3d:82:f2 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738745.450:853): pid=15238 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738745.451:854): pid=15238 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=15239 suid=74 rport=42046 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738745.452:855): pid=15238 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738745.452:856): pid=15238 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=31 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738745.452:856): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffed62e7250 a2=4 a3=3e8 items=0 ppid=1158 pid=15238 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=31 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738745.452:856): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738745.453:857): pid=15238 uid=0 auid=1000 ses=31 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738745.465:858): pid=15238 uid=0 auid=1000 ses=31 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738745.466:859): pid=15241 uid=0 auid=1000 ses=31 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15241 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738745.467:860): pid=15241 uid=0 auid=1000 ses=31 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738745.508:861): pid=15238 uid=0 auid=1000 ses=31 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738745.508:862): pid=15238 uid=0 auid=1000 ses=31 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738745.509:863): pid=15238 uid=0 auid=1000 ses=31 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15242 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738745.531:864): pid=15238 uid=0 auid=1000 ses=31 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=15241 suid=1000 rport=42046 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738745.531:865): pid=15238 uid=0 auid=1000 ses=31 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15241 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_END msg=audit(1763738745.532:866): pid=15238 uid=0 auid=1000 ses=31 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" type=CRED_DISP msg=audit(1763738745.532:867): pid=15238 uid=0 auid=1000 ses=31 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_END msg=audit(1763738745.533:868): pid=15238 uid=0 auid=1000 ses=31 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_LOGOUT msg=audit(1763738745.533:869): pid=15238 uid=0 auid=1000 ses=31 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738745.533:870): pid=15238 uid=0 auid=1000 ses=31 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15238 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRYPTO_KEY_USER msg=audit(1763738745.546:871): pid=15260 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15260 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="unset" SUID="root" type=CRYPTO_SESSION msg=audit(1763738745.547:872): pid=15259 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac= pfs=curve25519-sha256 spid=15260 suid=74 rport=42060 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRYPTO_SESSION msg=audit(1763738745.547:873): pid=15259 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac= pfs=curve25519-sha256 spid=15260 suid=74 rport=42060 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=USER_AUTH msg=audit(1763738745.614:874): pid=15259 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth grantors=auth-key acct="rocky" exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738745.614:875): pid=15259 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=negotiate kind=auth-key fp=SHA256:44:2f:dd:6e:02:ee:94:f7:ff:a8:18:0c:32:2f:26:0b:5f:99:98:b7:b6:6f:bb:62:8a:82:72:db:5e:3d:82:f2 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="unset" type=USER_ACCT msg=audit(1763738745.621:876): pid=15259 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="unset" type=CRYPTO_KEY_USER msg=audit(1763738745.622:877): pid=15259 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=15260 suid=74 rport=42060 laddr=10.0.0.249 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=? res=success'UID="root" AUID="unset" SUID="sshd" type=CRED_ACQ msg=audit(1763738745.623:878): pid=15259 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="unset" type=LOGIN msg=audit(1763738745.623:879): pid=15259 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=32 res=1UID="root" OLD-AUID="unset" AUID="rocky" type=SYSCALL msg=audit(1763738745.623:879): arch=c000003e syscall=1 success=yes exit=4 a0=3 a1=7ffee10a0830 a2=4 a3=3e8 items=0 ppid=1158 pid=15259 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=32 comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=write AUID="rocky" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root" type=PROCTITLE msg=audit(1763738745.623:879): proctitle=737368643A20726F636B79205B707269765D type=USER_ROLE_CHANGE msg=audit(1763738745.623:880): pid=15259 uid=0 auid=1000 ses=32 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pam_selinux default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_START msg=audit(1763738745.647:881): pid=15259 uid=0 auid=1000 ses=32 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_umask,pam_lastlog acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738745.648:882): pid=15262 uid=0 auid=1000 ses=32 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15262 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="root" type=CRED_ACQ msg=audit(1763738745.648:883): pid=15262 uid=0 auid=1000 ses=32 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="rocky" exe="/usr/sbin/sshd" hostname=10.0.0.249 addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" type=USER_LOGIN msg=audit(1763738745.690:884): pid=15259 uid=0 auid=1000 ses=32 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=USER_START msg=audit(1763738745.690:885): pid=15259 uid=0 auid=1000 ses=32 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=10.0.0.249 terminal=ssh res=success'UID="root" AUID="rocky" ID="rocky" type=CRYPTO_KEY_USER msg=audit(1763738745.691:886): pid=15259 uid=0 auid=1000 ses=32 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:94:18:15:1c:28:1c:f7:1a:f7:7e:16:70:5a:2c:c8:87:b0:a9:d7:03:c0:1f:44:10:4b:da:c1:dd:15:7e:0e:e1 direction=? spid=15263 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'UID="root" AUID="rocky" SUID="rocky" type=USER_ACCT msg=audit(1763738745.770:887): pid=15313 uid=1000 auid=1000 ses=32 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_CMD msg=audit(1763738745.770:888): pid=15313 uid=1000 auid=1000 ses=32 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='cwd="/tmp/ansible-logs" cmd=6370202F6574632F6368726F6E792E636F6E66202F746D702F616E7369626C652D6C6F67732F6C6F67732F73797374656D2F exe="/usr/bin/sudo" terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_REFR msg=audit(1763738745.771:889): pid=15313 uid=1000 auid=1000 ses=32 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_START msg=audit(1763738745.773:890): pid=15313 uid=1000 auid=1000 ses=32 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738745.775:891): pid=15313 uid=1000 auid=1000 ses=32 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_DISP msg=audit(1763738745.775:892): pid=15313 uid=1000 auid=1000 ses=32 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_ACCT msg=audit(1763738745.787:893): pid=15318 uid=1000 auid=1000 ses=32 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_CMD msg=audit(1763738745.788:894): pid=15318 uid=1000 auid=1000 ses=32 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='cwd="/tmp/ansible-logs" cmd=6370202F7661722F6C6F672F6D65737361676573202F746D702F616E7369626C652D6C6F67732F6C6F67732F73797374656D2F exe="/usr/bin/sudo" terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_REFR msg=audit(1763738745.788:895): pid=15318 uid=1000 auid=1000 ses=32 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_START msg=audit(1763738745.789:896): pid=15318 uid=1000 auid=1000 ses=32 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_END msg=audit(1763738745.793:897): pid=15318 uid=1000 auid=1000 ses=32 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_DISP msg=audit(1763738745.793:898): pid=15318 uid=1000 auid=1000 ses=32 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_ACCT msg=audit(1763738745.805:899): pid=15322 uid=1000 auid=1000 ses=32 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix acct="rocky" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_CMD msg=audit(1763738745.805:900): pid=15322 uid=1000 auid=1000 ses=32 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='cwd="/tmp/ansible-logs" cmd=62617368202D63206370202D72202F7661722F6C6F672F61756469742F2A202F746D702F616E7369626C652D6C6F67732F6C6F67732F73797374656D2F61756469742F20323E2F6465762F6E756C6C exe="/usr/bin/sudo" terminal=? res=success'UID="rocky" AUID="rocky" type=CRED_REFR msg=audit(1763738745.806:901): pid=15322 uid=1000 auid=1000 ses=32 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky" type=USER_START msg=audit(1763738745.807:902): pid=15322 uid=1000 auid=1000 ses=32 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success'UID="rocky" AUID="rocky"