setroubleshoot-3.3.24-1

- Add 'fur' into shipped locales - Update translations - Log full reports with correct syslog identifier - Cancel pending alarm during AVC analyses
tests/Regression/Report-bugs: Add new test RPM
2020-10-13 10:10:10 +02:00 · 2020-08-05 18:05:15 +02:00 · 2020-08-01 09:02:16 +00:00 · 2020-07-29 10:35:09 +00:00 · 2020-07-14 14:08:30 +00:00 · 2020-05-27 13:59:07 +02:00
25 changed files with 10554 additions and 88 deletions
--- a/.gitignore
+++ b/.gitignore
@ -186,3 +186,26 @@ setroubleshoot-2.2.93.tar.gz
 /setroubleshoot-3.2.23.tar.gz
 /setroubleshoot-3.2.24.tar.gz
 /setroubleshoot-3.3.1.tar.gz
+/setroubleshoot-3.3.3.tar.gz
+/setroubleshoot-3.3.4.tar.gz
+/setroubleshoot-3.3.5.tar.gz
+/setroubleshoot-3.3.6.tar.gz
+/setroubleshoot-3.3.7.tar.gz
+/setroubleshoot-3.3.8.tar.gz
+/setroubleshoot-3.3.8.1.tar.gz
+/setroubleshoot-3.3.9.1.tar.gz
+/setroubleshoot-3.3.10.tar.gz
+/setroubleshoot-3.3.11.tar.gz
+/setroubleshoot-3.3.12.tar.gz
+/setroubleshoot-3.3.13.tar.gz
+/setroubleshoot-3.3.14.tar.gz
+/setroubleshoot-3.3.15.tar.gz
+/setroubleshoot-3.3.16.tar.gz
+/setroubleshoot-3.3.17.tar.gz
+/setroubleshoot-3.3.18.tar.gz
+/setroubleshoot-3.3.19.tar.gz
+/setroubleshoot-3.3.20.tar.gz
+/setroubleshoot-3.3.21.tar.gz
+/setroubleshoot-3.3.22.tar.gz
+/setroubleshoot-3.3.23.tar.gz
+/setroubleshoot-3.3.24.tar.gz
--- a/0001-framework-Update-translations.patch
+++ b/0001-framework-Update-translations.patch
--- a/README.translations
+++ b/README.translations
@ -0,0 +1,29 @@
+Setroubleshoot translations currently live in the following locations:
+
+- https://fedora.zanata.org/project/view/setroubleshoot
+  - contains translations for both stable (RHEL) and master (Fedora) branches
+  - maintains large number of languages (several of which do not actually contain any translated strings)
+  - updated by community and partially by RH localization effort
+
+- setroubleshoot source repositories (https://pagure.io/setroubleshoot and https://github.com/fedora-selinux/setroubleshoot)
+  - is kept up-to-date with fedora.zanata
+
+How to update source files on fedora.zanata:
+  $ git clone git@github.com:fedora-selinux/setroubleshoot.git
+  $ cd setroubleshoot/framework
+    # Update Makefile
+  $ ./autogen.sh
+    # generate new potfile
+  $ cd po
+  $ make setroubleshoot.pot
+    # Repeat the process for plugins
+    # Push potfiles to zanata
+  $ zanata-cli push --push-type source
+
+How to pull new translations from zanata
+  $ git clone git@github.com:fedora-selinux/setroubleshoot.git
+  $ cd setroubleshoot
+    # Make sure "zanata.xml" file pointing to corresponding translations branch is present
+    # Optionally update source files on zanata
+    # Pull new translations from zanata
+  $ zanata-cli -e pull --pull-type trans
--- a/setroubleshoot.spec
+++ b/setroubleshoot.spec
@ -1,28 +1,26 @@
+# Disable automatic compilation of Python files in extra directories
+%global _python_bytecompile_extra 0
+
 Summary: Helps troubleshoot SELinux problems
 Name: setroubleshoot
-Version: 3.3.1
-Release: 0.1%{?dist}
+Version: 3.3.24
+Release: 1%{?dist}
 License: GPLv2+
-Group: Applications/System
-URL: https://fedorahosted.org/setroubleshoot
-# git clone https://github.com/fedora-selinux/setroubleshoot.git
-# cd setroubleshoot/framework/
-# # for the devel version use
-# git checkout python3
-# # for a relase use
-# # git checkout setroubleshoot-%{version}
-# ./autogen.sh
-# make dist
-Source0: %{name}-%{version}.tar.gz
+URL: https://pagure.io/setroubleshoot
+Source0: https://releases.pagure.org/setroubleshoot/%{name}-%{version}.tar.gz
 Source1: %{name}.tmpfiles
-BuildRequires: perl-XML-Parser
+# git format-patch -N setroubleshoot-3.3.24 -- framework
+# i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done
+Patch0001: 0001-framework-Update-translations.patch
+BuildRequires: gcc
 BuildRequires: libcap-ng-devel
 BuildRequires: intltool gettext python3 python3-devel
 BuildRequires: desktop-file-utils dbus-glib-devel gtk2-devel libnotify-devel audit-libs-devel libselinux-devel polkit-devel
-Requires: %{name}-server = %{version}-%{release} 
-Requires: pygtk2-libglade >= 2.9.2
-Requires: gtk2
-Requires: libreport-gtk >= 2.2.1-2, libreport-python3
+BuildRequires: python3-libselinux python3-pydbus python3-gobject gtk3-devel
+Requires: %{name}-server = %{version}-%{release}
+Requires: gtk3, libnotify
+Requires: libreport-gtk >= 2.2.1-2, python3-libreport
+Requires: python3-gobject, python3-pydbus
 Requires(post): desktop-file-utils
 Requires(post): dbus
 Requires(postun): desktop-file-utils
@ -32,13 +30,13 @@ BuildRequires: xdg-utils
 Requires: xdg-utils

 %global pkgpythondir  %{python3_sitelib}/%{name}
-%define pkgguidir     %{_datadir}/%{name}/gui
-%define pkgdatadir    %{_datadir}/%{name}
-%define pkglibexecdir %{_prefix}/libexec/%{name}
-%define pkgvardatadir %{_localstatedir}/lib/%{name}
-%define pkgconfigdir  %{_sysconfdir}/%{name}
+%global pkgguidir     %{_datadir}/%{name}/gui
+%global pkgdatadir    %{_datadir}/%{name}
+%global pkglibexecdir %{_prefix}/libexec/%{name}
+%global pkgvardatadir %{_localstatedir}/lib/%{name}
+%global pkgconfigdir  %{_sysconfdir}/%{name}
 %global pkgdatabase   %{pkgvardatadir}/setroubleshoot_database.xml
-%define username      setroubleshoot
+%global username      setroubleshoot

 %description
 setroubleshoot GUI. Application that allows you to view setroubleshoot-server
@ -49,47 +47,30 @@ about the problem and help track its resolution. Alerts can be configured
 to user preference. The same tools can be run on existing log files.

 %files
-%defattr(-,root,root,-)
 %{pkgguidir}
 %config(noreplace) %{_sysconfdir}/xdg/autostart/*
 %{_datadir}/applications/*.desktop
+%{_datadir}/appdata/*.appdata.xml
 %{_datadir}/dbus-1/services/sealert.service
 %{_datadir}/icons/hicolor/*/*/*
 %dir %attr(0755,root,root) %{pkgpythondir}
-%{pkgpythondir}/browser.py*
-%{pkgpythondir}/gui_utils.py*
+%{pkgpythondir}/browser.py
+%{pkgpythondir}/__pycache__/browser.cpython*
+%{pkgpythondir}/gui_utils.py
+%{pkgpythondir}/__pycache__/gui_utils.cpython*
 %{_bindir}/seapplet
-%attr(0644,root,root) %{_tmpfilesdir}/%{name}.conf
-%attr(0711,setroubleshoot,setroubleshoot) %dir %{_rundir}/setroubleshoot
-%{pkgpythondir}/__pycache__/*
-
-
-%post
-touch --no-create %{_datadir}/icons/hicolor || :
-dbus-send --system /com/redhat/setroubleshootd com.redhat.SEtroubleshootdIface.restart string:'rpm install' >/dev/null 2>&1 || :
-%systemd_post auditd.service
-
-%postun
-if [ $1 -eq 0 ] ; then
-touch --no-create %{_datadir}/icons/hicolor || :
-%{_bindir}/gtk-update-icon-cache --quiet %{_datadir}/icons/hicolor || :
-fi
-%systemd_postun_with_restart auditd.service
-
-%posttrans
-%{_bindir}/gtk-update-icon-cache --quiet %{_datadir}/icons/hicolor || :


 %prep
-%setup -q
+%autosetup -p 2

 %build
-%configure PYTHON=%{__python3}
+autoreconf -f
+%configure PYTHON=%{__python3} --enable-seappletlegacy=yes --with-auditpluginsdir=/etc/audit/plugins.d
 make

 %install
-rm -rf %{buildroot}
-make DESTDIR=%{buildroot} install
+%make_install PREFIX=/usr
 desktop-file-install --vendor="" --dir=%{buildroot}%{_datadir}/applications %{buildroot}/%{_datadir}/applications/%{name}.desktop
 mkdir -p %{buildroot}%{pkgvardatadir}
 mkdir -p %{buildroot}%{_rundir}/setroubleshoot
@ -104,21 +85,20 @@ install -m644 -D %{SOURCE1} $RPM_BUILD_ROOT%{_tmpfilesdir}/%{name}.conf

 %package server
 Summary: SELinux troubleshoot server
-Group: Applications/System

-Requires: %{name}-plugins >= 3.0.14
-Requires: audit >= 1.2.6-3
-Requires: audit-libs-python3 >= 1.2.6-3
+Requires: %{name}-plugins >= 3.3.10
+Requires: audit >= 3
+Requires: audit-libs-python3
 Requires: libxml2-python3
 Requires: rpm-python3
 Requires: libselinux-python3  >= 2.1.5-1
 Requires: policycoreutils-python-utils
 BuildRequires: intltool gettext python3
 BuildRequires: python3-devel
-Requires: python-slip-dbus systemd-python >= 206-1
-Requires: pygobject3 >= 3.11
+Requires: python3-slip-dbus systemd-python3 >= 206-1
+Requires: python3-gobject-base >= 3.11
 Requires: dbus
-Requires: dbus-python
+Requires: python3-dbus python3-pydbus
 Requires: polkit
 Requires(pre): /usr/sbin/useradd /usr/sbin/groupadd

@ -132,62 +112,331 @@ to user preference. The same tools can be run on existing log files.
 getent passwd %{username} >/dev/null || useradd -r -U -s /sbin/nologin -d %{pkgvardatadir} %{username}

 %post server
-%systemd_post auditd.service
+/sbin/service auditd reload >/dev/null 2>&1 || :

 %postun server
-%systemd_postun_with_restart auditd.service
+/sbin/service auditd reload >/dev/null 2>&1 || :

 %triggerun server -- %{name}-server < 3.2.24-4
 chown -R setroubleshoot:setroubleshoot %{pkgvardatadir}

-%clean
-rm -rf %{buildroot}
-
 %files server -f %{name}.lang
-%defattr(-,root,root,-)
-%{_datadir}/appdata/*.appdata.xml
 %{_bindir}/sealert
 %{_sbindir}/sedispatch
 %{_sbindir}/setroubleshootd
 %{python3_sitelib}/setroubleshoot*.egg-info
 %dir %attr(0755,root,root) %{pkgconfigdir}
-%dir %attr(0755,root,root) %{pkgpythondir}
-%{pkgpythondir}/Plugin.py*
-%{pkgpythondir}/__init__.py*
-%{pkgpythondir}/access_control.py*
-%{pkgpythondir}/analyze.py*
-%{pkgpythondir}/audit_data.py*
-%{pkgpythondir}/avc_audit.py*
-%{pkgpythondir}/config.py*
-%{pkgpythondir}/email_alert.py*
-%{pkgpythondir}/errcode.py*
-%{pkgpythondir}/html_util.py*
-%{pkgpythondir}/rpc.py*
-%{pkgpythondir}/serverconnection.py*
-%{pkgpythondir}/rpc_interfaces.py*
-%{pkgpythondir}/server.py*
-%{pkgpythondir}/signature.py*
-%{pkgpythondir}/util.py*
-%{pkgpythondir}/uuid.py*
-%{pkgpythondir}/xml_serialize.py*
+%dir %{pkgpythondir}
+%dir %{pkgpythondir}/__pycache__
+%{pkgpythondir}/Plugin.py
+%{pkgpythondir}/__init__.py
+%{pkgpythondir}/access_control.py
+%{pkgpythondir}/analyze.py
+%{pkgpythondir}/audit_data.py
+%{pkgpythondir}/avc_audit.py
+%{pkgpythondir}/config.py
+%{pkgpythondir}/email_alert.py
+%{pkgpythondir}/errcode.py
+%{pkgpythondir}/html_util.py
+%{pkgpythondir}/rpc.py
+%{pkgpythondir}/serverconnection.py
+%{pkgpythondir}/rpc_interfaces.py
+%{pkgpythondir}/server.py
+%{pkgpythondir}/signature.py
+%{pkgpythondir}/util.py
+%{pkgpythondir}/uuid.py
+%{pkgpythondir}/xml_serialize.py
+%{pkgpythondir}/__pycache__/Plugin.cpython*
+%{pkgpythondir}/__pycache__/__init__.cpython*
+%{pkgpythondir}/__pycache__/access_control.cpython*
+%{pkgpythondir}/__pycache__/analyze.cpython*
+%{pkgpythondir}/__pycache__/audit_data.cpython*
+%{pkgpythondir}/__pycache__/avc_audit.cpython*
+%{pkgpythondir}/__pycache__/config.cpython*
+%{pkgpythondir}/__pycache__/email_alert.cpython*
+%{pkgpythondir}/__pycache__/errcode.cpython*
+%{pkgpythondir}/__pycache__/html_util.cpython*
+%{pkgpythondir}/__pycache__/rpc.cpython*
+%{pkgpythondir}/__pycache__/rpc_interfaces.cpython*
+%{pkgpythondir}/__pycache__/server.cpython*
+%{pkgpythondir}/__pycache__/serverconnection.cpython*
+%{pkgpythondir}/__pycache__/signature.cpython*
+%{pkgpythondir}/__pycache__/util.cpython*
+%{pkgpythondir}/__pycache__/uuid.cpython*
+%{pkgpythondir}/__pycache__/xml_serialize.cpython*
 %dir %{pkgdatadir}
-%{pkgdatadir}/SetroubleshootFixit.py*
-%{pkgdatadir}/updater.py*
+%{pkgdatadir}/SetroubleshootFixit.py
+%{pkgdatadir}/SetroubleshootPrivileged.py
 %config(noreplace) %{pkgconfigdir}/%{name}.conf
 %config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.fedoraproject.Setroubleshootd.conf
+%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.fedoraproject.SetroubleshootPrivileged.conf
 %attr(0700,setroubleshoot,setroubleshoot) %dir %{pkgvardatadir}
 %ghost %attr(0600,setroubleshoot,setroubleshoot) %{pkgdatabase}
 %ghost %attr(0644,setroubleshoot,setroubleshoot) %{pkgvardatadir}/email_alert_recipients
+%{_mandir}/man1/seapplet.1.gz
 %{_mandir}/man8/sealert.8.gz
 %{_mandir}/man8/sedispatch.8.gz
 %{_mandir}/man8/setroubleshootd.8.gz
-%config /etc/audisp/plugins.d/sedispatch.conf
+%config /etc/audit/plugins.d/sedispatch.conf
 %{_datadir}/dbus-1/system-services/org.fedoraproject.Setroubleshootd.service
+%{_datadir}/dbus-1/system-services/org.fedoraproject.SetroubleshootPrivileged.service
 %{_datadir}/polkit-1/actions/org.fedoraproject.setroubleshootfixit.policy
 %config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.fedoraproject.SetroubleshootFixit.conf
 %{_datadir}/dbus-1/system-services/org.fedoraproject.SetroubleshootFixit.service
+%attr(0644,root,root) %{_tmpfilesdir}/%{name}.conf
+%attr(0711,setroubleshoot,setroubleshoot) %dir %{_rundir}/setroubleshoot
+%doc AUTHORS COPYING ChangeLog DBUS.md NEWS README TODO
+
+%package legacy
+Summary: SELinux troubleshoot legacy applet
+
+Requires: gtk2
+Requires: %{name} = %{version}-%{release}
+
+%description legacy
+SELinux troubleshoot legacy applet
+
+%files legacy
+%{_bindir}/seappletlegacy

 %changelog
+* Tue Oct 13 2020 Petr Lautrbach <plautrba@redhat.com> - 3.3.24-1
+ - Add 'fur' into shipped locales
+ - Update translations
+ - Log full reports with correct syslog identifier
+ - Cancel pending alarm during AVC analyses
+
+* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.23-5
+- Second attempt - Rebuilt for
+  https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.23-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue Jul 14 2020 Tom Stellard <tstellar@redhat.com> - 3.3.23-3
+- Use make macros
+- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
+
+* Tue May 26 2020 Miro Hrončok <mhroncok@redhat.com> - 3.3.23-2
+- Rebuilt for Python 3.9
+
+* Tue Apr 21 2020 Vit Mojzis <vmojzis@redhat.com> - 3.3.23-1
+- browser: Check return value of Gdk.Screen().get_default()
+- Improve and unify error messages
+- setroubleshoot.util: Catch exceptions from sepolicy import
+- Add dpkg support
+- Do not refer to hardcoded selinux-policy rpm in signature
+- Make date/time format locale specific
+- Improve speed of plugin evaluation
+
+* Wed Mar  4 2020 Petr Lautrbach <plautrba@redhat.com> - 3.3.22-6
+- Do not try to report a bug on None package (#1809801)
+
+* Fri Feb 28 2020 Petr Lautrbach <plautrba@redhat.com> - 3.3.22-5
+- root user doesn't need to use SetroubleshootPrivileged API
+
+* Thu Feb 27 2020 Petr Lautrbach <plautrba@redhat.com> - 3.3.22-4
+- sealert to report a bug on a package which owns the related SELinux domain
+  https://pagure.io/setroubleshoot/issue/18
+
+* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.22-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Sat Jan 11 2020 Petr Lautrbach <plautrba@redhat.com> - 3.3.22-2
+- Log plugin exception traceback when log level is DEBUG
+- sepolicy.info() returns a generator, not a list (#1784564)
+
+* Thu Jan  2 2020 Petr Lautrbach <plautrba@redhat.com> - 3.3.22-1
+- sepolicy.info() returns a generator, not a list (#1784564)
+
+* Wed Dec 11 2019 Vit Mojzis <vmojzis@redhat.com> - 3.3.21-1
+- Fix AVC.__typeMatch to handle aliases properly
+- Handle sockets with abstract path properly (#1775135)
+
+* Thu Oct 03 2019 Miro Hrončok <mhroncok@redhat.com> - 3.3.20-4
+- Rebuilt for Python 3.8.0rc1 (#1748018)
+
+* Tue Aug 27 2019 Petr Lautrbach <plautrba@redhat.com> - 3.3.20-3
+- Use dbus.mainloop.glib.DBusGMainLoop() instead of dbus.glib
+
+* Mon Aug 19 2019 Miro Hrončok <mhroncok@redhat.com> - 3.3.20-2
+- Rebuilt for Python 3.8
+
+* Wed Jul 17 2019 Vit Mojzis <vmojzis@redhat.com> - 3.3.20-1
+- Update "missing" scripts to automake-1.15
+- Add active polling for acquiring policy file
+- Fix translation of hex values in AVCs
+- require initscripts to ensure that "service" call works properly
+- Add man page for seapplet
+- setroubleshoot-server: only require gobject-base
+
+* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.19-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Sat Dec  8 2018 Petr Lautrbach <plautrba@redhat.com> - 3.3.19-1
+- Require plugins >= 3.3.10
+
+* Thu Nov 29 2018 Petr Lautrbach <plautrba@redhat.com> - 3.3.18-3
+- Update scriptlets to reload auditd after install or uninstall
+
+* Thu Sep 20 2018 Petr Lautrbach <plautrba@redhat.com> - 3.3.18-2
+- Update translations
+- Improve myplatform detection in get_os_environment()
+
+* Wed Jul 18 2018 Petr Lautrbach <plautrba@redhat.com> - 3.3.18-1
+- Move sedispatch.conf to /etc/audit/plugins.d/
+- Fix summary and "if" text for AVCs with unknown target path
+
+* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.17-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Tue Jun 19 2018 Miro Hrončok <mhroncok@redhat.com> - 3.3.17-2
+- Rebuilt for Python 3.7
+
+* Mon Feb 26 2018 Petr Lautrbach <plautrba@redhat.com> - 3.3.17-1
+- Set auto_save_interval to 5 (#1548913,#1523406,#1539180)
+- seapplet: Try send and close notifications (#1541624,#1541719,#1544222,#1539367)
+
+* Tue Feb 20 2018 Petr Lautrbach <plautrba@redhat.com> - 3.3.16-1
+- Do not show status_icon when there's no alert (#1543758)
+- Run seapplet only on SELinux enabled system (#1541631)
+- Use context in Gio.AppInfo.launch (#1542156)
+
+* Fri Feb 09 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 3.3.15-3
+- Escape macros in %%changelog
+
+* Fri Jan 19 2018 Björn Esser <besser82@fedoraproject.org> - 3.3.15-2
+- Fix runtime dependency: 's!lipreport!libreport!g' (#1536580)
+- Prefer %%global over %%define
+- Remove obsolete %%defattr(-,root,root,-)
+
+* Fri Jan 19 2018 Petr Lautrbach <plautrba@redhat.com> - 3.3.15-1
+- Rewrite seapplet to Python3 to use Notify and Gtk 3.0
+- Add setroubleshoot-seappletlegacy with legacy seappletlegacy based on Gtk 2
+- sealert: Finish dbus communication after error
+
+* Fri Jan 05 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 3.3.14-4
+- Remove obsolete scriptlets
+
+* Thu Nov 23 2017 Petr Lautrbach <plautrba@redhat.com> - 3.3.14-3
+- Update translations
+
+* Mon Nov 20 2017 Petr Lautrbach <plautrba@redhat.com> - 3.3.14-2
+- Update translations
+
+* Sat Nov 18 2017 Petr Lautrbach <plautrba@redhat.com> - 3.3.14-1
+- Increase the space for suggested solutions in sealert
+- Highlight suggestions with the highest confidence
+- Remove additional "If " string from plugin messages
+- Fix sealert message for process2 (#1507909)
+- Do not change if_string[0] to lowercase
+
+* Fri Sep 15 2017 Petr Lautrbach <plautrba@redhat.com> - 3.3.13-1
+- Don't stop when the plugin directory is empty
+- Fix missing margins on Troubleshoot window
+- Resize all solutions panels horizontally
+- Fix missing priority color for proposed solutions
+- Do not split If sentences to framework and plugins - requires
+  setroubleshoot-plugins 3.3.8 at least (rhbz#1210243, rhbz#1322734, rhbz#1115510)
+- Set translation domain for Gtk.Builder() object to have strings
+  correctly translated
+- Make labels on GtkButtons translatable
+- Handla all exceptions from do_analyze_logfile()
+- Fix semi-translated messages
+- Update translations
+- Do not catch POSIX signals (rhbz#1366004, rhbz#1419245)
+
+* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.12-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.12-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Tue Jun 13 2017 Petr Lautrbach <plautrba@redhat.com> - 3.3.12-1
+- Remove "Report bug" button when mozplugger plugin is used (#1290135)
+- Change "check_for_man" return value upon failure (#1431191)
+- Fix "plugin details" message content
+- Add "init_args" function to Plugin
+- Fix sealert crash when setroubleshootd fails to start (#1405003)
+- Improve obtaining AVC object path
+- Fix setroubleshootd.8
+- Fix report problem summary string
+- sealert - provide a better error message when SELinux is disabled
+- Spelling fixes
+- Python 3.6 invalid escape sequence deprecation fixes
+
+* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.11-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Mon Dec 19 2016 Miro Hrončok <mhroncok@redhat.com> - 3.3.11-2
+- Rebuild for Python 3.6
+
+* Wed Aug 31 2016 Petr Lautrbach <plautrba@redhat.com> - 3.3.11-1
+- Fix "list all alerts" in sealert gui (#1370272, #1332485)
+- Fix sealert message for capability2 (#1360392)
+
+* Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.3.10-2
+- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
+
+* Sat Jul 16 2016 Petr Lautrbach <plautrba@redhat.com> - 3.3.10-1
+- setroubleshootd fixed to catch all subprocess exceptions
+- Translations updated
+
+* Tue Jun 21 2016 Petr Lautrbach <plautrba@redhat.com> - 3.3.9.1-1
+- Do not use dangerous shell=True
+- Use subprocess.check_output() with a sequence of program arguments
+
+* Thu Jun 02 2016 Petr Lautrbach <plautrba@redhat.com> - 3.3.8.1-1
+- fixed get_all_alerts_ignored()
+
+* Thu Jun 02 2016 Petr Lautrbach <plautrba@redhat.com> - 3.3.8-1
+- added setroubleshootd_log.log_full=True|False directive
+- setroubleshootd_log.level and sealert_log.level can be set to
+  different values
+- get_alert() and get_all_alerts_since() DBUS APIs change to use
+  number of microseconds instead of date string
+- setroubleshoot.conf cleanup
+
+* Wed May 18 2016 Petr Lautrbach <plautrba@redhat.com> - 3.3.7-1
+- Added new methods to DBUS API:
+  set_filter(), get_all_alerts_ignored(), delete_alert()
+
+* Fri May 06 2016 Petr Lautrbach <plautrba@redhat.com> - 3.3.6-1
+- Translations updated (#1322654)
+- Suggest my-<command>.pp modules instead of mypol.pp (#1329037)
+
+* Thu Apr 14 2016 Petr Lautrbach <plautrba@redhat.com> - 3.3.5-3
+- Drop unwanted debug message in sedispatch (#1326985)
+
+* Thu Apr 07 2016 Petr Lautrbach <plautrba@redhat.com> - 3.3.5-2
+- setroubleshoot: Ensure that dbus string param isn't null
+
+* Mon Apr 04 2016 Petr Lautrbach <plautrba@redhat.com> - 3.3.5-1
+- get_alert() DBUS API extended with more parameters
+- sedispatch uses a timeout when collecting audit events (#1322771)
+- Use correct packaging for byte compiled files (#1321047)
+
+* Thu Feb 11 2016 Petr Lautrbach <plautrba@redhat.com> 3.3.4-1
+- fixed traceback in SetroubleshootFixit.py (#1279396)
+
+* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.3-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Thu Jan 21 2016 Petr Lautrbach <plautrba@redhat.com> 3.3.3-1
+- fixed few UI browser problems
+- extended DBUS API, see DBUS.md
+- import MIMEText from the right module (#1297111)
+- Fix several GTK deprecated warnings
+
+* Tue Nov 10 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.3.1-0.4
+- Rebuilt for https://fedoraproject.org/wiki/Changes/python3.5
+
+* Wed Sep 16 2015 Richard Hughes <rhughes@redhat.com> - 3.3.1-0.3
+- Move the AppData file to the right subpackage so it gets used.
+
+* Fri Aug 28 2015 Michal Srb <msrb@redhat.com> - 3.3.1-0.2
+- Sanitize requires for Python 3
+
 * Tue Aug 18 2015 Petr Lautrbach <plautrba@redhat.com> 3.3.1-0.1
 - port setroubleshoot to Python 3

@ -199,7 +448,7 @@ rm -rf %{buildroot}

 * Thu Apr 23 2015 Petr Lautrbach <plautrba@redhat.com> 3.2.24-1
 - translations updated from https://fedora.zanata.org/project/view/setroubleshoot
- setroubleshoot_database.xml and email_alert_recipients are %ghost again
+- setroubleshoot_database.xml and email_alert_recipients are %%ghost again

 * Thu Apr 09 2015 Petr Lautrbach <plautrba@redhat.com> 3.2.23-1
 - setroubleshootd is set to be run as setroubleshoot user instead of root user
--- a/2
+++ b/2
@ -1 +1 @@
-597f296f7b3e1ad0fe5701f1dfaf8b45  setroubleshoot-3.3.1.tar.gz
+SHA512 (setroubleshoot-3.3.24.tar.gz) = ba96206fe135a719b685c825a69ebf7f9f6d99c6a24fb135763da9cee5ad14b1afdca5da1465374d327eb51ff830727a20b79ec51902e50f2e790661c63c0a0d
--- a/tests/Regression/Report-bugs-on-corresponding-components/Makefile
+++ b/tests/Regression/Report-bugs-on-corresponding-components/Makefile
@ -0,0 +1,68 @@
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Makefile of /CoreOS/setroubleshoot/Regression/Report-bugs-on-corresponding-components
+#   Description: Can sealert identify source RPM of AVC domain type?
+#   Author: Vit Mojzis <vmojzis@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2020 Red Hat, Inc.
+#
+#   This program is free software: you can redistribute it and/or
+#   modify it under the terms of the GNU General Public License as
+#   published by the Free Software Foundation, either version 2 of
+#   the License, or (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE.  See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program. If not, see http://www.gnu.org/licenses/.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+export TEST=/CoreOS/setroubleshoot/Regression/Report-bugs-on-corresponding-components
+export TESTVERSION=1.0
+
+# Policy packages to be used in testing
+# The followng export does not work properly in Fedora CI - relying on fallback in runtest.sh
+# export TEST_PACKAGES ?= flatpak-selinux tpm2-abrmd-selinux container-selinux usbguard-selinux mysql-selinux
+
+BUILT_FILES=
+
+FILES=$(METADATA) runtest.sh Makefile avc_flatpak-selinux avc_tpm2-abrmd-selinux avc_container-selinux avc_usbguard-selinux avc_mysql-selinux avc_fapolicyd-selinux
+
+.PHONY: all install download clean
+
+run: $(FILES) build
+	./runtest.sh
+
+build: $(BUILT_FILES)
+	test -x runtest.sh || chmod a+x runtest.sh
+
+clean:
+	rm -f *~ $(BUILT_FILES)
+
+include /usr/share/rhts/lib/rhts-make.include
+
+$(METADATA): Makefile
+	@echo "Owner:           Vit Mojzis <vmojzis@redhat.com>" > $(METADATA)
+	@echo "Name:            $(TEST)" >> $(METADATA)
+	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
+	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
+	@echo "Description:     Test for BZ#1811644 (Let setroubleshoot to report bugs on components)" >> $(METADATA)
+	@echo "Type:            Regression" >> $(METADATA)
+	@echo "TestTime:        5m" >> $(METADATA)
+	@echo "RunFor:          setroubleshoot" >> $(METADATA)
+	@echo "Requires:        setroubleshoot-server flatpak-selinux tpm2-abrmd-selinux container-selinux usbguard-selinux mysql-selinux fapolicyd-selinux" >> $(METADATA)
+	@echo "Requires:        $(TEST_PACKAGES)" >> $(METADATA)
+	@echo "Priority:        Normal" >> $(METADATA)
+	@echo "License:         GPLv2+" >> $(METADATA)
+	@echo "Confidential:    no" >> $(METADATA)
+	@echo "Destructive:     no" >> $(METADATA)
+	@echo "Bug:             1811644" >> $(METADATA)
+	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5 -RHEL6 -RHEL7 -RHEL7" >> $(METADATA)
+
+	rhts-lint $(METADATA)
--- a/tests/Regression/Report-bugs-on-corresponding-components/avc_container-selinux
+++ b/tests/Regression/Report-bugs-on-corresponding-components/avc_container-selinux
@ -0,0 +1,2 @@
+type=AVC msg=audit(1575985388.869:225): avc:  denied  { read } for  pid=1365 comm="systemd-user-ru" name="secrets" dev="tmpfs" ino=32249 scontext=system_u:system_r:container_logreader_t:s0 tcontext=system_u:object_r:shadow_t:s0:c446,c857 tclass=dir permissive=0
+
--- a/tests/Regression/Report-bugs-on-corresponding-components/avc_fapolicyd-selinux
+++ b/tests/Regression/Report-bugs-on-corresponding-components/avc_fapolicyd-selinux
@ -0,0 +1,2 @@
+type=AVC msg=audit(1596470053.831:306): avc:  denied  { unlink } for  pid=6304 comm="fapolicyd" name="fapolicyd.pid" dev="tmpfs" ino=37446 scontext=system_u:system_r:fapolicyd_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=0
+
--- a/tests/Regression/Report-bugs-on-corresponding-components/avc_flatpak-selinux
+++ b/tests/Regression/Report-bugs-on-corresponding-components/avc_flatpak-selinux
@ -0,0 +1,2 @@
+type=AVC msg=audit(1575985388.869:225): avc:  denied  { connect } for  pid=1365 comm="systemd-user-ru" name="secrets" dev="tmpfs" ino=32249 scontext=system_u:system_r:flatpak_helper_t:s0 tcontext=system_u:object_r:shadow_t:s0:c446,c857 tclass=socket permissive=0
+
--- a/tests/Regression/Report-bugs-on-corresponding-components/avc_mysql-selinux
+++ b/tests/Regression/Report-bugs-on-corresponding-components/avc_mysql-selinux
@ -0,0 +1,2 @@
+type=AVC msg=audit(1582621541.469:6896): avc:  denied  { write } for pid=1627505 comm="python3" name="plautrba" dev="dm-4" ino=19529729 scontext=system_u:system_r:mysqld_t:s0 tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=dir permissive=1
+
--- a/tests/Regression/Report-bugs-on-corresponding-components/avc_tpm2-abrmd-selinux
+++ b/tests/Regression/Report-bugs-on-corresponding-components/avc_tpm2-abrmd-selinux
@ -0,0 +1,2 @@
+type=AVC msg=audit(1575985388.869:225): avc:  denied  { connect } for  pid=1365 comm="systemd-user-ru" name="secrets" dev="tmpfs" ino=32249 scontext=system_u:system_r:tabrmd_t:s0 tcontext=system_u:object_r:shadow_t:s0:c446,c857 tclass=socket permissive=0
+
--- a/tests/Regression/Report-bugs-on-corresponding-components/avc_usbguard-selinux
+++ b/tests/Regression/Report-bugs-on-corresponding-components/avc_usbguard-selinux
@ -0,0 +1,2 @@
+type=AVC msg=audit(1582801464.5:491): avc:  denied  { map } for  pid=5100 comm="bash" path="/usr/bin/bash" dev="vda1" ino=1707663 scontext=system_u:system_r:usbguard_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1
+
--- a/tests/Regression/Report-bugs-on-corresponding-components/runtest.sh
+++ b/tests/Regression/Report-bugs-on-corresponding-components/runtest.sh
@ -0,0 +1,79 @@
+#!/bin/bash
+# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/setroubleshoot/Regression/Report-bugs-on-corresponding-components
+#   Description: Can sealert identify source RPM of AVC domain type?
+#   Author: Vit Mojzis <vmojzis@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2020 Red Hat, Inc.
+#
+#   This program is free software: you can redistribute it and/or
+#   modify it under the terms of the GNU General Public License as
+#   published by the Free Software Foundation, either version 2 of
+#   the License, or (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE.  See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program. If not, see http://www.gnu.org/licenses/.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include Beaker environment
+. /usr/bin/rhts-environment.sh || exit 1
+. /usr/share/beakerlib/beakerlib.sh || exit 1
+
+PACKAGE="setroubleshoot"
+
+if [ -z "${TEST_PACKAGES+set}" ];
+then PACKAGES=(flatpak-selinux tpm2-abrmd-selinux container-selinux usbguard-selinux mysql-selinux fapolicyd-selinux)
+else PACKAGES=(${TEST_PACKAGES[@]})
+fi
+
+#corresponding module names
+#MODULES=(flatpak tabrmd     container usbguard mysql)
+
+# <rpm package> - <selinux module> - <domain type>
+# flatpak-selinux - flatpak - flatpak_helper_t
+# tpm2-abrmd-selinux - tabrmd - tabrmd_t
+# container-selinux - container - docker_t
+# usbguard-selinux - usbguard - usbguard_t      -- fedora only
+# mysql-selinux - mysql - mysql_t              -- fedora only
+
+
+rlJournalStart
+    rlPhaseStartSetup
+        rlAssertRpm $PACKAGE
+        OUTPUT_FILE=`mktemp`
+        # Package installation is handled by Makefile for now
+        # install availlable policy packages
+        # for RPM in ${PACKAGES[@]};
+        # do
+        #     sudo dnf install -y ${RPM} || continue
+        # done
+    rlPhaseEnd
+
+    rlPhaseStartTest
+        for RPM in ${PACKAGES[@]};
+        do
+            # run only for policies that are installed
+            rpm -q ${RPM} >& /dev/null
+            if [ $? -ne 0 ]; then echo "${RPM} not installed! Skipping.";  continue; fi
+            rlRun "sealert -a ./avc_${RPM} 2>&1 | tee ${OUTPUT_FILE} | grep \"Local Policy RPM\""
+            if [ $? -ne 0 ]; then cat ${OUTPUT_FILE}; fi
+            # test if correct rpm was identified
+            rlRun "grep -i \"Local Policy RPM\" ${OUTPUT_FILE} | grep \"$RPM\S*$\" -o"
+        done
+    rlPhaseEnd
+
+    rlPhaseStartCleanup
+        rm -f ${OUTPUT_FILE}
+    rlPhaseEnd
+rlJournalPrintText
+rlJournalEnd
--- a/tests/Regression/embedded-null-byte-in-audit-records/audit.log
+++ b/tests/Regression/embedded-null-byte-in-audit-records/audit.log
@ -0,0 +1,657 @@
+type=USER_END msg=audit(1574410625.429:1286): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574410625.430:1287): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574410625.686:1288): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_START msg=audit(1574410625.687:1289): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410625.688:1290): pid=10314 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10314 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410625.688:1291): pid=10314 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10314 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410625.688:1292): pid=10314 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10314 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574410625.689:1293): pid=10314 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_END msg=audit(1574410626.111:1294): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574410626.112:1295): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574410626.349:1296): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_START msg=audit(1574410626.351:1297): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410626.352:1298): pid=10327 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10327 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410626.352:1299): pid=10327 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10327 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410626.352:1300): pid=10327 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10327 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574410626.353:1301): pid=10327 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_END msg=audit(1574410626.763:1302): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574410626.764:1303): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574410627.020:1304): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_START msg=audit(1574410627.021:1305): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410627.023:1306): pid=10334 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10334 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410627.023:1307): pid=10334 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10334 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410627.023:1308): pid=10334 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10334 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574410627.024:1309): pid=10334 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=FS_RELABEL msg=audit(1574410638.448:1310): pid=10341 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=mass relabel exe="/usr/sbin/setfiles" hostname=? addr=? terminal=? res=success'
+type=USER_END msg=audit(1574410638.793:1311): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574410638.794:1312): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574410639.119:1313): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_START msg=audit(1574410639.120:1314): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410639.121:1315): pid=10343 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10343 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410639.121:1316): pid=10343 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10343 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410639.121:1317): pid=10343 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10343 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574410639.123:1318): pid=10343 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_END msg=audit(1574410639.854:1319): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574410639.855:1320): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574410640.278:1321): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_START msg=audit(1574410640.279:1322): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410640.280:1323): pid=10350 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10350 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410640.280:1324): pid=10350 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10350 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410640.280:1325): pid=10350 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10350 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574410640.281:1326): pid=10350 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_END msg=audit(1574410640.699:1327): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574410640.700:1328): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574410640.964:1329): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_START msg=audit(1574410640.965:1330): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410640.967:1331): pid=10357 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10357 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410640.967:1332): pid=10357 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10357 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410640.967:1333): pid=10357 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10357 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574410640.968:1334): pid=10357 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_END msg=audit(1574410641.402:1335): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574410641.403:1336): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574410641.668:1337): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_START msg=audit(1574410641.670:1338): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410641.671:1339): pid=10364 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10364 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410641.671:1340): pid=10364 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10364 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410641.671:1341): pid=10364 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10364 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574410641.672:1342): pid=10364 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_END msg=audit(1574410642.088:1343): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574410642.089:1344): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574410642.378:1345): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_START msg=audit(1574410642.379:1346): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410642.380:1347): pid=10371 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10371 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410642.380:1348): pid=10371 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10371 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410642.380:1349): pid=10371 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10371 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574410642.381:1350): pid=10371 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_END msg=audit(1574410642.798:1351): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574410642.799:1352): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574410643.576:1353): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_START msg=audit(1574410643.577:1354): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410643.578:1355): pid=10378 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10378 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410643.578:1356): pid=10378 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10378 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410643.578:1357): pid=10378 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10378 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574410643.580:1358): pid=10378 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=SERVICE_START msg=audit(1574410644.001:1359): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-shutdownd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=USER_END msg=audit(1574410644.178:1360): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574410644.178:1361): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=SERVICE_START msg=audit(1574410704.009:1362): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhel-dmesg comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.009:1363): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhel-dmesg comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410704.044:1364): pid=796 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=796 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410704.044:1365): pid=796 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=796 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410704.044:1366): pid=796 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=796 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.081:1367): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=crond comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.081:1368): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=crond comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.082:1369): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=polkit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.082:1370): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=polkit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.083:1371): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=chronyd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.083:1372): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=chronyd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.085:1373): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=serial-getty@ttyS0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.085:1374): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=serial-getty@ttyS0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.088:1375): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=getty@tty1 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.088:1376): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=getty@tty1 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.089:1377): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rsyslog comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.089:1378): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rsyslog comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.090:1379): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sshd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.090:1380): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sshd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.097:1381): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhsmcertd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.097:1382): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhsmcertd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.110:1383): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sshd-keygen comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.110:1384): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sshd-keygen comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.116:1385): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-logind comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.116:1386): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-logind comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.128:1387): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-user-sessions comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.128:1388): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-user-sessions comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.187:1389): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=plymouth-poweroff comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.213:1390): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=postfix comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.213:1391): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=postfix comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.356:1392): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhnsd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.356:1393): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhnsd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.360:1394): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=tuned comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.360:1395): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=tuned comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.702:1396): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=network comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.702:1397): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=network comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.703:1398): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-wait-online comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.703:1399): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-wait-online comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.714:1400): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.714:1401): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.718:1402): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=dbus comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.719:1403): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=dbus comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.724:1404): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhel-domainname comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.724:1405): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhel-domainname comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.725:1406): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=selinux-policy-migrate-local-changes@targeted comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.725:1407): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=selinux-policy-migrate-local-changes@targeted comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.726:1408): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-vconsole-setup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.726:1409): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-vconsole-setup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.727:1410): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-done comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.727:1411): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-done comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.727:1412): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-journal-catalog-update comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.727:1413): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-journal-catalog-update comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.729:1414): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hwdb-update comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.729:1415): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hwdb-update comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.732:1416): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-sysctl comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.732:1417): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-sysctl comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SYSTEM_SHUTDOWN msg=audit(1574410704.735:1418): pid=10553 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="systemd-update-utmp" exe="/usr/lib/systemd/systemd-update-utmp" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.739:1419): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-random-seed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.739:1420): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-random-seed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.740:1421): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-utmp comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.740:1422): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-utmp comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=DAEMON_END msg=audit(1574410704.743:1004): op=terminate auid=0 pid=1 subj=system_u:system_r:init_t:s0 res=success
+type=DAEMON_START msg=audit(1574672213.672:5618): op=start ver=2.8.5 format=raw kernel=3.10.0-1111.el7.x86_64 auid=4294967295 pid=440 uid=0 ses=4294967295 subj=system_u:system_r:auditd_t:s0 res=success
+type=CONFIG_CHANGE msg=audit(1574672213.892:5): audit_backlog_limit=8192 old=64 auid=4294967295 ses=4294967295 subj=system_u:system_r:unconfined_service_t:s0 res=1
+type=CONFIG_CHANGE msg=audit(1574672213.892:6): audit_failure=1 old=1 auid=4294967295 ses=4294967295 subj=system_u:system_r:unconfined_service_t:s0 res=1
+type=SERVICE_START msg=audit(1574672213.898:7): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=auditd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SYSTEM_BOOT msg=audit(1574672213.918:8): pid=503 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="systemd-update-utmp" exe="/usr/lib/systemd/systemd-update-utmp" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672213.923:9): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-utmp comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672213.943:10): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=irqbalance comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672214.034:11): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=dbus comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672214.045:12): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rngd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672214.072:13): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rpcbind comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574672214.076:14): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=irqbalance comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672214.089:15): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=gssproxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672214.102:16): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhel-dmesg comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672214.162:17): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-logind comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672214.195:18): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=chronyd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672214.206:19): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=polkit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672215.255:20): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=cloud-init-local comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672215.327:21): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672215.436:22): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672215.465:23): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672215.742:24): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-wait-online comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672216.407:25): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=network comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672216.448:26): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhsmcertd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672216.471:27): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=restraintd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672217.742:28): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=tuned comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672217.985:29): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=postfix comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.213:30): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=cloud-init comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.263:31): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-user-sessions comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.274:32): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=crond comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.355:33): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=plymouth-start comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574672218.355:34): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=plymouth-start comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.368:35): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rpc-statd-notify comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574672218.368:36): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rpc-statd-notify comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.369:37): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=plymouth-quit-wait comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574672218.369:38): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=plymouth-quit-wait comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.370:39): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=plymouth-quit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574672218.370:40): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=plymouth-quit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.372:41): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=getty@tty1 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.373:42): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=serial-getty@ttyS0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.412:43): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sshd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.445:44): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rsyslog comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.654:45): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhnsd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SYSTEM_RUNLEVEL msg=audit(1574672218.706:46): pid=1158 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='old-level=N new-level=3 comm="systemd-update-utmp" exe="/usr/lib/systemd/systemd-update-utmp" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.709:47): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-utmp-runlevel comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574672218.709:48): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-utmp-runlevel comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672219.065:49): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=cloud-config comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672219.376:50): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=cloud-final comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672219.496:51): pid=1310 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=1310 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672219.496:52): pid=1310 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=1310 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672219.496:53): pid=1310 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=1310 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574672219.603:54): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=1310 suid=74 rport=57270 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574672219.603:55): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=1310 suid=74 rport=57270 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=USER_AUTH msg=audit(1574672220.227:56): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth rport=57270 acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=USER_AUTH msg=audit(1574672220.227:57): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=key algo=ssh-rsa size=2048 fp=SHA256:f6:3d:5b:97:0b:77:c1:ca:d1:88:66:19:43:b6:46:bb:d6:b1:9b:77:03:92:51:fa:ff:3e:1c:f8:47:bc:0b:31 rport=57270 acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=USER_ACCT msg=audit(1574672220.242:58): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672220.246:59): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=1310 suid=74 rport=57270 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=USER_AUTH msg=audit(1574672220.248:60): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=ssh res=success'
+type=CRED_ACQ msg=audit(1574672220.252:61): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=LOGIN msg=audit(1574672220.253:62): pid=1305 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=1 res=1
+type=USER_ROLE_CHANGE msg=audit(1574672220.426:63): pid=1305 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_START msg=audit(1574672220.470:64): pid=1305 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574672220.739:65): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_START msg=audit(1574672220.741:66): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672220.743:67): pid=1895 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=1895 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672220.744:68): pid=1895 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=1895 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672220.744:69): pid=1895 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=1895 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574672220.746:70): pid=1895 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_END msg=audit(1574672220.910:71): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRED_DISP msg=audit(1574672220.911:72): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_END msg=audit(1574672220.913:73): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574672220.915:74): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672220.915:75): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=1305 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672220.915:76): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=1305 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672220.915:77): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=1305 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672220.915:78): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=1305 suid=0 rport=57270 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.181:79): pid=2142 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2142 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.181:80): pid=2142 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2142 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.181:81): pid=2142 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2142 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574672221.282:82): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2142 suid=74 rport=57302 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574672221.282:83): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2142 suid=74 rport=57302 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.557:84): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2142 suid=74  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.557:85): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=2142 suid=74 rport=57302 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.560:86): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2097 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.560:87): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2097 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.560:88): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2097 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=USER_LOGIN msg=audit(1574672221.560:89): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=ssh res=failed'
+type=CRYPTO_KEY_USER msg=audit(1574672221.579:90): pid=2156 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2156 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.579:91): pid=2156 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2156 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.579:92): pid=2156 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2156 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574672221.675:93): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2156 suid=74 rport=57300 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574672221.675:94): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2156 suid=74 rport=57300 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.943:95): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2156 suid=74  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.943:96): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=2156 suid=74 rport=57300 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.944:97): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2098 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.944:98): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2098 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.944:99): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2098 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=USER_LOGIN msg=audit(1574672221.945:100): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=ssh res=failed'
+type=CRYPTO_KEY_USER msg=audit(1574672221.960:101): pid=2165 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2165 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.960:102): pid=2165 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2165 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.960:103): pid=2165 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2165 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574672222.056:104): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2165 suid=74 rport=57304 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574672222.056:105): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2165 suid=74 rport=57304 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672222.337:106): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2165 suid=74  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672222.337:107): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=2165 suid=74 rport=57304 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672222.339:108): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2099 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672222.339:109): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2099 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672222.339:110): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2099 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=USER_LOGIN msg=audit(1574672222.339:111): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=ssh res=failed'
+type=CRYPTO_KEY_USER msg=audit(1574672222.480:112): pid=2266 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2266 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672222.480:113): pid=2266 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2266 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672222.480:114): pid=2266 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2266 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574672222.594:115): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2266 suid=74 rport=57312 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574672222.594:116): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2266 suid=74 rport=57312 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=USER_AUTH msg=audit(1574672223.224:117): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth rport=57312 acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=USER_AUTH msg=audit(1574672223.224:118): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=key algo=ssh-rsa size=2048 fp=SHA256:f6:3d:5b:97:0b:77:c1:ca:d1:88:66:19:43:b6:46:bb:d6:b1:9b:77:03:92:51:fa:ff:3e:1c:f8:47:bc:0b:31 rport=57312 acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=USER_ACCT msg=audit(1574672223.234:119): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672223.235:120): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=2266 suid=74 rport=57312 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=USER_AUTH msg=audit(1574672223.237:121): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=ssh res=success'
+type=CRED_ACQ msg=audit(1574672223.240:122): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=LOGIN msg=audit(1574672223.240:123): pid=2262 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=2 res=1
+type=USER_ROLE_CHANGE msg=audit(1574672223.405:124): pid=2262 uid=0 auid=0 ses=2 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_START msg=audit(1574672223.453:125): pid=2262 uid=0 auid=0 ses=2 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574672223.683:126): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_START msg=audit(1574672223.685:127): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672223.704:128): pid=2558 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2558 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672223.704:129): pid=2558 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2558 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672223.704:130): pid=2558 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2558 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574672223.711:131): pid=2558 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_END msg=audit(1574672223.892:132): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574672223.893:133): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574672224.017:134): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_START msg=audit(1574672224.018:135): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672224.023:136): pid=2586 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2586 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672224.023:137): pid=2586 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2586 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672224.023:138): pid=2586 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2586 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574672224.024:139): pid=2586 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_END msg=audit(1574672224.589:140): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574672224.589:141): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574672224.713:142): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_START msg=audit(1574672224.714:143): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672224.715:144): pid=2785 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2785 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672224.715:145): pid=2785 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2785 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672224.715:146): pid=2785 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2785 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574672224.721:147): pid=2785 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_END msg=audit(1574672224.881:148): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574672224.882:149): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574672225.004:150): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_START msg=audit(1574672225.006:151): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672225.013:152): pid=2897 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2897 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672225.013:153): pid=2897 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2897 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672225.013:154): pid=2897 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2897 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574672225.015:155): pid=2897 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_END msg=audit(1574672225.346:156): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574672225.347:157): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574672225.473:158): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_START msg=audit(1574672225.475:159): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672225.479:160): pid=3006 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=3006 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672225.479:161): pid=3006 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=3006 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672225.479:162): pid=3006 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=3006 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574672225.480:163): pid=3006 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_END msg=audit(1574672225.628:164): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574672225.629:165): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574672225.755:166): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_START msg=audit(1574672225.756:167): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672225.768:168): pid=3070 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=3070 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672225.768:169): pid=3070 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=3070 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672225.768:170): pid=3070 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=3070 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574672225.770:171): pid=3070 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_END msg=audit(1574672226.329:172): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574672226.331:173): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_END msg=audit(1574672226.353:174): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRED_DISP msg=audit(1574672226.357:175): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672226.357:176): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=2262 suid=0 rport=57312 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672226.357:177): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2262 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672226.357:178): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2262 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672226.357:179): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2262 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574672236.042:180): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672240.878:181): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=kdump comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574672255.229:182): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=USER_ACCT msg=audit(1574672462.013:183): pid=8783 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_localuser acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=CRED_ACQ msg=audit(1574672462.013:184): pid=8783 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=LOGIN msg=audit(1574672462.014:185): pid=8783 uid=0 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=3 res=1
+type=USER_START msg=audit(1574672462.041:186): pid=8783 uid=0 auid=0 ses=3 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_loginuid,pam_keyinit,pam_limits,pam_systemd acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=CRED_REFR msg=audit(1574672462.042:187): pid=8783 uid=0 auid=0 ses=3 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=CRED_DISP msg=audit(1574672462.080:188): pid=8783 uid=0 auid=0 ses=3 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=USER_END msg=audit(1574672462.082:189): pid=8783 uid=0 auid=0 ses=3 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_loginuid,pam_keyinit,pam_limits,pam_systemd acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=SERVICE_START msg=audit(1574673147.110:190): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-tmpfiles-clean comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574673147.110:191): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-tmpfiles-clean comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674924.305:192): pid=21112 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21112 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674924.305:193): pid=21112 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21112 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674924.305:194): pid=21112 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21112 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574674924.416:195): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=21112 suid=74 rport=43828 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574674924.417:196): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=21112 suid=74 rport=43828 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674924.931:197): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21112 suid=74  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674924.931:198): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21112 suid=74 rport=43828 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674924.934:199): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21111 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674924.935:200): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21111 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674924.935:201): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21111 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=USER_LOGIN msg=audit(1574674924.935:202): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
+type=CRYPTO_KEY_USER msg=audit(1574674924.941:203): pid=21113 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21113 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674924.941:204): pid=21113 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21113 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674924.941:205): pid=21113 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21113 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574674925.044:206): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=21113 suid=74 rport=43832 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574674925.044:207): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=21113 suid=74 rport=43832 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.452:208): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21113 suid=74  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.452:209): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21113 suid=74 rport=43832 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.453:210): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21110 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.453:211): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21110 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.453:212): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21110 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=USER_LOGIN msg=audit(1574674925.454:213): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
+type=CRYPTO_KEY_USER msg=audit(1574674925.456:214): pid=21114 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21114 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.456:215): pid=21114 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21114 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.456:216): pid=21114 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21114 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574674925.660:217): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=21114 suid=74 rport=43830 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574674925.660:218): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=21114 suid=74 rport=43830 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.987:219): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21114 suid=74  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.987:220): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21114 suid=74 rport=43830 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.988:221): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21109 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.988:222): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21109 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.988:223): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21109 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=USER_LOGIN msg=audit(1574674925.988:224): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
+type=CRYPTO_KEY_USER msg=audit(1574674926.175:225): pid=21116 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21116 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674926.175:226): pid=21116 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21116 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674926.175:227): pid=21116 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21116 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574674926.291:228): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21116 suid=74 rport=43838 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574674926.291:229): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21116 suid=74 rport=43838 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574674926.933:230): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth rport=43838 acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574674926.933:231): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=key algo=ssh-rsa size=2048 fp=SHA256:f6:3d:5b:97:0b:77:c1:ca:d1:88:66:19:43:b6:46:bb:d6:b1:9b:77:03:92:51:fa:ff:3e:1c:f8:47:bc:0b:31 rport=43838 acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_ACCT msg=audit(1574674926.940:232): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674926.941:233): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21116 suid=74 rport=43838 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574674926.942:234): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=success'
+type=CRED_ACQ msg=audit(1574674926.943:235): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=LOGIN msg=audit(1574674926.943:236): pid=21115 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=4 res=1
+type=USER_ROLE_CHANGE msg=audit(1574674927.057:237): pid=21115 uid=0 auid=0 ses=4 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674927.082:238): pid=21115 uid=0 auid=0 ses=4 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574674927.439:239): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674927.440:240): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674927.443:241): pid=21118 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21118 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674927.443:242): pid=21118 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21118 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674927.443:243): pid=21118 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21118 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674927.445:244): pid=21118 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574674927.645:245): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674927.646:246): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574674927.775:247): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674927.776:248): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674927.777:249): pid=21123 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21123 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674927.777:250): pid=21123 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21123 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674927.777:251): pid=21123 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21123 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674927.778:252): pid=21123 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574674928.585:253): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674928.586:254): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574674928.794:255): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674928.795:256): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674928.796:257): pid=21129 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21129 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674928.796:258): pid=21129 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21129 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674928.796:259): pid=21129 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21129 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674928.797:260): pid=21129 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574674928.920:261): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674928.921:262): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574674929.108:263): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674929.109:264): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674929.110:265): pid=21134 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21134 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674929.110:266): pid=21134 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21134 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674929.110:267): pid=21134 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21134 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674929.111:268): pid=21134 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=SERVICE_START msg=audit(1574674929.221:269): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=USER_END msg=audit(1574674929.343:270): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674929.344:271): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574674929.463:272): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674929.464:273): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674929.465:274): pid=21144 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21144 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674929.465:275): pid=21144 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21144 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674929.465:276): pid=21144 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21144 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674929.467:277): pid=21144 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574674929.590:278): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674929.591:279): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574674929.711:280): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674929.712:281): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674929.713:282): pid=21149 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21149 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674929.713:283): pid=21149 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21149 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674929.713:284): pid=21149 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21149 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674929.714:285): pid=21149 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574674932.341:286): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674932.342:287): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574674932.471:288): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674932.472:289): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674932.473:290): pid=21192 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21192 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674932.473:291): pid=21192 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21192 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674932.473:292): pid=21192 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21192 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674932.474:293): pid=21192 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574674932.659:294): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674932.660:295): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574674932.867:296): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674932.868:297): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674932.869:298): pid=21197 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21197 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674932.869:299): pid=21197 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21197 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674932.869:300): pid=21197 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21197 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674932.870:301): pid=21197 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574674933.076:302): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674933.077:303): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574674933.285:304): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674933.286:305): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674933.287:306): pid=21206 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21206 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674933.287:307): pid=21206 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21206 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674933.287:308): pid=21206 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21206 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674933.288:309): pid=21206 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574674933.494:310): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674933.495:311): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574674933.703:312): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674933.704:313): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674933.705:314): pid=21211 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21211 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674933.705:315): pid=21211 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21211 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674933.705:316): pid=21211 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21211 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674933.707:317): pid=21211 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574674933.912:318): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674933.913:319): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=SERVICE_STOP msg=audit(1574674959.253:320): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=USER_LOGIN msg=audit(1574674986.024:321): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674986.025:322): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674986.026:323): pid=21220 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21220 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674986.026:324): pid=21220 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21220 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674986.026:325): pid=21220 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21220 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674986.028:326): pid=21220 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574674986.165:327): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674986.166:328): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674986.328:329): pid=21225 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21225 suid=0  exe="/usr/sbin/sshd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674986.328:330): pid=21225 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21225 suid=0  exe="/usr/sbin/sshd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674986.328:331): pid=21225 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21225 suid=0  exe="/usr/sbin/sshd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=USER_LOGIN msg=audit(1574674986.330:332): pid=21225 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/0 res=success'
+type=USER_START msg=audit(1574674986.330:333): pid=21225 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/0 res=success'
+type=CRED_REFR msg=audit(1574674986.331:334): pid=21225 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=SOFTWARE_UPDATE msg=audit(1574675011.281:335): pid=21251 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='sw="libconfig-1.4.9-5.el7.x86_64" sw_type=rpm key_enforce=0 gpg_res=0 root_dir="/" comm="yum" exe="/usr/bin/python2.7" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=SOFTWARE_UPDATE msg=audit(1574675012.831:336): pid=21251 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='sw="lldpad-1.0.1-5.git036e314.el7.x86_64" sw_type=rpm key_enforce=0 gpg_res=0 root_dir="/" comm="yum" exe="/usr/bin/python2.7" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=SOFTWARE_UPDATE msg=audit(1574675030.837:337): pid=21304 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='sw="systemd-python-219-73.el7.x86_64" sw_type=rpm key_enforce=0 gpg_res=0 root_dir="/" comm="yum" exe="/usr/bin/python2.7" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=SOFTWARE_UPDATE msg=audit(1574675031.450:338): pid=21304 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='sw="setroubleshoot-plugins-3.0.67-4.el7.noarch" sw_type=rpm key_enforce=0 gpg_res=0 root_dir="/" comm="yum" exe="/usr/bin/python2.7" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=ADD_GROUP msg=audit(1574675031.488:339): pid=21321 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:groupadd_t:s0-s0:c0.c1023 msg='op=add-group id=994 exe="/usr/sbin/groupadd" hostname=? addr=? terminal=? res=success'
+type=GRP_MGMT msg=audit(1574675031.498:340): pid=21321 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:groupadd_t:s0-s0:c0.c1023 msg='op=add-shadow-group id=994 exe="/usr/sbin/groupadd" hostname=? addr=? terminal=? res=success'
+type=ADD_USER msg=audit(1574675031.528:341): pid=21326 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:useradd_t:s0-s0:c0.c1023 msg='op=add-user id=997 exe="/usr/sbin/useradd" hostname=? addr=? terminal=? res=success'
+type=USER_MGMT msg=audit(1574675031.554:342): pid=21331 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:useradd_t:s0-s0:c0.c1023 msg='op=pam_tally2 reset=0 id=997 exe="/usr/sbin/pam_tally2" hostname=? addr=? terminal=? res=success'
+type=DAEMON_CONFIG msg=audit(1574675032.060:1548) op=reconfigure state=changed auid=0 pid=21340 subj=unconfined_u:unconfined_r:rpm_script_t:s0-s0:c0.c1023 res=success
+type=SOFTWARE_UPDATE msg=audit(1574675032.075:343): pid=21304 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='sw="setroubleshoot-server-3.2.30-8.el7.x86_64" sw_type=rpm key_enforce=0 gpg_res=0 root_dir="/" comm="yum" exe="/usr/bin/python2.7" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=ADD_GROUP msg=audit(1574675044.229:344): pid=21352 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=add-group acct="sysadm-user" exe="/usr/sbin/useradd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=ADD_USER msg=audit(1574675044.235:345): pid=21352 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=add-user id=1000 exe="/usr/sbin/useradd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=USER_MGMT msg=audit(1574675044.278:346): pid=21357 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=pam_tally2 reset=0 id=1000 exe="/usr/sbin/pam_tally2" hostname=? addr=? terminal=/dev/pts/0 res=success'
+type=ROLE_ASSIGN msg=audit(1574675045.373:347): pid=21352 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login-sename,role,range acct="sysadm-user" old-seuser=? old-role=? old-range=? new-seuser=sysadm_u new-role=sysadm_r new-range=s0-s0:c0.c1023 exe="/usr/sbin/useradd" hostname=? addr=? terminal=pts/0 res=success'
+type=USER_AVC msg=audit(1574675047.413:348): pid=510 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  received policyload notice (seqno=2)  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
+type=MAC_POLICY_LOAD msg=audit(1574675045.619:349): policy loaded auid=0 ses=4
+type=SYSCALL msg=audit(1574675045.619:349): arch=c000003e syscall=1 success=yes exit=3882864 a0=4 a1=7f7518eaf000 a2=3b3f70 a3=7ffe563fd8e0 items=0 ppid=21352 pid=21361 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=4 comm="load_policy" exe="/usr/sbin/load_policy" subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)
+type=PROCTITLE msg=audit(1574675045.619:349): proctitle="/sbin/load_policy"
+type=USER_MGMT msg=audit(1574675047.475:350): pid=21352 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=add-home-dir id=1000 exe="/usr/sbin/useradd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=USER_CHAUTHTOK msg=audit(1574675063.946:351): pid=21362 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:passwd_t:s0-s0:c0.c1023 msg='op=PAM:chauthtok grantors=pam_pwquality,pam_unix acct="sysadm-user" exe="/usr/bin/passwd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675095.611:352): pid=21370 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21370 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675095.611:353): pid=21370 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21370 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675095.611:354): pid=21370 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21370 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574675095.732:355): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21370 suid=74 rport=43938 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574675095.732:356): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21370 suid=74 rport=43938 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574675096.637:357): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey acct="sysadm-user" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
+type=USER_AUTH msg=audit(1574675100.275:358): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_ACCT msg=audit(1574675100.279:359): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675100.285:360): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21370 suid=74 rport=43938 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574675100.287:361): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="sysadm-user" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=success'
+type=CRED_ACQ msg=audit(1574675100.288:362): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=LOGIN msg=audit(1574675100.288:363): pid=21369 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=5 res=1
+type=USER_START msg=audit(1574675100.350:364): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=? acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=failed'
+type=CRYPTO_KEY_USER msg=audit(1574675100.352:365): pid=21373 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21373 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675100.352:366): pid=21373 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21373 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675100.352:367): pid=21373 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21373 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_ACQ msg=audit(1574675100.354:368): pid=21373 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574675100.700:369): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/1 res=success'
+type=USER_START msg=audit(1574675100.701:370): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/1 res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675100.705:371): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21374 suid=1000  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=USER_END msg=audit(1574675100.705:372): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=/dev/pts/1 res=success'
+type=USER_LOGOUT msg=audit(1574675100.705:373): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=/dev/pts/1 res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675100.931:374): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21373 suid=1000  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675100.931:375): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21373 suid=1000 rport=43938 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRED_DISP msg=audit(1574675100.933:376): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675100.933:377): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21369 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675100.933:378): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21369 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675100.933:379): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21369 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=MAC_CONFIG_CHANGE msg=audit(1574675113.286:380): bool=ssh_sysadm_login val=1 old_val=0 auid=0 ses=4
+type=SYSCALL msg=audit(1574675113.286:380): arch=c000003e syscall=1 success=yes exit=2 a0=3 a1=7ffd8dfb32e0 a2=2 a3=7ffd8dfb26e0 items=0 ppid=21236 pid=21376 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=4 comm="setsebool" exe="/usr/sbin/setsebool" subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)
+type=PROCTITLE msg=audit(1574675113.286:380): proctitle=7365747365626F6F6C007373685F73797361646D5F6C6F67696E006F6E
+type=USER_AVC msg=audit(1574675113.294:381): pid=510 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  received policyload notice (seqno=3)  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
+type=CRYPTO_KEY_USER msg=audit(1574675115.046:382): pid=21378 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21378 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675115.046:383): pid=21378 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21378 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675115.046:384): pid=21378 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21378 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574675115.255:385): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21378 suid=74 rport=43948 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574675115.256:386): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21378 suid=74 rport=43948 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574675116.381:387): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey acct="sysadm-user" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
+type=USER_AUTH msg=audit(1574675119.281:388): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_ACCT msg=audit(1574675119.285:389): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675119.289:390): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21378 suid=74 rport=43948 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574675119.291:391): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="sysadm-user" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=success'
+type=CRED_ACQ msg=audit(1574675119.292:392): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=LOGIN msg=audit(1574675119.292:393): pid=21377 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=6 res=1
+type=USER_ROLE_CHANGE msg=audit(1574675119.318:394): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 selected-context=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574675119.348:395): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675119.349:396): pid=21381 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21381 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675119.349:397): pid=21381 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21381 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675119.350:398): pid=21381 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21381 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_ACQ msg=audit(1574675119.351:399): pid=21381 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574675119.842:400): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/1 res=success'
+type=USER_START msg=audit(1574675119.843:401): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/1 res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675119.856:402): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21382 suid=1000  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574675129.532:403): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=lldpad comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=AVC msg=audit(1574675142.213:404): avc:  denied  { sendto } for  pid=21445 comm="lldptool" path=002F636F6D2F696E74656C2F6C6C64706164 scontext=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:lldpad_t:s0 tclass=unix_dgram_socket permissive=0
+type=SYSCALL msg=audit(1574675142.213:404): arch=c000003e syscall=42 success=no exit=-13 a0=3 a1=556166aa2082 a2=14 a3=f items=0 ppid=21382 pid=21445 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts1 ses=6 comm="lldptool" exe="/usr/sbin/lldptool" subj=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 key=(null)
+type=PROCTITLE msg=audit(1574675142.213:404): proctitle=6C6C6470746F6F6C002D2D68656C70
+type=AVC msg=audit(1574675155.993:405): avc:  denied  { sendto } for  pid=21453 comm="vdptool" path=002F636F6D2F696E74656C2F6C6C64706164 scontext=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:lldpad_t:s0 tclass=unix_dgram_socket permissive=0
+type=SYSCALL msg=audit(1574675155.993:405): arch=c000003e syscall=42 success=no exit=-13 a0=3 a1=55ed05d7f082 a2=14 a3=f items=0 ppid=21382 pid=21453 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts1 ses=6 comm="vdptool" exe="/usr/sbin/vdptool" subj=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 key=(null)
+type=PROCTITLE msg=audit(1574675155.993:405): proctitle="vdptool"
+type=AVC msg=audit(1574675156.994:406): avc:  denied  { sendto } for  pid=21453 comm="vdptool" path=002F636F6D2F696E74656C2F6C6C64706164 scontext=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:lldpad_t:s0 tclass=unix_dgram_socket permissive=0
+type=SYSCALL msg=audit(1574675156.994:406): arch=c000003e syscall=42 success=no exit=-13 a0=3 a1=55ed05d7f082 a2=14 a3=f items=0 ppid=21382 pid=21453 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts1 ses=6 comm="vdptool" exe="/usr/sbin/vdptool" subj=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 key=(null)
+type=PROCTITLE msg=audit(1574675156.994:406): proctitle="vdptool"
+type=USER_END msg=audit(1574675346.431:407): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=/dev/pts/1 res=success'
+type=USER_LOGOUT msg=audit(1574675346.431:408): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=/dev/pts/1 res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675346.577:409): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21381 suid=1000  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675346.578:410): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21381 suid=1000 rport=43948 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_END msg=audit(1574675346.588:411): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRED_DISP msg=audit(1574675346.589:412): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675346.590:413): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21377 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675346.590:414): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21377 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675346.590:415): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21377 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676014.438:416): pid=21483 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21483 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676014.438:417): pid=21483 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21483 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676014.438:418): pid=21483 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21483 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574676014.561:419): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21483 suid=74 rport=44920 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574676014.561:420): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21483 suid=74 rport=44920 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574676015.558:421): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
+type=USER_ACCT msg=audit(1574676061.116:422): pid=21485 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_localuser acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=CRED_ACQ msg=audit(1574676061.116:423): pid=21485 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=LOGIN msg=audit(1574676061.117:424): pid=21485 uid=0 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=7 res=1
+type=USER_START msg=audit(1574676061.134:425): pid=21485 uid=0 auid=0 ses=7 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_loginuid,pam_keyinit,pam_limits,pam_systemd acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=CRED_REFR msg=audit(1574676061.134:426): pid=21485 uid=0 auid=0 ses=7 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=CRED_DISP msg=audit(1574676061.155:427): pid=21485 uid=0 auid=0 ses=7 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=USER_END msg=audit(1574676061.156:428): pid=21485 uid=0 auid=0 ses=7 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_loginuid,pam_keyinit,pam_limits,pam_systemd acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=USER_AUTH msg=audit(1574676091.306:429): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=failed'
+type=USER_AUTH msg=audit(1574676093.653:430): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=password acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
+type=USER_AUTH msg=audit(1574676097.622:431): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=failed'
+type=USER_AUTH msg=audit(1574676099.791:432): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=password acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
+type=USER_CHAUTHTOK msg=audit(1574676108.719:433): pid=21500 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:passwd_t:s0-s0:c0.c1023 msg='op=PAM:chauthtok grantors=pam_pwquality,pam_unix acct="root" exe="/usr/bin/passwd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=USER_AUTH msg=audit(1574676112.952:434): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_ACCT msg=audit(1574676112.957:435): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676112.959:436): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21483 suid=74 rport=44920 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574676112.961:437): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=success'
+type=CRED_ACQ msg=audit(1574676112.962:438): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=LOGIN msg=audit(1574676112.962:439): pid=21482 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=8 res=1
+type=USER_ROLE_CHANGE msg=audit(1574676113.090:440): pid=21482 uid=0 auid=0 ses=8 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574676113.117:441): pid=21482 uid=0 auid=0 ses=8 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574676113.509:442): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574676113.510:443): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676113.514:444): pid=21506 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21506 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676113.514:445): pid=21506 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21506 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676113.514:446): pid=21506 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21506 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574676113.516:447): pid=21506 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574676114.450:448): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRED_DISP msg=audit(1574676114.451:449): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574676114.453:450): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574676114.454:451): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676114.454:452): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21482 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676114.454:453): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21482 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676114.454:454): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21482 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676114.454:455): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21482 suid=0 rport=44920 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676260.369:456): pid=21516 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21516 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676260.369:457): pid=21516 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21516 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676260.369:458): pid=21516 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21516 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574676260.572:459): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21516 suid=74 rport=45194 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574676260.573:460): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21516 suid=74 rport=45194 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574676261.389:461): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey acct="sysadm-user" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
+type=USER_AUTH msg=audit(1574676264.491:462): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_ACCT msg=audit(1574676264.495:463): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676264.498:464): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21516 suid=74 rport=45194 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574676264.500:465): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="sysadm-user" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=success'
+type=CRED_ACQ msg=audit(1574676264.500:466): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=LOGIN msg=audit(1574676264.501:467): pid=21515 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=9 res=1
+type=USER_ROLE_CHANGE msg=audit(1574676264.528:468): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 selected-context=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574676264.553:469): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676264.554:470): pid=21519 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21519 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676264.555:471): pid=21519 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21519 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676264.555:472): pid=21519 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21519 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_ACQ msg=audit(1574676264.556:473): pid=21519 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574676264.954:474): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/1 res=success'
+type=USER_START msg=audit(1574676264.955:475): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/1 res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676264.968:476): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21520 suid=1000  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=AVC msg=audit(1574676269.109:477): avc:  denied  { sendto } for  pid=21539 comm="dcbtool" path=002F636F6D2F696E74656C2F6C6C64706164 scontext=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:lldpad_t:s0 tclass=unix_dgram_socket permissive=0
+type=SYSCALL msg=audit(1574676269.109:477): arch=c000003e syscall=42 success=no exit=-13 a0=3 a1=558107411082 a2=14 a3=21000 items=0 ppid=21520 pid=21539 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts1 ses=9 comm="dcbtool" exe="/usr/sbin/dcbtool" subj=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 key=(null)
+type=PROCTITLE msg=audit(1574676269.109:477): proctitle="dcbtool"
+type=AVC msg=audit(1574676270.109:478): avc:  denied  { sendto } for  pid=21539 comm="dcbtool" path=002F636F6D2F696E74656C2F6C6C64706164 scontext=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:lldpad_t:s0 tclass=unix_dgram_socket permissive=0
+type=SYSCALL msg=audit(1574676270.109:478): arch=c000003e syscall=42 success=no exit=-13 a0=3 a1=558107411082 a2=14 a3=f items=0 ppid=21520 pid=21539 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts1 ses=9 comm="dcbtool" exe="/usr/sbin/dcbtool" subj=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 key=(null)
+type=PROCTITLE msg=audit(1574676270.109:478): proctitle="dcbtool"
+type=USER_END msg=audit(1574676314.202:479): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=/dev/pts/1 res=success'
+type=USER_LOGOUT msg=audit(1574676314.202:480): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=/dev/pts/1 res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676314.359:481): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21519 suid=1000  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676314.359:482): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21519 suid=1000 rport=45194 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_END msg=audit(1574676314.365:483): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRED_DISP msg=audit(1574676314.366:484): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676314.366:485): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21515 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676314.367:486): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21515 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676314.367:487): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21515 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676320.600:488): pid=21551 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21551 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676320.600:489): pid=21551 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21551 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676320.600:490): pid=21551 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21551 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574676320.714:491): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21551 suid=74 rport=45270 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574676320.714:492): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21551 suid=74 rport=45270 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574676321.562:493): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
+type=USER_AUTH msg=audit(1574676324.674:494): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_ACCT msg=audit(1574676324.678:495): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676324.679:496): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21551 suid=74 rport=45270 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574676324.681:497): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=success'
+type=CRED_ACQ msg=audit(1574676324.682:498): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=LOGIN msg=audit(1574676324.682:499): pid=21550 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=10 res=1
+type=USER_ROLE_CHANGE msg=audit(1574676324.801:500): pid=21550 uid=0 auid=0 ses=10 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574676324.826:501): pid=21550 uid=0 auid=0 ses=10 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574676325.219:502): pid=21550 uid=0 auid=0 ses=10 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574676325.220:503): pid=21550 uid=0 auid=0 ses=10 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676325.223:504): pid=21554 uid=0 auid=0 ses=10 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21554 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676325.223:505): pid=21554 uid=0 auid=0 ses=10 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21554 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676325.223:506): pid=21554 uid=0 auid=0 ses=10 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21554 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574676325.225:507): pid=21554 uid=0 auid=0 ses=10 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
--- a/tests/Regression/embedded-null-byte-in-audit-records/runtest.sh
+++ b/tests/Regression/embedded-null-byte-in-audit-records/runtest.sh
@ -0,0 +1,65 @@
+#!/bin/bash
+# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/setroubleshoot/Regression/embedded-null-byte-in-audit-records
+#   Description: Is sealert able to processes audit messages which contain embedded null bytes?
+#   Author: Milos Malik <mmalik@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2019 Red Hat, Inc.
+#
+#   This program is free software: you can redistribute it and/or
+#   modify it under the terms of the GNU General Public License as
+#   published by the Free Software Foundation, either version 2 of
+#   the License, or (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE.  See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program. If not, see http://www.gnu.org/licenses/.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include Beaker environment
+. /usr/bin/rhts-environment.sh || exit 1
+. /usr/share/beakerlib/beakerlib.sh || exit 1
+
+PACKAGE="setroubleshoot"
+
+rlJournalStart
+    rlPhaseStartSetup
+        rlAssertRpm ${PACKAGE}
+        rlRun "rpm -qf /usr/sbin/ausearch"
+        rlRun "rpm -qf /usr/bin/audit2allow"
+        rlRun "rpm -qf /usr/bin/sealert"
+        OUTPUT_FILE=`mktemp`
+    rlPhaseEnd
+
+    rlPhaseStartTest "bz#1775135 + bz#1776199"
+        if rlIsRHEL 7 ; then
+            rlRun "ausearch -i -m avc -if ./audit.log"
+            rlRun "audit2allow -i ./audit.log"
+            # if sealert got stuck, kill it after 15 seconds
+            rlWatchdog "sealert -a ./audit.log 2>&1 | tee ${OUTPUT_FILE}" 15
+        else # Fedora, RHEL-8 and above
+            rlRun "ausearch -i -m avc -if ./short.log"
+            rlRun "audit2allow -i ./short.log"
+            # if sealert got stuck, kill it after 15 seconds
+            rlWatchdog "sealert -a ./short.log 2>&1 | tee ${OUTPUT_FILE}" 15
+        fi
+        rlRun "grep -i -e Traceback -e TypeError -e embedded -e \"null byte\" ${OUTPUT_FILE}" 1
+        rlRun "grep -i \"Plugin catchall\" ${OUTPUT_FILE}" 0
+        if [ $? -ne 0 ]; then cat ${OUTPUT_FILE}; fi
+    rlPhaseEnd
+
+    rlPhaseStartCleanup
+        rm -f ${OUTPUT_FILE}
+    rlPhaseEnd
+rlJournalPrintText
+rlJournalEnd
+
--- a/tests/Regression/embedded-null-byte-in-audit-records/short.log
+++ b/tests/Regression/embedded-null-byte-in-audit-records/short.log
@ -0,0 +1,4 @@
+type=AVC msg=audit(1574094303.139:1096): avc:  denied  { sendto } for  pid=18278 comm="dcbtool" path=002F636F6D2F696E74656C2F6C6C64706164 scontext=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:lldpad_t:s0 tclass=unix_dgram_socket permissive=0
+type=SYSCALL msg=audit(1574094303.139:1096): arch=c000003e syscall=42 success=no exit=-13 a0=3 a1=55c52f80bf02 a2=14 a3=0 items=0 ppid=12504 pid=18278 auid=1005 uid=1005 gid=1005 euid=1005 suid=1005 fsuid=1005 egid=1005 sgid=1005 fsgid=1005 tty=pts1 ses=33 comm="dcbtool" exe="/usr/sbin/dcbtool" subj=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=connect AUID="sysadm-user" UID="sysadm-user" GID="sysadm-user" EUID="sysadm-user" SUID="sysadm-user" FSUID="sysadm-user" EGID="sysadm-user" SGID="sysadm-user" FSGID="sysadm-user"
+type=SOCKADDR msg=audit(1574094303.139:1096): saddr=0100002F636F6D2F696E74656C2F6C6C64706164SADDR={ saddr_fam=local path=/com/intel/lldpad }
+type=PROCTITLE msg=audit(1574094303.139:1096): proctitle="dcbtool"
--- a/tests/Regression/no-plugin-exception-during-analyses/Makefile
+++ b/tests/Regression/no-plugin-exception-during-analyses/Makefile
@ -0,0 +1,65 @@
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Makefile of /CoreOS/setroubleshoot/Regression/no-plugin-exception-during-analyses
+#   Description: Does setroubleshoot report any 'Plugin Exception' during analyses?
+#   Author: Petr Lautrbach <plautrba@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2020 Red Hat, Inc.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+export TEST=/CoreOS/setroubleshoot/Regression/no-plugin-exception-during-analyses
+export TESTVERSION=1.0
+
+BUILT_FILES=
+
+FILES=$(METADATA) runtest.sh Makefile short.log
+
+.PHONY: all install download clean
+
+run: $(FILES) build
+	./runtest.sh
+
+build: $(BUILT_FILES)
+	test -x runtest.sh || chmod a+x runtest.sh
+
+clean:
+	rm -f *~ $(BUILT_FILES)
+
+include /usr/share/rhts/lib/rhts-make.include
+
+$(METADATA): Makefile
+	@echo "Owner:           Petr Lautrbach <plautrba@redhat.com>" > $(METADATA)
+	@echo "Name:            $(TEST)" >> $(METADATA)
+	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
+	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
+	@echo "Description:     Does setroubleshoot report any 'Plugin Exception' during analyses?" >> $(METADATA)
+	@echo "Type:            Regression" >> $(METADATA)
+	@echo "TestTime:        5m" >> $(METADATA)
+	@echo "RunFor:          setroubleshoot" >> $(METADATA)
+	@echo "Requires:        setroubleshoot-server" >> $(METADATA)
+	@echo "Priority:        Normal" >> $(METADATA)
+	@echo "License:         GPLv2" >> $(METADATA)
+	@echo "Confidential:    no" >> $(METADATA)
+	@echo "Destructive:     no" >> $(METADATA)
+	@echo "Environment:     AVC_ERROR=+no_avc_check" >> $(METADATA)
+	@echo "Bug:             1784564" >> $(METADATA) # RHEL-7
+
+	rhts-lint $(METADATA)
+
--- a/tests/Regression/no-plugin-exception-during-analyses/runtest.sh
+++ b/tests/Regression/no-plugin-exception-during-analyses/runtest.sh
@ -0,0 +1,73 @@
+#!/bin/bash
+# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/setroubleshoot/Regression/no-plugin-exception-during-analyses
+#   Description: Does setroubleshoot report any 'Plugin Exception' during analyses?
+#   Author: Petr Lautrbach <plautrba@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2020 Red Hat, Inc.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include Beaker environment
+. /usr/bin/rhts-environment.sh || exit 1
+. /usr/share/beakerlib/beakerlib.sh || exit 1
+
+PACKAGE="setroubleshoot"
+
+rlJournalStart
+    rlPhaseStartSetup
+        rlAssertRpm ${PACKAGE}-server
+        rlAssertRpm ${PACKAGE}-plugins
+    rlPhaseEnd
+
+    rlPhaseStartTest "no 'Plugin Exception'"
+        SINCE=$(date '+%Y-%m-%d %H:%M:%S')
+        RANDOM_NUMBER=${RANDOM}
+        rlRun "passwd --help >& /root/output-${RANDOM_NUMBER}.txt"
+        rlRun "rm -f /root/output-${RANDOM_NUMBER}.txt"
+        sleep 10
+        rlRun "journalctl --since=\"$SINCE\" > journal-after.txt"
+        STATUS=0
+        rlAssertGrep "setroubleshoot.*: SELinux is preventing (/usr/bin/)?passwd" journal-after.txt -E
+        [[ $? -eq 0 ]] || STATUS=$?
+        rlAssertNotGrep "setroubleshoot.*: Plugin Exception " journal-after.txt
+        [[ $? -eq 0 ]] || STATUS=$?
+        rlRun "[[ $STATUS -eq 0 ]] || cat journal-after.txt"
+        rlRun "rm -f journal-after.txt"
+    rlPhaseEnd
+
+    rlPhaseStartTest "no 'Plugin Exception' in short.log"
+        OUTPUT_FILE=`mktemp`
+        rlRun "sealert -a ./short.log >& $OUTPUT_FILE"
+        STATUS=0
+        rlAssertNotGrep "'generator' object is not subscriptable" $OUTPUT_FILE
+        [[ $? -eq 0 ]] || STATUS=$?
+        rlAssertGrep "Plugin catchall_labels" $OUTPUT_FILE
+        [[ $? -eq 0 ]] || STATUS=$?
+        rlRun "[[ $STATUS -eq 0 ]] || cat $OUTPUT_FILE"
+        rlRun "rm -f $OUTPUT_FILE"
+    rlPhaseEnd
+
+    rlPhaseStartCleanup
+    rlPhaseEnd
+rlJournalPrintText
+rlJournalEnd
+
--- a/tests/Regression/no-plugin-exception-during-analyses/short.log
+++ b/tests/Regression/no-plugin-exception-during-analyses/short.log
@ -0,0 +1,10 @@
+type=PROCTITLE msg=audit(1574867531.103:1226): proctitle=2F7573722F7362696E2F6368726F6E7964002D6E002D66002F7661722F72756E2F74696D656D61737465722F6368726F6E792E636F6E66
+type=AVC msg=audit(1574867531.516:1227): avc:  denied  { read } for  pid=936 comm="auditd" name="passwd" dev="sda2" ino=25468387 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
+type=AVC msg=audit(1574867531.516:1228): avc:  denied  { read } for  pid=936 comm="auditd" name="passwd" dev="sda2" ino=25468387 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
+type=AVC msg=audit(1574867531.516:1229): avc:  denied  { write } for  pid=936 comm="auditd" name="nss" dev="sda2" ino=209156 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0
+type=AVC msg=audit(1574867531.516:1230): avc:  denied  { read } for  pid=936 comm="auditd" name="group" dev="sda2" ino=25468401 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
+type=AVC msg=audit(1574867531.516:1231): avc:  denied  { read } for  pid=936 comm="auditd" name="group" dev="sda2" ino=25468401 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
+type=AVC msg=audit(1574867531.516:1232): avc:  denied  { write } for  pid=936 comm="auditd" name="nss" dev="sda2" ino=209156 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0
+type=SYSCALL msg=audit(1574867527.549:1163): arch=c000003e syscall=21 success=no exit=-13 a0=7f61e4002460 a1=4 a2=0 a3=0 items=1 ppid=1 pid=1871 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="in:imjournal" exe="/usr/sbin/rsyslogd" subj=system_u:system_r:syslogd_t:s0 key=(null)ARCH=x86_64 SYSCALL=access AUID="unset" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root"
+type=CWD msg=audit(1574867527.549:1163): cwd="/"
+type=PATH msg=audit(1574867527.549:1163): item=0 name="/var/lib/rsyslog/imjournal.state" inode=25845859 dev=08:02 mode=0100600 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:unlabeled_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0OUID="root" OGID="root"
--- a/tests/Regression/sealert-s-traceback-invalid-display/Makefile
+++ b/tests/Regression/sealert-s-traceback-invalid-display/Makefile
@ -0,0 +1,63 @@
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Makefile of /CoreOS/setroubleshoot/Regression/sealert-s-traceback-invalid-display
+#   Description: Test for traceback when using sealert -s with DISPLAY set to invalid value
+#   Author: Vit Mojzis <vmojzis@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2020 Red Hat, Inc.
+#
+#   This program is free software: you can redistribute it and/or
+#   modify it under the terms of the GNU General Public License as
+#   published by the Free Software Foundation, either version 2 of
+#   the License, or (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE.  See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program. If not, see http://www.gnu.org/licenses/.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+export TEST=/CoreOS/setroubleshoot/Regression/sealert-s-traceback-invalid-display
+export TESTVERSION=1.0
+
+BUILT_FILES=
+
+FILES=$(METADATA) runtest.sh Makefile
+
+.PHONY: all install download clean
+
+run: $(FILES) build
+	./runtest.sh
+
+build: $(BUILT_FILES)
+	test -x runtest.sh || chmod a+x runtest.sh
+
+clean:
+	rm -f *~ $(BUILT_FILES)
+
+include /usr/share/rhts/lib/rhts-make.include
+
+$(METADATA): Makefile
+	@echo "Owner:           Vit Mojzis <vmojzis@redhat.com>" > $(METADATA)
+	@echo "Name:            $(TEST)" >> $(METADATA)
+	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
+	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
+	@echo "Description:     Test for traceback when using sealert -s with display set to invalid value" >> $(METADATA)
+	@echo "Type:            Regression" >> $(METADATA)
+	@echo "TestTime:        5m" >> $(METADATA)
+	@echo "RunFor:          setroubleshoot" >> $(METADATA)
+	@echo "Requires:        setroubleshoot" >> $(METADATA)
+	@echo "Priority:        Normal" >> $(METADATA)
+	@echo "License:         GPLv2" >> $(METADATA)
+	@echo "Confidential:    no" >> $(METADATA)
+	@echo "Destructive:     no" >> $(METADATA)
+	@echo "Bug:             1574434" >> $(METADATA)
+	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5 -RHEL6 -RHEL7" >> $(METADATA)
+
+	rhts-lint $(METADATA)
--- a/tests/Regression/sealert-s-traceback-invalid-display/runtest.sh
+++ b/tests/Regression/sealert-s-traceback-invalid-display/runtest.sh
@ -0,0 +1,45 @@
+#!/bin/bash
+# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/setroubleshoot/Regression/sealert-s-traceback-invalid-display
+#   Description: Test for traceback when using sealert -s with DISPLAY set to invalid value
+#   Author: Vit Mojzis <vmojzis@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2020 Red Hat, Inc.
+#
+#   This program is free software: you can redistribute it and/or
+#   modify it under the terms of the GNU General Public License as
+#   published by the Free Software Foundation, either version 2 of
+#   the License, or (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE.  See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program. If not, see http://www.gnu.org/licenses/.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include Beaker environment
+. /usr/bin/rhts-environment.sh || exit 1
+. /usr/share/beakerlib/beakerlib.sh || exit 1
+
+PACKAGE="setroubleshoot-server"
+
+rlJournalStart
+    rlPhaseStartSetup
+        rlAssertRpm $PACKAGE
+        OUTPUT_FILE=`mktemp`
+    rlPhaseEnd
+
+    rlPhaseStartTest
+        rlRun "DISPLAY=yolo sealert -s 2>&1 | tee ${OUTPUT_FILE}"
+        rlRun "grep Traceback ${OUTPUT_FILE}" 1
+    rlPhaseEnd
+rlJournalPrintText
+rlJournalEnd
--- a/tests/Sanity/public_content/Makefile
+++ b/tests/Sanity/public_content/Makefile
@ -0,0 +1,65 @@
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Makefile of /CoreOS/setroubleshoot-plugins/Sanity/public_content
+#   Description: Does the plugin work as expected?
+#   Author: Milos Malik <mmalik@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2017 Red Hat, Inc.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+export TEST=/CoreOS/setroubleshoot-plugins/Sanity/public_content
+export TESTVERSION=1.0
+
+BUILT_FILES=
+
+FILES=$(METADATA) runtest.sh Makefile PURPOSE
+
+.PHONY: all install download clean
+
+run: $(FILES) build
+	./runtest.sh
+
+build: $(BUILT_FILES)
+	test -x runtest.sh || chmod a+x runtest.sh
+
+clean:
+	rm -f *~ $(BUILT_FILES)
+
+include /usr/share/rhts/lib/rhts-make.include
+
+$(METADATA): Makefile
+	@echo "Owner:           Milos Malik <mmalik@redhat.com>" > $(METADATA)
+	@echo "Name:            $(TEST)" >> $(METADATA)
+	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
+	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
+	@echo "Description:     Does the plugin work as expected?" >> $(METADATA)
+	@echo "Type:            Sanity" >> $(METADATA)
+	@echo "TestTime:        10m" >> $(METADATA)
+	@echo "RunFor:          setroubleshoot-plugins" >> $(METADATA)
+	@echo "Requires:        setroubleshoot-plugins setroubleshoot-server audit setools-console psmisc libselinux-utils rsyslog" >> $(METADATA)
+	@echo "Priority:        Normal" >> $(METADATA)
+	@echo "License:         GPLv2" >> $(METADATA)
+	@echo "Confidential:    no" >> $(METADATA)
+	@echo "Destructive:     no" >> $(METADATA)
+	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
+	@echo "Environment:     AVC_ERROR=+no_avc_check" >> $(METADATA)
+
+	rhts-lint $(METADATA)
+
--- a/tests/Sanity/public_content/PURPOSE
+++ b/tests/Sanity/public_content/PURPOSE
@ -0,0 +1,7 @@
+PURPOSE of /CoreOS/setroubleshoot-plugins/Sanity/public_content
+Author: Milos Malik <mmalik@redhat.com>
+
+Does the plugin work as expected?
+
+Default value of ANALYSIS_DELAY can be overriden.
+
--- a/tests/Sanity/public_content/runtest.sh
+++ b/tests/Sanity/public_content/runtest.sh
@ -0,0 +1,87 @@
+#!/bin/bash
+# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/setroubleshoot-plugins/Sanity/public_content
+#   Description: Does the plugin work as expected?
+#   Author: Milos Malik <mmalik@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2017 Red Hat, Inc.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include Beaker environment
+. /usr/bin/rhts-environment.sh || exit 1
+. /usr/share/beakerlib/beakerlib.sh || exit 1
+
+PACKAGE="setroubleshoot-plugins"
+PLUGIN_NAME="public_content"
+ANALYSIS_DELAY=${ANALYSIS_DELAY:-"16"}
+
+rlJournalStart
+    rlPhaseStartSetup
+        rlAssertRpm ${PACKAGE}
+        rlAssertRpm setroubleshoot-server
+        rlServiceStart auditd
+        rlFileBackup /var/lib/setroubleshoot/setroubleshoot_database.xml
+        rlRun "rm -f /var/lib/setroubleshoot/setroubleshoot_database.xml"
+        BEFORE=`mktemp`
+        AFTER=`mktemp`
+        rlRun "killall setroubleshootd" 0,1
+        rlRun "mkdir -p /var/test-dir"
+        rlRun "chcon -t samba_share_t /var/test-dir"
+        rlRun "touch /var/test-file"
+        rlRun "chcon -t samba_share_t /var/test-file"
+    rlPhaseEnd
+
+    rlPhaseStartTest
+        if rlIsRHEL 6 7 ; then
+            ADD_OPT="-C"
+        fi
+        rlRun "sesearch -s rsync_t -t samba_share_t -c dir -p read -A --dontaudit ${ADD_OPT} | grep -v '\]' | grep -e allow -e dontaudit" 1
+        rlRun "sesearch -s rsync_t -t samba_share_t -c file -p read -A --dontaudit ${ADD_OPT} | grep -v '\]' | grep -e allow -e dontaudit" 1
+        rlRun "setsebool rsync_export_all_ro off"
+        if ! rlIsRHEL 6 ; then
+            rlRun "setsebool rsync_full_access off"
+        fi
+        rlRun "sealert -l '*' > ${BEFORE}"
+        rlRun "cat /var/log/messages > ./messages"
+        rlRun "setenforce 0"
+        rlRun "runcon system_u:system_r:rsync_t:s0 bash -c 'ls /var/test-dir'" 0,1
+        rlRun "runcon system_u:system_r:rsync_t:s0 bash -c 'cat /var/test-file'" 0,1
+        rlRun "setenforce 1"
+        rlRun "sleep ${ANALYSIS_DELAY}"
+        rlRun "ps -efZ | grep setroubleshootd" 0,1
+        rlRun "sealert -l '*' > ${AFTER}" 0-3
+        rlRun "ausearch -m avc -m selinux_err -i -ts recent | grep 'read.*ls.*test-dir.*:rsync_t:.*:samba_share_t:.*tclass=dir'"
+        rlRun "ausearch -m avc -m selinux_err -i -ts recent | grep 'read.*cat.*test-file.*:rsync_t:.*:samba_share_t:.*tclass=file'"
+        rlRun "diff ${BEFORE} ${AFTER} | grep \"Plugin.*suggests\""
+        rlRun "diff ${BEFORE} ${AFTER} | grep \"Plugin ${PLUGIN_NAME} .*suggests\""
+        rlRun "diff /var/log/messages ./messages | grep -i -e 'setroubleshoot.*exception' -e 'no such file or directory'" 1
+    rlPhaseEnd
+
+    rlPhaseStartCleanup
+        rlRun "rm -rf /var/test-dir /var/test-file"
+        rm -f ${BEFORE}
+        rm -f ${AFTER}
+        rlFileRestore
+    rlPhaseEnd
+rlJournalPrintText
+rlJournalEnd
+
--- a/tests/tests.yml
+++ b/tests/tests.yml
@ -0,0 +1,19 @@
+- hosts: localhost
+  roles:
+  - role: standard-test-beakerlib
+    tags:
+    - classic
+    tests:
+    - Regression/embedded-null-byte-in-audit-records
+    - Regression/no-plugin-exception-during-analyses
+    - Regression/sealert-s-traceback-invalid-display
+    - Regression/Report-bugs-on-corresponding-components
+    - Sanity/public_content
+    required_packages:
+    - setroubleshoot-server
+    - setroubleshoot-plugins
+    - audit
+    - setools-console
+    - psmisc
+    - libselinux-utils
+    - rsyslog
Author	SHA1	Message	Date
Petr Lautrbach	beb2a71e3f	setroubleshoot-3.3.24-1 - Add 'fur' into shipped locales - Update translations - Log full reports with correct syslog identifier - Cancel pending alarm during AVC analyses	2020-10-13 10:10:10 +02:00
Vit Mojzis	5886bbdd11	tests/Regression/Report-bugs: Add new test RPM	2020-08-05 18:05:15 +02:00
Fedora Release Engineering	3502f40970	- Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2020-08-01 09:02:16 +00:00
Fedora Release Engineering	eed1173ddb	- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2020-07-29 10:35:09 +00:00
Tom Stellard	6edc7d2d0f	Use make macros https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro	2020-07-14 14:08:30 +00:00
Petr Lautrbach	ce0b7236a0	Cancel pending alarm during AVC analyses Previously the alarm was reset only in main DBUS thread and only when a new AVC appeared. In cases when there were several AVC messages in short time, analyses could take more than a default timeout and later analyses were not saved to the database. Now we cancel pending timeouts before analyze_avc() and reset the timeout back to default when it's done. Fixes: $ journalctl \| grep 'sealert -l' setroubleshoot[314039]: SELinux is preventing bash from search access on the directory .local. For complete SELinux messages run: sealert -l ccf3307a-f4ab-4584-87c6-63884daf841a $ sealert -l ccf3307a-f4ab-4584-87c6-63884daf841a Error query_alerts error (1003): id (ccf3307a-f4ab-4584-87c6-63884daf841a) not found	2020-05-27 13:59:07 +02:00
Petr Lautrbach	6882e142b6	tests: Add public_content test Does public_content plugin work as expected with the current setroubleshoot-server?	2020-05-27 13:58:28 +02:00
Miro Hrončok	4810120f39	Rebuilt for Python 3.9	2020-05-26 03:50:21 +02:00
Vit Mojzis	01e036ef43	tests: Add Regression/Report-bugs-on-corresponding-components Policy packages to be used in the test are specified using TEST_PACKAGES variable in the Makefile. Corresponding avc_<package_name> file has to exist for each such package. avc_<package_name> files contain AVCs with "scontext" domain defined in policy module installed by <package_name> RPM. The test verifies that setroubleshoot is able to properly identify the source package.	2020-05-22 13:17:51 +02:00
Vit Mojzis	bb3d75bf71	tests/sealert-s-traceback-invalid-display: remove invalid argument The argument was never used since sealert always crashed on GUI setup, but it iss still better to remove it to avoid issues in the future.	2020-05-13 16:44:48 +02:00
Vit Mojzis	8e35736477	tests: Add Regression/sealert-s-traceback-invalid-display This test should make sure that "sealert -s" does not traceback with DISPLAY set to invalid value.	2020-04-28 15:56:44 +02:00
Vit Mojzis	9c9318679f	setroubleshoot-3.3.23-1 - browser: Check return value of Gdk.Screen().get_default() - Improve and unify error messages - setroubleshoot.util: Catch exceptions from sepolicy import - Add dpkg support - Do not refer to hardcoded selinux-policy rpm in signature - Make date/time format locale specific - Improve speed of plugin evaluation	2020-04-21 22:50:41 +02:00
Petr Lautrbach	3242bcadb0	setroubleshoot-3.3.22-6.fc33 - Do not try to report a bug on None package (#1809801)	2020-03-04 20:26:36 +01:00
Petr Lautrbach	678fd233e3	setroubleshoot-3.3.22-5 - root user doesn't need to use SetroubleshootPrivileged API	2020-02-28 13:37:14 +01:00
Petr Lautrbach	e2dfff1666	setroubleshoot-3.3.22-4 - sealert to report a bug on a package which owns the related SELinux domain https://pagure.io/setroubleshoot/issue/18	2020-02-27 15:04:17 +01:00
Fedora Release Engineering	4759318f5d	- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2020-01-30 23:17:11 +00:00
Petr Lautrbach	61171038c2	setroubleshoot-3.3.22-2 - Log plugin exception traceback when log level is DEBUG - sepolicy.info() returns a generator, not a list (#1784564)	2020-01-11 21:06:38 +01:00
Petr Lautrbach	2751df1935	no-plugin-exception-during-analyses: Fix indentation	2020-01-11 19:46:39 +01:00
Petr Lautrbach	e4ba63e00b	no-plugin-exception-during-analyses: Test sealert -a ./short.log short.log exposes a problem with Plugin Exception in catchall_labels plugin Covers "'generator' object is not subscriptable" in sealert output: $ sealert -a ./short.log 100% done'generator' object is not subscriptable 100% done found 2 alerts in ./short.log ...	2020-01-11 19:28:15 +01:00
Petr Lautrbach	77e7a0320c	tests: Few no-plugin-exception-during-analyses improvements - when first grep fails print journal as well - check for setroubleshoot-server instead of setroubleshoot - improve grep assert to match "passwd" and "/usr/bin/passwd"	2020-01-06 16:05:21 +01:00
Petr Lautrbach	0340721f20	tests: Add Regression/no-plugin-exception-during-analyses to CI tests	2020-01-06 09:52:59 +01:00
Petr Lautrbach	8937bc78c8	tests: Report setroubleshoot-server version during no-plugin-exception-during-analyses	2020-01-06 09:49:41 +01:00
Petr Lautrbach	2602b87ed0	tests: Does setroubleshoot report any 'Plugin Exception' during analyses? This test should cover cases when setroubleshoot reports "Plugin Exception" during analyses, see https://bugzilla.redhat.com/show_bug.cgi?id=1784564 Example log with the reported problem: setroubleshoot[834]: Plugin Exception catchall_labels setroubleshoot[834]: Plugin Exception file setroubleshoot[834]: Plugin Exception openvpn	2020-01-03 15:57:56 +01:00
Petr Lautrbach	1bbd702684	setroubleshoot-3.3.22 - sepolicy.info() returns a generator, not a list (#1784564)	2020-01-02 16:16:57 +01:00
Vit Mojzis	82e602850c	setroubleshoot-3.3.21-1 - Fix AVC.__typeMatch to handle aliases properly - Handle sockets with abstract path properly (#1775135)	2019-12-11 16:39:29 +01:00
Vit Mojzis	7573f5f239	tests: Add Regression/embedded-null-byte-in-audit-records	2019-12-11 16:16:13 +01:00
Miro Hrončok	f13e6870bb	Rebuilt for Python 3.8.0rc1 (#1748018 )	2019-10-03 14:38:42 +02:00
Petr Lautrbach	160875de3e	setroubleshoot-3.3.20-3.fc32 - Use dbus.mainloop.glib.DBusGMainLoop() instead of dbus.glib	2019-08-27 23:22:54 +02:00
Miro Hrončok	e305bc4874	Rebuilt for Python 3.8	2019-08-19 11:05:48 +02:00
Vit Mojzis	24d5048bc1	setroubleshoot-3.3.20-1 - Update "missing" scripts to automake-1.15 - Add active polling for acquiring policy file - Fix translation of hex values in AVCs - require initscripts to ensure that "service" call works properly - Add man page for seapplet - setroubleshoot-server: only require gobject-base	2019-07-26 10:13:32 +02:00
Stephen Gallagher	746ad7cd5d	setroubleshoot-server: only require gobject-base When only the server is being installed, there is no need for the cairo portions of gobject. This change avoids pulling in the X11 stack. Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>	2019-07-25 11:14:51 -04:00
Martin Kutlak	6f74db21dd	Correct the name for libreport Python3 require The name of the package changed after [1]. We kept a provide for libreport-python3 but it will be removed with new release of libreport. [1] https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3#Packages_with_Python_modules Signed-off-by: Martin Kutlak <mkutlak@redhat.com>	2019-07-02 15:19:15 +02:00
Fedora Release Engineering	f8ff97289e	- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2019-02-02 15:14:31 +00:00
Petr Lautrbach	e5d099e99c	setroubleshoot-3.3.19 - Require plugins >= 3.3.10	2018-12-08 22:54:51 +01:00
Petr Lautrbach	a4ac25c20f	setroubleshoot-3.3.18-3 - Update scriptlets to reload auditd after install or uninstall	2018-11-29 11:59:39 +01:00
Petr Lautrbach	ea0d9634a3	Update scriptlets to reload auditd service When setroubleshoot sedispatch is installed, or updated, auditd needs to be reloaded so that it runs the new installed plugin. Since auditd needs to know who reloaded him, `systemctl` can't be used. We need to use `service` script. This fixes the problem when setroubleshoot is installed, but it doesn't collect AVC denial messages until the machine is rebooted. /com/redhat/setroubleshootd interface is not used for years therefore we can drop it.	2018-11-29 11:54:54 +01:00
Petr Lautrbach	68fd5e93b2	setroubleshoot-3.3.18-2 - Update translations - Improve myplatform detection in get_os_environment()	2018-09-20 10:49:46 +02:00
Petr Lautrbach	390018d909	setroubleshoot-3.3.18-1 - Move sedispatch.conf to /etc/audit/plugins.d/ - Fix summary and "if" text for AVCs with unknown target path	2018-07-18 22:08:30 +02:00
Petr Lautrbach	e6ad318f5b	Disable automatic compilation of Python files in extra directories https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/IDDR65FMKZYZYLL6DGFEKFACC55PELW3/ https://fedoraproject.org/wiki/Packaging:Python_Appendix#Manual_byte_compilation	2018-07-16 13:10:41 +02:00
Fedora Release Engineering	2ac92dadc6	- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2018-07-14 06:00:15 +00:00
Miro Hrončok	9402ffe298	Rebuilt for Python 3.7	2018-06-19 11:27:25 +02:00
Petr Lautrbach	8dfd332b08	setroubleshoot-3.3.17-1 - Set auto_save_interval to 5 (#1548913,#1523406,#1539180) - seapplet: Try send and close notifications (#1541624,#1541719,#1544222,#1539367)	2018-02-26 21:17:57 +01:00
Petr Lautrbach	a6f6a4c670	List gcc in BuildRequires https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/IJFYI5Q2BYZKIGDFS2WLOBDUSEGWHIKV/ https://fedoraproject.org/wiki/Packaging:C_and_C%2B%2B#BuildRequires_and_Requires	2018-02-20 10:20:05 +01:00
Petr Lautrbach	2c1d331cf5	setroubleshoot-3.3.16-1 - Do not show status_icon when there's no alert (#1543758) - Run seapplet only on SELinux enabled system (#1541631) - Use context in Gio.AppInfo.launch (#1542156)	2018-02-20 10:04:27 +01:00
Petr Lautrbach	b38f5c7b27	Spec file cleanup https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/MRWOMRZ6KPCV25EFHJ2O67BCCP3L4Y6N/	2018-02-16 13:06:20 +01:00
Igor Gnatenko	5fa4687faf	Remove %clean section None of currently supported distributions need that. Last one was EL5 which is EOL for a while. Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>	2018-02-14 07:39:16 +01:00
Igor Gnatenko	ac7c38c70b	Escape macros in %changelog Reference: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/Y2ZUKK2B7T2IKXPMODNF6HB2O5T5TS6H/ Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>	2018-02-09 09:06:16 +01:00
Björn Esser	870ec3c38b	Fix runtime dependency: 's!lipreport!libreport!g' (#1536580 ) Prefer %%global over %%define Remove obsolete %%defattr(-,root,root,-)	2018-01-19 17:59:12 +01:00
Petr Lautrbach	b748a74d0a	setroubleshoot-3.3.15 - Rewrite seapplet to Python3 to use Notify and Gtk 3.0 - Add setroubleshoot-seappletlegacy with legacy seappletlegacy based on Gtk 2 - sealert: Finish dbus communication after error	2018-01-19 17:08:56 +01:00
Igor Gnatenko	66eddf963e	Remove obsolete scriptlets Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>	2018-01-06 00:36:21 +01:00
Vit Mojzis	3a2f956a93	Add readme dealing with translations - Clarify relation between individual repositories containing translations - Explain how to use zanata interface on a few important use-cases	2018-01-05 17:25:48 +01:00
Petr Lautrbach	68760e80b6	setroubleshoot-3.3.14-3 - Update translations	2017-11-23 09:08:10 +01:00
Petr Lautrbach	151c346ff4	0001-framework-Update-translations.patch	2017-11-20 07:28:14 +01:00
Petr Lautrbach	ad328e7b5e	setroubleshoot-3.3.14-2 - Update translations	2017-11-20 07:25:18 +01:00
Petr Lautrbach	90373a5b74	setroubleshoot-3.3.14-1 - Increase the space for suggested solutions in sealert - Highlight suggestions with the highest confidence - Remove additional "If " string from plugin messages - Fix sealert message for process2 (#1507909) - Do not change if_string[0] to lowercase	2017-11-18 22:14:01 +01:00
Petr Lautrbach	edbaa86466	Remove unused patches	2017-09-15 10:25:53 +02:00
Petr Lautrbach	d3a05435be	setroubleshoot-3.3.13-1 - Don't stop when the plugin directory is empty - Fix missing margins on Troubleshoot window - Resize all solutions panels horizontally - Fix missing priority color for proposed solutions - Do not split If sentences to framework and plugins - requires setroubleshoot-plugins 3.3.8 at least (rhbz#1210243, rhbz#1322734, hbz#1115510) - Set translation domain for Gtk.Builder() object to have strings correctly translated - Make labels on GtkButtons translatable - Handla all exceptions from do_analyze_logfile() - Fix semi-translated messages - Update translations - Do not catch POSIX signals (rhbz#1366004, rhbz#1419245)	2017-09-15 08:02:41 +02:00
Fedora Release Engineering	95f01e48d9	- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild	2017-08-03 08:21:41 +00:00
Fedora Release Engineering	3b1b354a9e	- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild	2017-07-27 18:28:22 +00:00
Petr Lautrbach	36fe5b517c	setroubleshoot-3.3.12-1 - Remove "Report bug" button when mozplugger plugin is used (#1290135) - Change "check_for_man" return value upon failure (#1431191) - Fix "plugin details" message content - Add "init_args" function to Plugin - Fix sealert crash when setroubleshootd fails to start (#1405003) - Improve obtaining AVC object path - Fix setroubleshootd.8 - Fix report problem summary string - sealert - provide a better error message when SELinux is disabled - Spelling fixes - Python 3.6 invalid escape sequence deprecation fixes	2017-06-13 16:51:49 +02:00
Petr Lautrbach	2dbc30bae4	Change links from fedorahosted.org to pagure.io	2017-03-02 10:39:06 +01:00
Petr Lautrbach	9a15d74ce0	Remove -S git from %autosetup to prevent FTBFS in rawhide (#1424428 )	2017-02-19 13:37:58 +01:00
Fedora Release Engineering	ac3de9585d	- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild	2017-02-11 13:20:09 +00:00
Petr Lautrbach	2b98cfec14	Own __pycache__ directory Resolves: rhbz#1413004	2017-01-16 18:50:37 +01:00
Miro Hrončok	be1dffd065	Rebuild for Python 3.6	2016-12-19 18:20:38 +01:00
Petr Lautrbach	3878bfdd1e	setroubleshoot-3.3.11-1 - Fix "list all alerts" in sealert gui (#1370272, #1332485) - Fix sealert message for capability2 (#1360392)	2016-08-31 15:07:54 +02:00
Fedora Release Engineering	64ebe7704b	- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages	2016-07-19 12:36:30 +00:00
Petr Lautrbach	90b19d66d1	setroubleshoot-3.3.10-1 - setroubleshootd fixed to catch all subprocess exceptions - Translations updated	2016-07-16 16:04:04 +02:00
Petr Lautrbach	ce9c2af5de	setroubleshoot-3.3.9.1-1 - Do not use dangerous shell=True - Use subprocess.check_output() with a sequence of program arguments	2016-06-21 16:57:35 +02:00
Petr Lautrbach	e68bd478ee	setroubleshoot-3.3.8.1-1 - fixed get_all_alerts_ignored()	2016-06-02 18:50:29 +02:00
Petr Lautrbach	3e8751de38	setroubleshoot-3.3.8-1 - added setroubleshootd_log.log_full=True\|False directive - setroubleshootd_log.level and sealert_log.level can be set to different values - get_alert() and get_all_alerts_since() DBUS APIs change to use number of microseconds instead of date string - setroubleshoot.conf cleanup	2016-06-02 15:18:33 +02:00
Petr Lautrbach	288066f917	Move /run/setroubleshoot to setroubleshoot-server setroubleshootd listens for clients on socket created in /run/setroubleshoot by default. Therefore this directory and related tmpfiles.d file belongs to setroubleshoot-server. Fixes: rhbz#1329550 /bin/sealert[22726]: attempt to open server connection failed: No such file or directory	2016-05-31 19:03:58 +02:00
Petr Lautrbach	28deddb948	setroubleshoot-3.3.7-1 - Added new methods to DBUS API: set_filter(), get_all_alerts_ignored(), delete_alert()	2016-05-18 22:18:31 +02:00
Petr Lautrbach	d6a205f01b	setroubleshoot-3.3.6-1 - Translations updated (#1322654) - Suggest my-<command>.pp modules instead of mypol.pp (#1329037)	2016-05-06 13:59:55 +02:00
Petr Lautrbach	f6e56901ad	setroubleshoot-3.3.5-3 - Drop unwanted debug message in sedispatch (#1326985)	2016-04-14 11:28:55 +02:00
Petr Lautrbach	ce197f93a4	setroubleshoot-3.3.5-2 - setroubleshoot: Ensure that dbus string param isn't null	2016-04-07 11:39:16 +02:00
Petr Lautrbach	6143dd987f	Ensure that dbus string param isn't null An alert's level can be None, but DBUS doesn't allow that for string parameters. Resolves: https://github.com/fedora-selinux/setroubleshoot/pull/27	2016-04-07 11:32:18 +02:00
Petr Lautrbach	89d148b7e2	setroubleshoot-3.3.5-1 - get_alert() DBUS API extended with more parameters - sedispatch uses a timeout when collecting audit events (#1322771) - Use correct packaging for byte compiled files (#1321047)	2016-04-04 21:16:54 +02:00
Petr Lautrbach	c964568ba8	Use correct packaging for byte compiled files setroubleshoot and setroubleshoot-server use same python directory. Therefore we need to list all byte compiled files in each sub-package. Resolves: rhbz#1321047	2016-03-27 23:09:57 +02:00
Petr Lautrbach	dafb5b6519	setroubleshoot-3.3.4 * Thu Feb 11 2016 Petr Lautrbach <plautrba@redhat.com> 3.3.4-1 - fixed traceback in SetroubleshootFixit.py (#1279396)	2016-02-11 14:00:58 +01:00
Fedora Release Engineering	94626bf95d	- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild	2016-02-04 23:53:10 +00:00
Petr Lautrbach	a265a5e810	Remove 3.3.2-1 changelog entry	2016-01-21 14:51:54 +01:00
Petr Lautrbach	c408ea6407	setroubleshoot-3.3.3-1 * Thu Jan 21 2016 Petr Lautrbach <plautrba@redhat.com> 3.3.3-1 - fixed few UI browser problems - extended DBUS API, see DBUS.md - import MIMEText from the right module (#1297111)	2016-01-21 14:49:31 +01:00
Petr Lautrbach	36ec75fd22	setroubleshoot-3.3.2-1	2016-01-21 14:49:28 +01:00
Peter Robinson	03a0683b83	- Rebuilt for https://fedoraproject.org/wiki/Changes/python3.5	2015-11-10 18:07:24 +00:00
Richard Hughes	1af0470727	Move the AppData file to the right subpackage so it gets used	2015-09-16 17:48:13 +01:00
Miroslav Grepl	91df1b8f65	* Fri Aug 28 2015 Michal Srb <msrb@redhat.com> - 3.3.1-0.2 - Sanitize requires for Python 3	2015-08-28 12:45:01 +02:00
				`@ -0,0 +1,2 @@`
				`type=AVC msg=audit(1575985388.869:225): avc: denied { read } for pid=1365 comm="systemd-user-ru" name="secrets" dev="tmpfs" ino=32249 scontext=system_u:system_r:container_logreader_t:s0 tcontext=system_u:object_r:shadow_t:s0:c446,c857 tclass=dir permissive=0`
				`@ -0,0 +1,2 @@`
				`type=AVC msg=audit(1596470053.831:306): avc: denied { unlink } for pid=6304 comm="fapolicyd" name="fapolicyd.pid" dev="tmpfs" ino=37446 scontext=system_u:system_r:fapolicyd_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=0`
				`@ -0,0 +1,2 @@`
				`type=AVC msg=audit(1582621541.469:6896): avc: denied { write } for pid=1627505 comm="python3" name="plautrba" dev="dm-4" ino=19529729 scontext=system_u:system_r:mysqld_t:s0 tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=dir permissive=1`
				`@ -0,0 +1,2 @@`
				`type=AVC msg=audit(1582801464.5:491): avc: denied { map } for pid=5100 comm="bash" path="/usr/bin/bash" dev="vda1" ino=1707663 scontext=system_u:system_r:usbguard_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1`