setroubleshoot-3.3.24-1

- Add 'fur' into shipped locales - Update translations - Log full reports with correct syslog identifier - Cancel pending alarm during AVC analyses
tests/Regression/Report-bugs: Add new test RPM
2020-10-13 10:10:10 +02:00 · 2020-08-05 18:05:15 +02:00 · 2020-08-01 09:02:16 +00:00 · 2020-07-29 10:35:09 +00:00 · 2020-07-14 14:08:30 +00:00 · 2020-05-27 13:59:07 +02:00
24 changed files with 10258 additions and 8 deletions
--- a/.gitignore
+++ b/.gitignore
@ -204,3 +204,8 @@ setroubleshoot-2.2.93.tar.gz
 /setroubleshoot-3.3.17.tar.gz
 /setroubleshoot-3.3.18.tar.gz
 /setroubleshoot-3.3.19.tar.gz
+/setroubleshoot-3.3.20.tar.gz
+/setroubleshoot-3.3.21.tar.gz
+/setroubleshoot-3.3.22.tar.gz
+/setroubleshoot-3.3.23.tar.gz
+/setroubleshoot-3.3.24.tar.gz
--- a/0001-framework-Update-translations.patch
+++ b/0001-framework-Update-translations.patch
--- a/setroubleshoot.spec
+++ b/setroubleshoot.spec
@ -3,20 +3,23 @@

 Summary: Helps troubleshoot SELinux problems
 Name: setroubleshoot
-Version: 3.3.19
+Version: 3.3.24
 Release: 1%{?dist}
 License: GPLv2+
 URL: https://pagure.io/setroubleshoot
 Source0: https://releases.pagure.org/setroubleshoot/%{name}-%{version}.tar.gz
 Source1: %{name}.tmpfiles
+# git format-patch -N setroubleshoot-3.3.24 -- framework
+# i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done
+Patch0001: 0001-framework-Update-translations.patch
 BuildRequires: gcc
 BuildRequires: libcap-ng-devel
 BuildRequires: intltool gettext python3 python3-devel
 BuildRequires: desktop-file-utils dbus-glib-devel gtk2-devel libnotify-devel audit-libs-devel libselinux-devel polkit-devel
 BuildRequires: python3-libselinux python3-pydbus python3-gobject gtk3-devel
-Requires: %{name}-server = %{version}-%{release} 
+Requires: %{name}-server = %{version}-%{release}
 Requires: gtk3, libnotify
-Requires: libreport-gtk >= 2.2.1-2, libreport-python3
+Requires: libreport-gtk >= 2.2.1-2, python3-libreport
 Requires: python3-gobject, python3-pydbus
 Requires(post): desktop-file-utils
 Requires(post): dbus
@ -62,11 +65,12 @@ to user preference. The same tools can be run on existing log files.
 %autosetup -p 2

 %build
+autoreconf -f
 %configure PYTHON=%{__python3} --enable-seappletlegacy=yes --with-auditpluginsdir=/etc/audit/plugins.d
 make

 %install
-make DESTDIR=%{buildroot} PREFIX=/usr install
+%make_install PREFIX=/usr
 desktop-file-install --vendor="" --dir=%{buildroot}%{_datadir}/applications %{buildroot}/%{_datadir}/applications/%{name}.desktop
 mkdir -p %{buildroot}%{pkgvardatadir}
 mkdir -p %{buildroot}%{_rundir}/setroubleshoot
@ -92,9 +96,9 @@ Requires: policycoreutils-python-utils
 BuildRequires: intltool gettext python3
 BuildRequires: python3-devel
 Requires: python3-slip-dbus systemd-python3 >= 206-1
-Requires: python3-gobject >= 3.11
+Requires: python3-gobject-base >= 3.11
 Requires: dbus
-Requires: python3-dbus
+Requires: python3-dbus python3-pydbus
 Requires: polkit
 Requires(pre): /usr/sbin/useradd /usr/sbin/groupadd

@ -162,17 +166,20 @@ chown -R setroubleshoot:setroubleshoot %{pkgvardatadir}
 %{pkgpythondir}/__pycache__/xml_serialize.cpython*
 %dir %{pkgdatadir}
 %{pkgdatadir}/SetroubleshootFixit.py
-%{pkgdatadir}/updater.py
+%{pkgdatadir}/SetroubleshootPrivileged.py
 %config(noreplace) %{pkgconfigdir}/%{name}.conf
 %config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.fedoraproject.Setroubleshootd.conf
+%config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.fedoraproject.SetroubleshootPrivileged.conf
 %attr(0700,setroubleshoot,setroubleshoot) %dir %{pkgvardatadir}
 %ghost %attr(0600,setroubleshoot,setroubleshoot) %{pkgdatabase}
 %ghost %attr(0644,setroubleshoot,setroubleshoot) %{pkgvardatadir}/email_alert_recipients
+%{_mandir}/man1/seapplet.1.gz
 %{_mandir}/man8/sealert.8.gz
 %{_mandir}/man8/sedispatch.8.gz
 %{_mandir}/man8/setroubleshootd.8.gz
 %config /etc/audit/plugins.d/sedispatch.conf
 %{_datadir}/dbus-1/system-services/org.fedoraproject.Setroubleshootd.service
+%{_datadir}/dbus-1/system-services/org.fedoraproject.SetroubleshootPrivileged.service
 %{_datadir}/polkit-1/actions/org.fedoraproject.setroubleshootfixit.policy
 %config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.fedoraproject.SetroubleshootFixit.conf
 %{_datadir}/dbus-1/system-services/org.fedoraproject.SetroubleshootFixit.service
@ -193,6 +200,79 @@ SELinux troubleshoot legacy applet
 %{_bindir}/seappletlegacy

 %changelog
+* Tue Oct 13 2020 Petr Lautrbach <plautrba@redhat.com> - 3.3.24-1
+ - Add 'fur' into shipped locales
+ - Update translations
+ - Log full reports with correct syslog identifier
+ - Cancel pending alarm during AVC analyses
+
+* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.23-5
+- Second attempt - Rebuilt for
+  https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.23-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue Jul 14 2020 Tom Stellard <tstellar@redhat.com> - 3.3.23-3
+- Use make macros
+- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
+
+* Tue May 26 2020 Miro Hrončok <mhroncok@redhat.com> - 3.3.23-2
+- Rebuilt for Python 3.9
+
+* Tue Apr 21 2020 Vit Mojzis <vmojzis@redhat.com> - 3.3.23-1
+- browser: Check return value of Gdk.Screen().get_default()
+- Improve and unify error messages
+- setroubleshoot.util: Catch exceptions from sepolicy import
+- Add dpkg support
+- Do not refer to hardcoded selinux-policy rpm in signature
+- Make date/time format locale specific
+- Improve speed of plugin evaluation
+
+* Wed Mar  4 2020 Petr Lautrbach <plautrba@redhat.com> - 3.3.22-6
+- Do not try to report a bug on None package (#1809801)
+
+* Fri Feb 28 2020 Petr Lautrbach <plautrba@redhat.com> - 3.3.22-5
+- root user doesn't need to use SetroubleshootPrivileged API
+
+* Thu Feb 27 2020 Petr Lautrbach <plautrba@redhat.com> - 3.3.22-4
+- sealert to report a bug on a package which owns the related SELinux domain
+  https://pagure.io/setroubleshoot/issue/18
+
+* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.22-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Sat Jan 11 2020 Petr Lautrbach <plautrba@redhat.com> - 3.3.22-2
+- Log plugin exception traceback when log level is DEBUG
+- sepolicy.info() returns a generator, not a list (#1784564)
+
+* Thu Jan  2 2020 Petr Lautrbach <plautrba@redhat.com> - 3.3.22-1
+- sepolicy.info() returns a generator, not a list (#1784564)
+
+* Wed Dec 11 2019 Vit Mojzis <vmojzis@redhat.com> - 3.3.21-1
+- Fix AVC.__typeMatch to handle aliases properly
+- Handle sockets with abstract path properly (#1775135)
+
+* Thu Oct 03 2019 Miro Hrončok <mhroncok@redhat.com> - 3.3.20-4
+- Rebuilt for Python 3.8.0rc1 (#1748018)
+
+* Tue Aug 27 2019 Petr Lautrbach <plautrba@redhat.com> - 3.3.20-3
+- Use dbus.mainloop.glib.DBusGMainLoop() instead of dbus.glib
+
+* Mon Aug 19 2019 Miro Hrončok <mhroncok@redhat.com> - 3.3.20-2
+- Rebuilt for Python 3.8
+
+* Wed Jul 17 2019 Vit Mojzis <vmojzis@redhat.com> - 3.3.20-1
+- Update "missing" scripts to automake-1.15
+- Add active polling for acquiring policy file
+- Fix translation of hex values in AVCs
+- require initscripts to ensure that "service" call works properly
+- Add man page for seapplet
+- setroubleshoot-server: only require gobject-base
+
+* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.19-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
 * Sat Dec  8 2018 Petr Lautrbach <plautrba@redhat.com> - 3.3.19-1
 - Require plugins >= 3.3.10

--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (setroubleshoot-3.3.19.tar.gz) = e012f9c0011fd682394232c9297e01710a389cc4bbae11193f75780c96a99451d7d8a77080a7d4686525ca8b8bbc6332991b7b06a282345d2baba64bab9beb24
+SHA512 (setroubleshoot-3.3.24.tar.gz) = ba96206fe135a719b685c825a69ebf7f9f6d99c6a24fb135763da9cee5ad14b1afdca5da1465374d327eb51ff830727a20b79ec51902e50f2e790661c63c0a0d
--- a/tests/Regression/Report-bugs-on-corresponding-components/Makefile
+++ b/tests/Regression/Report-bugs-on-corresponding-components/Makefile
@ -0,0 +1,68 @@
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Makefile of /CoreOS/setroubleshoot/Regression/Report-bugs-on-corresponding-components
+#   Description: Can sealert identify source RPM of AVC domain type?
+#   Author: Vit Mojzis <vmojzis@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2020 Red Hat, Inc.
+#
+#   This program is free software: you can redistribute it and/or
+#   modify it under the terms of the GNU General Public License as
+#   published by the Free Software Foundation, either version 2 of
+#   the License, or (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE.  See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program. If not, see http://www.gnu.org/licenses/.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+export TEST=/CoreOS/setroubleshoot/Regression/Report-bugs-on-corresponding-components
+export TESTVERSION=1.0
+
+# Policy packages to be used in testing
+# The followng export does not work properly in Fedora CI - relying on fallback in runtest.sh
+# export TEST_PACKAGES ?= flatpak-selinux tpm2-abrmd-selinux container-selinux usbguard-selinux mysql-selinux
+
+BUILT_FILES=
+
+FILES=$(METADATA) runtest.sh Makefile avc_flatpak-selinux avc_tpm2-abrmd-selinux avc_container-selinux avc_usbguard-selinux avc_mysql-selinux avc_fapolicyd-selinux
+
+.PHONY: all install download clean
+
+run: $(FILES) build
+	./runtest.sh
+
+build: $(BUILT_FILES)
+	test -x runtest.sh || chmod a+x runtest.sh
+
+clean:
+	rm -f *~ $(BUILT_FILES)
+
+include /usr/share/rhts/lib/rhts-make.include
+
+$(METADATA): Makefile
+	@echo "Owner:           Vit Mojzis <vmojzis@redhat.com>" > $(METADATA)
+	@echo "Name:            $(TEST)" >> $(METADATA)
+	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
+	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
+	@echo "Description:     Test for BZ#1811644 (Let setroubleshoot to report bugs on components)" >> $(METADATA)
+	@echo "Type:            Regression" >> $(METADATA)
+	@echo "TestTime:        5m" >> $(METADATA)
+	@echo "RunFor:          setroubleshoot" >> $(METADATA)
+	@echo "Requires:        setroubleshoot-server flatpak-selinux tpm2-abrmd-selinux container-selinux usbguard-selinux mysql-selinux fapolicyd-selinux" >> $(METADATA)
+	@echo "Requires:        $(TEST_PACKAGES)" >> $(METADATA)
+	@echo "Priority:        Normal" >> $(METADATA)
+	@echo "License:         GPLv2+" >> $(METADATA)
+	@echo "Confidential:    no" >> $(METADATA)
+	@echo "Destructive:     no" >> $(METADATA)
+	@echo "Bug:             1811644" >> $(METADATA)
+	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5 -RHEL6 -RHEL7 -RHEL7" >> $(METADATA)
+
+	rhts-lint $(METADATA)
--- a/tests/Regression/Report-bugs-on-corresponding-components/avc_container-selinux
+++ b/tests/Regression/Report-bugs-on-corresponding-components/avc_container-selinux
@ -0,0 +1,2 @@
+type=AVC msg=audit(1575985388.869:225): avc:  denied  { read } for  pid=1365 comm="systemd-user-ru" name="secrets" dev="tmpfs" ino=32249 scontext=system_u:system_r:container_logreader_t:s0 tcontext=system_u:object_r:shadow_t:s0:c446,c857 tclass=dir permissive=0
+
--- a/tests/Regression/Report-bugs-on-corresponding-components/avc_fapolicyd-selinux
+++ b/tests/Regression/Report-bugs-on-corresponding-components/avc_fapolicyd-selinux
@ -0,0 +1,2 @@
+type=AVC msg=audit(1596470053.831:306): avc:  denied  { unlink } for  pid=6304 comm="fapolicyd" name="fapolicyd.pid" dev="tmpfs" ino=37446 scontext=system_u:system_r:fapolicyd_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=0
+
--- a/tests/Regression/Report-bugs-on-corresponding-components/avc_flatpak-selinux
+++ b/tests/Regression/Report-bugs-on-corresponding-components/avc_flatpak-selinux
@ -0,0 +1,2 @@
+type=AVC msg=audit(1575985388.869:225): avc:  denied  { connect } for  pid=1365 comm="systemd-user-ru" name="secrets" dev="tmpfs" ino=32249 scontext=system_u:system_r:flatpak_helper_t:s0 tcontext=system_u:object_r:shadow_t:s0:c446,c857 tclass=socket permissive=0
+
--- a/tests/Regression/Report-bugs-on-corresponding-components/avc_mysql-selinux
+++ b/tests/Regression/Report-bugs-on-corresponding-components/avc_mysql-selinux
@ -0,0 +1,2 @@
+type=AVC msg=audit(1582621541.469:6896): avc:  denied  { write } for pid=1627505 comm="python3" name="plautrba" dev="dm-4" ino=19529729 scontext=system_u:system_r:mysqld_t:s0 tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=dir permissive=1
+
--- a/tests/Regression/Report-bugs-on-corresponding-components/avc_tpm2-abrmd-selinux
+++ b/tests/Regression/Report-bugs-on-corresponding-components/avc_tpm2-abrmd-selinux
@ -0,0 +1,2 @@
+type=AVC msg=audit(1575985388.869:225): avc:  denied  { connect } for  pid=1365 comm="systemd-user-ru" name="secrets" dev="tmpfs" ino=32249 scontext=system_u:system_r:tabrmd_t:s0 tcontext=system_u:object_r:shadow_t:s0:c446,c857 tclass=socket permissive=0
+
--- a/tests/Regression/Report-bugs-on-corresponding-components/avc_usbguard-selinux
+++ b/tests/Regression/Report-bugs-on-corresponding-components/avc_usbguard-selinux
@ -0,0 +1,2 @@
+type=AVC msg=audit(1582801464.5:491): avc:  denied  { map } for  pid=5100 comm="bash" path="/usr/bin/bash" dev="vda1" ino=1707663 scontext=system_u:system_r:usbguard_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1
+
--- a/tests/Regression/Report-bugs-on-corresponding-components/runtest.sh
+++ b/tests/Regression/Report-bugs-on-corresponding-components/runtest.sh
@ -0,0 +1,79 @@
+#!/bin/bash
+# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/setroubleshoot/Regression/Report-bugs-on-corresponding-components
+#   Description: Can sealert identify source RPM of AVC domain type?
+#   Author: Vit Mojzis <vmojzis@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2020 Red Hat, Inc.
+#
+#   This program is free software: you can redistribute it and/or
+#   modify it under the terms of the GNU General Public License as
+#   published by the Free Software Foundation, either version 2 of
+#   the License, or (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE.  See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program. If not, see http://www.gnu.org/licenses/.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include Beaker environment
+. /usr/bin/rhts-environment.sh || exit 1
+. /usr/share/beakerlib/beakerlib.sh || exit 1
+
+PACKAGE="setroubleshoot"
+
+if [ -z "${TEST_PACKAGES+set}" ];
+then PACKAGES=(flatpak-selinux tpm2-abrmd-selinux container-selinux usbguard-selinux mysql-selinux fapolicyd-selinux)
+else PACKAGES=(${TEST_PACKAGES[@]})
+fi
+
+#corresponding module names
+#MODULES=(flatpak tabrmd     container usbguard mysql)
+
+# <rpm package> - <selinux module> - <domain type>
+# flatpak-selinux - flatpak - flatpak_helper_t
+# tpm2-abrmd-selinux - tabrmd - tabrmd_t
+# container-selinux - container - docker_t
+# usbguard-selinux - usbguard - usbguard_t      -- fedora only
+# mysql-selinux - mysql - mysql_t              -- fedora only
+
+
+rlJournalStart
+    rlPhaseStartSetup
+        rlAssertRpm $PACKAGE
+        OUTPUT_FILE=`mktemp`
+        # Package installation is handled by Makefile for now
+        # install availlable policy packages
+        # for RPM in ${PACKAGES[@]};
+        # do
+        #     sudo dnf install -y ${RPM} || continue
+        # done
+    rlPhaseEnd
+
+    rlPhaseStartTest
+        for RPM in ${PACKAGES[@]};
+        do
+            # run only for policies that are installed
+            rpm -q ${RPM} >& /dev/null
+            if [ $? -ne 0 ]; then echo "${RPM} not installed! Skipping.";  continue; fi
+            rlRun "sealert -a ./avc_${RPM} 2>&1 | tee ${OUTPUT_FILE} | grep \"Local Policy RPM\""
+            if [ $? -ne 0 ]; then cat ${OUTPUT_FILE}; fi
+            # test if correct rpm was identified
+            rlRun "grep -i \"Local Policy RPM\" ${OUTPUT_FILE} | grep \"$RPM\S*$\" -o"
+        done
+    rlPhaseEnd
+
+    rlPhaseStartCleanup
+        rm -f ${OUTPUT_FILE}
+    rlPhaseEnd
+rlJournalPrintText
+rlJournalEnd
--- a/tests/Regression/embedded-null-byte-in-audit-records/audit.log
+++ b/tests/Regression/embedded-null-byte-in-audit-records/audit.log
@ -0,0 +1,657 @@
+type=USER_END msg=audit(1574410625.429:1286): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574410625.430:1287): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574410625.686:1288): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_START msg=audit(1574410625.687:1289): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410625.688:1290): pid=10314 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10314 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410625.688:1291): pid=10314 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10314 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410625.688:1292): pid=10314 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10314 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574410625.689:1293): pid=10314 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_END msg=audit(1574410626.111:1294): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574410626.112:1295): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574410626.349:1296): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_START msg=audit(1574410626.351:1297): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410626.352:1298): pid=10327 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10327 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410626.352:1299): pid=10327 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10327 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410626.352:1300): pid=10327 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10327 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574410626.353:1301): pid=10327 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_END msg=audit(1574410626.763:1302): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574410626.764:1303): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574410627.020:1304): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_START msg=audit(1574410627.021:1305): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410627.023:1306): pid=10334 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10334 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410627.023:1307): pid=10334 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10334 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410627.023:1308): pid=10334 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10334 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574410627.024:1309): pid=10334 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=FS_RELABEL msg=audit(1574410638.448:1310): pid=10341 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=mass relabel exe="/usr/sbin/setfiles" hostname=? addr=? terminal=? res=success'
+type=USER_END msg=audit(1574410638.793:1311): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574410638.794:1312): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574410639.119:1313): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_START msg=audit(1574410639.120:1314): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410639.121:1315): pid=10343 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10343 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410639.121:1316): pid=10343 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10343 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410639.121:1317): pid=10343 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10343 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574410639.123:1318): pid=10343 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_END msg=audit(1574410639.854:1319): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574410639.855:1320): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574410640.278:1321): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_START msg=audit(1574410640.279:1322): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410640.280:1323): pid=10350 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10350 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410640.280:1324): pid=10350 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10350 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410640.280:1325): pid=10350 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10350 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574410640.281:1326): pid=10350 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_END msg=audit(1574410640.699:1327): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574410640.700:1328): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574410640.964:1329): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_START msg=audit(1574410640.965:1330): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410640.967:1331): pid=10357 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10357 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410640.967:1332): pid=10357 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10357 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410640.967:1333): pid=10357 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10357 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574410640.968:1334): pid=10357 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_END msg=audit(1574410641.402:1335): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574410641.403:1336): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574410641.668:1337): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_START msg=audit(1574410641.670:1338): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410641.671:1339): pid=10364 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10364 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410641.671:1340): pid=10364 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10364 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410641.671:1341): pid=10364 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10364 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574410641.672:1342): pid=10364 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_END msg=audit(1574410642.088:1343): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574410642.089:1344): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574410642.378:1345): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_START msg=audit(1574410642.379:1346): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410642.380:1347): pid=10371 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10371 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410642.380:1348): pid=10371 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10371 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410642.380:1349): pid=10371 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10371 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574410642.381:1350): pid=10371 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_END msg=audit(1574410642.798:1351): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574410642.799:1352): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574410643.576:1353): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_START msg=audit(1574410643.577:1354): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410643.578:1355): pid=10378 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10378 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410643.578:1356): pid=10378 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10378 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410643.578:1357): pid=10378 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10378 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574410643.580:1358): pid=10378 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=SERVICE_START msg=audit(1574410644.001:1359): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-shutdownd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=USER_END msg=audit(1574410644.178:1360): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574410644.178:1361): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
+type=SERVICE_START msg=audit(1574410704.009:1362): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhel-dmesg comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.009:1363): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhel-dmesg comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410704.044:1364): pid=796 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=796 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410704.044:1365): pid=796 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=796 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574410704.044:1366): pid=796 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=796 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.081:1367): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=crond comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.081:1368): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=crond comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.082:1369): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=polkit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.082:1370): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=polkit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.083:1371): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=chronyd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.083:1372): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=chronyd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.085:1373): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=serial-getty@ttyS0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.085:1374): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=serial-getty@ttyS0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.088:1375): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=getty@tty1 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.088:1376): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=getty@tty1 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.089:1377): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rsyslog comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.089:1378): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rsyslog comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.090:1379): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sshd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.090:1380): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sshd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.097:1381): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhsmcertd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.097:1382): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhsmcertd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.110:1383): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sshd-keygen comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.110:1384): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sshd-keygen comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.116:1385): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-logind comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.116:1386): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-logind comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.128:1387): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-user-sessions comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.128:1388): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-user-sessions comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.187:1389): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=plymouth-poweroff comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.213:1390): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=postfix comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.213:1391): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=postfix comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.356:1392): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhnsd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.356:1393): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhnsd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.360:1394): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=tuned comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.360:1395): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=tuned comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.702:1396): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=network comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.702:1397): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=network comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.703:1398): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-wait-online comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.703:1399): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-wait-online comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.714:1400): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.714:1401): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.718:1402): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=dbus comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.719:1403): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=dbus comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.724:1404): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhel-domainname comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.724:1405): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhel-domainname comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.725:1406): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=selinux-policy-migrate-local-changes@targeted comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.725:1407): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=selinux-policy-migrate-local-changes@targeted comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.726:1408): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-vconsole-setup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.726:1409): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-vconsole-setup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.727:1410): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-done comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.727:1411): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-done comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.727:1412): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-journal-catalog-update comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.727:1413): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-journal-catalog-update comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.729:1414): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hwdb-update comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.729:1415): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hwdb-update comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.732:1416): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-sysctl comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.732:1417): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-sysctl comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SYSTEM_SHUTDOWN msg=audit(1574410704.735:1418): pid=10553 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="systemd-update-utmp" exe="/usr/lib/systemd/systemd-update-utmp" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.739:1419): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-random-seed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.739:1420): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-random-seed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574410704.740:1421): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-utmp comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574410704.740:1422): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-utmp comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=DAEMON_END msg=audit(1574410704.743:1004): op=terminate auid=0 pid=1 subj=system_u:system_r:init_t:s0 res=success
+type=DAEMON_START msg=audit(1574672213.672:5618): op=start ver=2.8.5 format=raw kernel=3.10.0-1111.el7.x86_64 auid=4294967295 pid=440 uid=0 ses=4294967295 subj=system_u:system_r:auditd_t:s0 res=success
+type=CONFIG_CHANGE msg=audit(1574672213.892:5): audit_backlog_limit=8192 old=64 auid=4294967295 ses=4294967295 subj=system_u:system_r:unconfined_service_t:s0 res=1
+type=CONFIG_CHANGE msg=audit(1574672213.892:6): audit_failure=1 old=1 auid=4294967295 ses=4294967295 subj=system_u:system_r:unconfined_service_t:s0 res=1
+type=SERVICE_START msg=audit(1574672213.898:7): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=auditd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SYSTEM_BOOT msg=audit(1574672213.918:8): pid=503 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="systemd-update-utmp" exe="/usr/lib/systemd/systemd-update-utmp" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672213.923:9): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-utmp comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672213.943:10): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=irqbalance comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672214.034:11): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=dbus comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672214.045:12): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rngd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672214.072:13): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rpcbind comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574672214.076:14): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=irqbalance comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672214.089:15): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=gssproxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672214.102:16): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhel-dmesg comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672214.162:17): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-logind comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672214.195:18): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=chronyd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672214.206:19): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=polkit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672215.255:20): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=cloud-init-local comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672215.327:21): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672215.436:22): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672215.465:23): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672215.742:24): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-wait-online comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672216.407:25): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=network comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672216.448:26): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhsmcertd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672216.471:27): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=restraintd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672217.742:28): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=tuned comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672217.985:29): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=postfix comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.213:30): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=cloud-init comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.263:31): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-user-sessions comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.274:32): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=crond comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.355:33): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=plymouth-start comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574672218.355:34): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=plymouth-start comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.368:35): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rpc-statd-notify comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574672218.368:36): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rpc-statd-notify comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.369:37): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=plymouth-quit-wait comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574672218.369:38): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=plymouth-quit-wait comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.370:39): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=plymouth-quit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574672218.370:40): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=plymouth-quit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.372:41): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=getty@tty1 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.373:42): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=serial-getty@ttyS0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.412:43): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sshd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.445:44): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rsyslog comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.654:45): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhnsd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SYSTEM_RUNLEVEL msg=audit(1574672218.706:46): pid=1158 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='old-level=N new-level=3 comm="systemd-update-utmp" exe="/usr/lib/systemd/systemd-update-utmp" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672218.709:47): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-utmp-runlevel comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574672218.709:48): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-utmp-runlevel comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672219.065:49): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=cloud-config comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672219.376:50): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=cloud-final comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672219.496:51): pid=1310 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=1310 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672219.496:52): pid=1310 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=1310 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672219.496:53): pid=1310 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=1310 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574672219.603:54): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=1310 suid=74 rport=57270 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574672219.603:55): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=1310 suid=74 rport=57270 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=USER_AUTH msg=audit(1574672220.227:56): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth rport=57270 acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=USER_AUTH msg=audit(1574672220.227:57): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=key algo=ssh-rsa size=2048 fp=SHA256:f6:3d:5b:97:0b:77:c1:ca:d1:88:66:19:43:b6:46:bb:d6:b1:9b:77:03:92:51:fa:ff:3e:1c:f8:47:bc:0b:31 rport=57270 acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=USER_ACCT msg=audit(1574672220.242:58): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672220.246:59): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=1310 suid=74 rport=57270 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=USER_AUTH msg=audit(1574672220.248:60): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=ssh res=success'
+type=CRED_ACQ msg=audit(1574672220.252:61): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=LOGIN msg=audit(1574672220.253:62): pid=1305 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=1 res=1
+type=USER_ROLE_CHANGE msg=audit(1574672220.426:63): pid=1305 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_START msg=audit(1574672220.470:64): pid=1305 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574672220.739:65): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_START msg=audit(1574672220.741:66): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672220.743:67): pid=1895 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=1895 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672220.744:68): pid=1895 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=1895 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672220.744:69): pid=1895 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=1895 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574672220.746:70): pid=1895 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_END msg=audit(1574672220.910:71): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRED_DISP msg=audit(1574672220.911:72): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_END msg=audit(1574672220.913:73): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574672220.915:74): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672220.915:75): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=1305 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672220.915:76): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=1305 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672220.915:77): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=1305 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672220.915:78): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=1305 suid=0 rport=57270 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.181:79): pid=2142 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2142 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.181:80): pid=2142 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2142 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.181:81): pid=2142 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2142 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574672221.282:82): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2142 suid=74 rport=57302 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574672221.282:83): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2142 suid=74 rport=57302 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.557:84): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2142 suid=74  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.557:85): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=2142 suid=74 rport=57302 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.560:86): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2097 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.560:87): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2097 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.560:88): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2097 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=USER_LOGIN msg=audit(1574672221.560:89): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=ssh res=failed'
+type=CRYPTO_KEY_USER msg=audit(1574672221.579:90): pid=2156 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2156 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.579:91): pid=2156 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2156 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.579:92): pid=2156 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2156 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574672221.675:93): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2156 suid=74 rport=57300 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574672221.675:94): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2156 suid=74 rport=57300 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.943:95): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2156 suid=74  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.943:96): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=2156 suid=74 rport=57300 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.944:97): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2098 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.944:98): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2098 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.944:99): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2098 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=USER_LOGIN msg=audit(1574672221.945:100): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=ssh res=failed'
+type=CRYPTO_KEY_USER msg=audit(1574672221.960:101): pid=2165 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2165 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.960:102): pid=2165 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2165 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672221.960:103): pid=2165 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2165 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574672222.056:104): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2165 suid=74 rport=57304 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574672222.056:105): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2165 suid=74 rport=57304 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672222.337:106): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2165 suid=74  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672222.337:107): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=2165 suid=74 rport=57304 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672222.339:108): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2099 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672222.339:109): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2099 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672222.339:110): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2099 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=USER_LOGIN msg=audit(1574672222.339:111): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=ssh res=failed'
+type=CRYPTO_KEY_USER msg=audit(1574672222.480:112): pid=2266 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2266 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672222.480:113): pid=2266 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2266 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672222.480:114): pid=2266 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2266 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574672222.594:115): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2266 suid=74 rport=57312 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574672222.594:116): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2266 suid=74 rport=57312 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=USER_AUTH msg=audit(1574672223.224:117): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth rport=57312 acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=USER_AUTH msg=audit(1574672223.224:118): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=key algo=ssh-rsa size=2048 fp=SHA256:f6:3d:5b:97:0b:77:c1:ca:d1:88:66:19:43:b6:46:bb:d6:b1:9b:77:03:92:51:fa:ff:3e:1c:f8:47:bc:0b:31 rport=57312 acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=USER_ACCT msg=audit(1574672223.234:119): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672223.235:120): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=2266 suid=74 rport=57312 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=USER_AUTH msg=audit(1574672223.237:121): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=ssh res=success'
+type=CRED_ACQ msg=audit(1574672223.240:122): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=LOGIN msg=audit(1574672223.240:123): pid=2262 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=2 res=1
+type=USER_ROLE_CHANGE msg=audit(1574672223.405:124): pid=2262 uid=0 auid=0 ses=2 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_START msg=audit(1574672223.453:125): pid=2262 uid=0 auid=0 ses=2 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574672223.683:126): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_START msg=audit(1574672223.685:127): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672223.704:128): pid=2558 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2558 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672223.704:129): pid=2558 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2558 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672223.704:130): pid=2558 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2558 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574672223.711:131): pid=2558 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_END msg=audit(1574672223.892:132): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574672223.893:133): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574672224.017:134): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_START msg=audit(1574672224.018:135): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672224.023:136): pid=2586 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2586 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672224.023:137): pid=2586 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2586 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672224.023:138): pid=2586 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2586 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574672224.024:139): pid=2586 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_END msg=audit(1574672224.589:140): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574672224.589:141): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574672224.713:142): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_START msg=audit(1574672224.714:143): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672224.715:144): pid=2785 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2785 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672224.715:145): pid=2785 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2785 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672224.715:146): pid=2785 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2785 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574672224.721:147): pid=2785 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_END msg=audit(1574672224.881:148): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574672224.882:149): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574672225.004:150): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_START msg=audit(1574672225.006:151): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672225.013:152): pid=2897 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2897 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672225.013:153): pid=2897 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2897 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672225.013:154): pid=2897 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2897 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574672225.015:155): pid=2897 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_END msg=audit(1574672225.346:156): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574672225.347:157): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574672225.473:158): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_START msg=audit(1574672225.475:159): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672225.479:160): pid=3006 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=3006 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672225.479:161): pid=3006 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=3006 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672225.479:162): pid=3006 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=3006 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574672225.480:163): pid=3006 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_END msg=audit(1574672225.628:164): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574672225.629:165): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574672225.755:166): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_START msg=audit(1574672225.756:167): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672225.768:168): pid=3070 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=3070 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672225.768:169): pid=3070 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=3070 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672225.768:170): pid=3070 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=3070 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574672225.770:171): pid=3070 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_END msg=audit(1574672226.329:172): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574672226.331:173): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=USER_END msg=audit(1574672226.353:174): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRED_DISP msg=audit(1574672226.357:175): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672226.357:176): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=2262 suid=0 rport=57312 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672226.357:177): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2262 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672226.357:178): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2262 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574672226.357:179): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2262 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574672236.042:180): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574672240.878:181): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=kdump comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574672255.229:182): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=USER_ACCT msg=audit(1574672462.013:183): pid=8783 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_localuser acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=CRED_ACQ msg=audit(1574672462.013:184): pid=8783 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=LOGIN msg=audit(1574672462.014:185): pid=8783 uid=0 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=3 res=1
+type=USER_START msg=audit(1574672462.041:186): pid=8783 uid=0 auid=0 ses=3 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_loginuid,pam_keyinit,pam_limits,pam_systemd acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=CRED_REFR msg=audit(1574672462.042:187): pid=8783 uid=0 auid=0 ses=3 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=CRED_DISP msg=audit(1574672462.080:188): pid=8783 uid=0 auid=0 ses=3 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=USER_END msg=audit(1574672462.082:189): pid=8783 uid=0 auid=0 ses=3 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_loginuid,pam_keyinit,pam_limits,pam_systemd acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=SERVICE_START msg=audit(1574673147.110:190): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-tmpfiles-clean comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_STOP msg=audit(1574673147.110:191): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-tmpfiles-clean comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674924.305:192): pid=21112 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21112 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674924.305:193): pid=21112 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21112 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674924.305:194): pid=21112 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21112 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574674924.416:195): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=21112 suid=74 rport=43828 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574674924.417:196): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=21112 suid=74 rport=43828 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674924.931:197): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21112 suid=74  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674924.931:198): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21112 suid=74 rport=43828 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674924.934:199): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21111 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674924.935:200): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21111 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674924.935:201): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21111 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=USER_LOGIN msg=audit(1574674924.935:202): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
+type=CRYPTO_KEY_USER msg=audit(1574674924.941:203): pid=21113 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21113 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674924.941:204): pid=21113 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21113 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674924.941:205): pid=21113 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21113 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574674925.044:206): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=21113 suid=74 rport=43832 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574674925.044:207): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=21113 suid=74 rport=43832 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.452:208): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21113 suid=74  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.452:209): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21113 suid=74 rport=43832 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.453:210): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21110 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.453:211): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21110 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.453:212): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21110 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=USER_LOGIN msg=audit(1574674925.454:213): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
+type=CRYPTO_KEY_USER msg=audit(1574674925.456:214): pid=21114 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21114 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.456:215): pid=21114 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21114 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.456:216): pid=21114 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21114 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574674925.660:217): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=21114 suid=74 rport=43830 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574674925.660:218): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=21114 suid=74 rport=43830 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.987:219): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21114 suid=74  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.987:220): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21114 suid=74 rport=43830 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.988:221): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21109 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.988:222): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21109 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674925.988:223): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21109 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=USER_LOGIN msg=audit(1574674925.988:224): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
+type=CRYPTO_KEY_USER msg=audit(1574674926.175:225): pid=21116 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21116 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674926.175:226): pid=21116 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21116 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674926.175:227): pid=21116 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21116 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574674926.291:228): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21116 suid=74 rport=43838 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574674926.291:229): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21116 suid=74 rport=43838 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574674926.933:230): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth rport=43838 acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574674926.933:231): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=key algo=ssh-rsa size=2048 fp=SHA256:f6:3d:5b:97:0b:77:c1:ca:d1:88:66:19:43:b6:46:bb:d6:b1:9b:77:03:92:51:fa:ff:3e:1c:f8:47:bc:0b:31 rport=43838 acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_ACCT msg=audit(1574674926.940:232): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674926.941:233): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21116 suid=74 rport=43838 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574674926.942:234): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=success'
+type=CRED_ACQ msg=audit(1574674926.943:235): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=LOGIN msg=audit(1574674926.943:236): pid=21115 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=4 res=1
+type=USER_ROLE_CHANGE msg=audit(1574674927.057:237): pid=21115 uid=0 auid=0 ses=4 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674927.082:238): pid=21115 uid=0 auid=0 ses=4 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574674927.439:239): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674927.440:240): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674927.443:241): pid=21118 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21118 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674927.443:242): pid=21118 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21118 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674927.443:243): pid=21118 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21118 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674927.445:244): pid=21118 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574674927.645:245): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674927.646:246): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574674927.775:247): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674927.776:248): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674927.777:249): pid=21123 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21123 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674927.777:250): pid=21123 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21123 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674927.777:251): pid=21123 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21123 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674927.778:252): pid=21123 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574674928.585:253): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674928.586:254): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574674928.794:255): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674928.795:256): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674928.796:257): pid=21129 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21129 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674928.796:258): pid=21129 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21129 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674928.796:259): pid=21129 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21129 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674928.797:260): pid=21129 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574674928.920:261): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674928.921:262): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574674929.108:263): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674929.109:264): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674929.110:265): pid=21134 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21134 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674929.110:266): pid=21134 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21134 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674929.110:267): pid=21134 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21134 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674929.111:268): pid=21134 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=SERVICE_START msg=audit(1574674929.221:269): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=USER_END msg=audit(1574674929.343:270): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674929.344:271): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574674929.463:272): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674929.464:273): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674929.465:274): pid=21144 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21144 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674929.465:275): pid=21144 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21144 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674929.465:276): pid=21144 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21144 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674929.467:277): pid=21144 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574674929.590:278): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674929.591:279): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574674929.711:280): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674929.712:281): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674929.713:282): pid=21149 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21149 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674929.713:283): pid=21149 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21149 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674929.713:284): pid=21149 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21149 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674929.714:285): pid=21149 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574674932.341:286): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674932.342:287): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574674932.471:288): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674932.472:289): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674932.473:290): pid=21192 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21192 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674932.473:291): pid=21192 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21192 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674932.473:292): pid=21192 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21192 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674932.474:293): pid=21192 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574674932.659:294): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674932.660:295): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574674932.867:296): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674932.868:297): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674932.869:298): pid=21197 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21197 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674932.869:299): pid=21197 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21197 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674932.869:300): pid=21197 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21197 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674932.870:301): pid=21197 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574674933.076:302): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674933.077:303): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574674933.285:304): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674933.286:305): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674933.287:306): pid=21206 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21206 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674933.287:307): pid=21206 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21206 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674933.287:308): pid=21206 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21206 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674933.288:309): pid=21206 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574674933.494:310): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674933.495:311): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574674933.703:312): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674933.704:313): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674933.705:314): pid=21211 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21211 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674933.705:315): pid=21211 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21211 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674933.705:316): pid=21211 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21211 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674933.707:317): pid=21211 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574674933.912:318): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674933.913:319): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=SERVICE_STOP msg=audit(1574674959.253:320): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=USER_LOGIN msg=audit(1574674986.024:321): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574674986.025:322): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674986.026:323): pid=21220 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21220 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674986.026:324): pid=21220 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21220 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674986.026:325): pid=21220 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21220 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574674986.028:326): pid=21220 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574674986.165:327): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574674986.166:328): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674986.328:329): pid=21225 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21225 suid=0  exe="/usr/sbin/sshd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674986.328:330): pid=21225 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21225 suid=0  exe="/usr/sbin/sshd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=CRYPTO_KEY_USER msg=audit(1574674986.328:331): pid=21225 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21225 suid=0  exe="/usr/sbin/sshd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=USER_LOGIN msg=audit(1574674986.330:332): pid=21225 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/0 res=success'
+type=USER_START msg=audit(1574674986.330:333): pid=21225 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/0 res=success'
+type=CRED_REFR msg=audit(1574674986.331:334): pid=21225 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=SOFTWARE_UPDATE msg=audit(1574675011.281:335): pid=21251 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='sw="libconfig-1.4.9-5.el7.x86_64" sw_type=rpm key_enforce=0 gpg_res=0 root_dir="/" comm="yum" exe="/usr/bin/python2.7" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=SOFTWARE_UPDATE msg=audit(1574675012.831:336): pid=21251 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='sw="lldpad-1.0.1-5.git036e314.el7.x86_64" sw_type=rpm key_enforce=0 gpg_res=0 root_dir="/" comm="yum" exe="/usr/bin/python2.7" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=SOFTWARE_UPDATE msg=audit(1574675030.837:337): pid=21304 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='sw="systemd-python-219-73.el7.x86_64" sw_type=rpm key_enforce=0 gpg_res=0 root_dir="/" comm="yum" exe="/usr/bin/python2.7" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=SOFTWARE_UPDATE msg=audit(1574675031.450:338): pid=21304 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='sw="setroubleshoot-plugins-3.0.67-4.el7.noarch" sw_type=rpm key_enforce=0 gpg_res=0 root_dir="/" comm="yum" exe="/usr/bin/python2.7" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=ADD_GROUP msg=audit(1574675031.488:339): pid=21321 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:groupadd_t:s0-s0:c0.c1023 msg='op=add-group id=994 exe="/usr/sbin/groupadd" hostname=? addr=? terminal=? res=success'
+type=GRP_MGMT msg=audit(1574675031.498:340): pid=21321 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:groupadd_t:s0-s0:c0.c1023 msg='op=add-shadow-group id=994 exe="/usr/sbin/groupadd" hostname=? addr=? terminal=? res=success'
+type=ADD_USER msg=audit(1574675031.528:341): pid=21326 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:useradd_t:s0-s0:c0.c1023 msg='op=add-user id=997 exe="/usr/sbin/useradd" hostname=? addr=? terminal=? res=success'
+type=USER_MGMT msg=audit(1574675031.554:342): pid=21331 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:useradd_t:s0-s0:c0.c1023 msg='op=pam_tally2 reset=0 id=997 exe="/usr/sbin/pam_tally2" hostname=? addr=? terminal=? res=success'
+type=DAEMON_CONFIG msg=audit(1574675032.060:1548) op=reconfigure state=changed auid=0 pid=21340 subj=unconfined_u:unconfined_r:rpm_script_t:s0-s0:c0.c1023 res=success
+type=SOFTWARE_UPDATE msg=audit(1574675032.075:343): pid=21304 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='sw="setroubleshoot-server-3.2.30-8.el7.x86_64" sw_type=rpm key_enforce=0 gpg_res=0 root_dir="/" comm="yum" exe="/usr/bin/python2.7" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=ADD_GROUP msg=audit(1574675044.229:344): pid=21352 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=add-group acct="sysadm-user" exe="/usr/sbin/useradd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=ADD_USER msg=audit(1574675044.235:345): pid=21352 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=add-user id=1000 exe="/usr/sbin/useradd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=USER_MGMT msg=audit(1574675044.278:346): pid=21357 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=pam_tally2 reset=0 id=1000 exe="/usr/sbin/pam_tally2" hostname=? addr=? terminal=/dev/pts/0 res=success'
+type=ROLE_ASSIGN msg=audit(1574675045.373:347): pid=21352 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login-sename,role,range acct="sysadm-user" old-seuser=? old-role=? old-range=? new-seuser=sysadm_u new-role=sysadm_r new-range=s0-s0:c0.c1023 exe="/usr/sbin/useradd" hostname=? addr=? terminal=pts/0 res=success'
+type=USER_AVC msg=audit(1574675047.413:348): pid=510 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  received policyload notice (seqno=2)  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
+type=MAC_POLICY_LOAD msg=audit(1574675045.619:349): policy loaded auid=0 ses=4
+type=SYSCALL msg=audit(1574675045.619:349): arch=c000003e syscall=1 success=yes exit=3882864 a0=4 a1=7f7518eaf000 a2=3b3f70 a3=7ffe563fd8e0 items=0 ppid=21352 pid=21361 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=4 comm="load_policy" exe="/usr/sbin/load_policy" subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)
+type=PROCTITLE msg=audit(1574675045.619:349): proctitle="/sbin/load_policy"
+type=USER_MGMT msg=audit(1574675047.475:350): pid=21352 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=add-home-dir id=1000 exe="/usr/sbin/useradd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=USER_CHAUTHTOK msg=audit(1574675063.946:351): pid=21362 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:passwd_t:s0-s0:c0.c1023 msg='op=PAM:chauthtok grantors=pam_pwquality,pam_unix acct="sysadm-user" exe="/usr/bin/passwd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675095.611:352): pid=21370 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21370 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675095.611:353): pid=21370 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21370 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675095.611:354): pid=21370 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21370 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574675095.732:355): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21370 suid=74 rport=43938 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574675095.732:356): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21370 suid=74 rport=43938 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574675096.637:357): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey acct="sysadm-user" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
+type=USER_AUTH msg=audit(1574675100.275:358): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_ACCT msg=audit(1574675100.279:359): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675100.285:360): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21370 suid=74 rport=43938 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574675100.287:361): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="sysadm-user" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=success'
+type=CRED_ACQ msg=audit(1574675100.288:362): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=LOGIN msg=audit(1574675100.288:363): pid=21369 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=5 res=1
+type=USER_START msg=audit(1574675100.350:364): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=? acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=failed'
+type=CRYPTO_KEY_USER msg=audit(1574675100.352:365): pid=21373 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21373 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675100.352:366): pid=21373 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21373 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675100.352:367): pid=21373 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21373 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_ACQ msg=audit(1574675100.354:368): pid=21373 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574675100.700:369): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/1 res=success'
+type=USER_START msg=audit(1574675100.701:370): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/1 res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675100.705:371): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21374 suid=1000  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=USER_END msg=audit(1574675100.705:372): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=/dev/pts/1 res=success'
+type=USER_LOGOUT msg=audit(1574675100.705:373): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=/dev/pts/1 res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675100.931:374): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21373 suid=1000  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675100.931:375): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21373 suid=1000 rport=43938 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRED_DISP msg=audit(1574675100.933:376): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675100.933:377): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21369 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675100.933:378): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21369 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675100.933:379): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21369 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=MAC_CONFIG_CHANGE msg=audit(1574675113.286:380): bool=ssh_sysadm_login val=1 old_val=0 auid=0 ses=4
+type=SYSCALL msg=audit(1574675113.286:380): arch=c000003e syscall=1 success=yes exit=2 a0=3 a1=7ffd8dfb32e0 a2=2 a3=7ffd8dfb26e0 items=0 ppid=21236 pid=21376 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=4 comm="setsebool" exe="/usr/sbin/setsebool" subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)
+type=PROCTITLE msg=audit(1574675113.286:380): proctitle=7365747365626F6F6C007373685F73797361646D5F6C6F67696E006F6E
+type=USER_AVC msg=audit(1574675113.294:381): pid=510 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  received policyload notice (seqno=3)  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
+type=CRYPTO_KEY_USER msg=audit(1574675115.046:382): pid=21378 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21378 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675115.046:383): pid=21378 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21378 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675115.046:384): pid=21378 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21378 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574675115.255:385): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21378 suid=74 rport=43948 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574675115.256:386): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21378 suid=74 rport=43948 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574675116.381:387): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey acct="sysadm-user" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
+type=USER_AUTH msg=audit(1574675119.281:388): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_ACCT msg=audit(1574675119.285:389): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675119.289:390): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21378 suid=74 rport=43948 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574675119.291:391): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="sysadm-user" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=success'
+type=CRED_ACQ msg=audit(1574675119.292:392): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=LOGIN msg=audit(1574675119.292:393): pid=21377 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=6 res=1
+type=USER_ROLE_CHANGE msg=audit(1574675119.318:394): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 selected-context=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574675119.348:395): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675119.349:396): pid=21381 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21381 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675119.349:397): pid=21381 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21381 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675119.350:398): pid=21381 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21381 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_ACQ msg=audit(1574675119.351:399): pid=21381 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574675119.842:400): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/1 res=success'
+type=USER_START msg=audit(1574675119.843:401): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/1 res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675119.856:402): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21382 suid=1000  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=SERVICE_START msg=audit(1574675129.532:403): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=lldpad comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
+type=AVC msg=audit(1574675142.213:404): avc:  denied  { sendto } for  pid=21445 comm="lldptool" path=002F636F6D2F696E74656C2F6C6C64706164 scontext=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:lldpad_t:s0 tclass=unix_dgram_socket permissive=0
+type=SYSCALL msg=audit(1574675142.213:404): arch=c000003e syscall=42 success=no exit=-13 a0=3 a1=556166aa2082 a2=14 a3=f items=0 ppid=21382 pid=21445 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts1 ses=6 comm="lldptool" exe="/usr/sbin/lldptool" subj=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 key=(null)
+type=PROCTITLE msg=audit(1574675142.213:404): proctitle=6C6C6470746F6F6C002D2D68656C70
+type=AVC msg=audit(1574675155.993:405): avc:  denied  { sendto } for  pid=21453 comm="vdptool" path=002F636F6D2F696E74656C2F6C6C64706164 scontext=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:lldpad_t:s0 tclass=unix_dgram_socket permissive=0
+type=SYSCALL msg=audit(1574675155.993:405): arch=c000003e syscall=42 success=no exit=-13 a0=3 a1=55ed05d7f082 a2=14 a3=f items=0 ppid=21382 pid=21453 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts1 ses=6 comm="vdptool" exe="/usr/sbin/vdptool" subj=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 key=(null)
+type=PROCTITLE msg=audit(1574675155.993:405): proctitle="vdptool"
+type=AVC msg=audit(1574675156.994:406): avc:  denied  { sendto } for  pid=21453 comm="vdptool" path=002F636F6D2F696E74656C2F6C6C64706164 scontext=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:lldpad_t:s0 tclass=unix_dgram_socket permissive=0
+type=SYSCALL msg=audit(1574675156.994:406): arch=c000003e syscall=42 success=no exit=-13 a0=3 a1=55ed05d7f082 a2=14 a3=f items=0 ppid=21382 pid=21453 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts1 ses=6 comm="vdptool" exe="/usr/sbin/vdptool" subj=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 key=(null)
+type=PROCTITLE msg=audit(1574675156.994:406): proctitle="vdptool"
+type=USER_END msg=audit(1574675346.431:407): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=/dev/pts/1 res=success'
+type=USER_LOGOUT msg=audit(1574675346.431:408): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=/dev/pts/1 res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675346.577:409): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21381 suid=1000  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675346.578:410): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21381 suid=1000 rport=43948 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_END msg=audit(1574675346.588:411): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRED_DISP msg=audit(1574675346.589:412): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675346.590:413): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21377 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675346.590:414): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21377 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574675346.590:415): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21377 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676014.438:416): pid=21483 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21483 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676014.438:417): pid=21483 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21483 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676014.438:418): pid=21483 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21483 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574676014.561:419): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21483 suid=74 rport=44920 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574676014.561:420): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21483 suid=74 rport=44920 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574676015.558:421): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
+type=USER_ACCT msg=audit(1574676061.116:422): pid=21485 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_localuser acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=CRED_ACQ msg=audit(1574676061.116:423): pid=21485 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=LOGIN msg=audit(1574676061.117:424): pid=21485 uid=0 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=7 res=1
+type=USER_START msg=audit(1574676061.134:425): pid=21485 uid=0 auid=0 ses=7 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_loginuid,pam_keyinit,pam_limits,pam_systemd acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=CRED_REFR msg=audit(1574676061.134:426): pid=21485 uid=0 auid=0 ses=7 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=CRED_DISP msg=audit(1574676061.155:427): pid=21485 uid=0 auid=0 ses=7 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=USER_END msg=audit(1574676061.156:428): pid=21485 uid=0 auid=0 ses=7 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_loginuid,pam_keyinit,pam_limits,pam_systemd acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
+type=USER_AUTH msg=audit(1574676091.306:429): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=failed'
+type=USER_AUTH msg=audit(1574676093.653:430): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=password acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
+type=USER_AUTH msg=audit(1574676097.622:431): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=failed'
+type=USER_AUTH msg=audit(1574676099.791:432): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=password acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
+type=USER_CHAUTHTOK msg=audit(1574676108.719:433): pid=21500 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:passwd_t:s0-s0:c0.c1023 msg='op=PAM:chauthtok grantors=pam_pwquality,pam_unix acct="root" exe="/usr/bin/passwd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
+type=USER_AUTH msg=audit(1574676112.952:434): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_ACCT msg=audit(1574676112.957:435): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676112.959:436): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21483 suid=74 rport=44920 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574676112.961:437): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=success'
+type=CRED_ACQ msg=audit(1574676112.962:438): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=LOGIN msg=audit(1574676112.962:439): pid=21482 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=8 res=1
+type=USER_ROLE_CHANGE msg=audit(1574676113.090:440): pid=21482 uid=0 auid=0 ses=8 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574676113.117:441): pid=21482 uid=0 auid=0 ses=8 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574676113.509:442): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574676113.510:443): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676113.514:444): pid=21506 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21506 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676113.514:445): pid=21506 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21506 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676113.514:446): pid=21506 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21506 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574676113.516:447): pid=21506 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574676114.450:448): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRED_DISP msg=audit(1574676114.451:449): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_END msg=audit(1574676114.453:450): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGOUT msg=audit(1574676114.454:451): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676114.454:452): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21482 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676114.454:453): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21482 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676114.454:454): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21482 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676114.454:455): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21482 suid=0 rport=44920 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676260.369:456): pid=21516 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21516 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676260.369:457): pid=21516 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21516 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676260.369:458): pid=21516 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21516 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574676260.572:459): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21516 suid=74 rport=45194 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574676260.573:460): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21516 suid=74 rport=45194 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574676261.389:461): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey acct="sysadm-user" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
+type=USER_AUTH msg=audit(1574676264.491:462): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_ACCT msg=audit(1574676264.495:463): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676264.498:464): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21516 suid=74 rport=45194 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574676264.500:465): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="sysadm-user" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=success'
+type=CRED_ACQ msg=audit(1574676264.500:466): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=LOGIN msg=audit(1574676264.501:467): pid=21515 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=9 res=1
+type=USER_ROLE_CHANGE msg=audit(1574676264.528:468): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 selected-context=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574676264.553:469): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676264.554:470): pid=21519 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21519 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676264.555:471): pid=21519 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21519 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676264.555:472): pid=21519 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21519 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_ACQ msg=audit(1574676264.556:473): pid=21519 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574676264.954:474): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/1 res=success'
+type=USER_START msg=audit(1574676264.955:475): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/1 res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676264.968:476): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21520 suid=1000  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=AVC msg=audit(1574676269.109:477): avc:  denied  { sendto } for  pid=21539 comm="dcbtool" path=002F636F6D2F696E74656C2F6C6C64706164 scontext=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:lldpad_t:s0 tclass=unix_dgram_socket permissive=0
+type=SYSCALL msg=audit(1574676269.109:477): arch=c000003e syscall=42 success=no exit=-13 a0=3 a1=558107411082 a2=14 a3=21000 items=0 ppid=21520 pid=21539 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts1 ses=9 comm="dcbtool" exe="/usr/sbin/dcbtool" subj=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 key=(null)
+type=PROCTITLE msg=audit(1574676269.109:477): proctitle="dcbtool"
+type=AVC msg=audit(1574676270.109:478): avc:  denied  { sendto } for  pid=21539 comm="dcbtool" path=002F636F6D2F696E74656C2F6C6C64706164 scontext=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:lldpad_t:s0 tclass=unix_dgram_socket permissive=0
+type=SYSCALL msg=audit(1574676270.109:478): arch=c000003e syscall=42 success=no exit=-13 a0=3 a1=558107411082 a2=14 a3=f items=0 ppid=21520 pid=21539 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts1 ses=9 comm="dcbtool" exe="/usr/sbin/dcbtool" subj=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 key=(null)
+type=PROCTITLE msg=audit(1574676270.109:478): proctitle="dcbtool"
+type=USER_END msg=audit(1574676314.202:479): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=/dev/pts/1 res=success'
+type=USER_LOGOUT msg=audit(1574676314.202:480): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=/dev/pts/1 res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676314.359:481): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21519 suid=1000  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676314.359:482): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21519 suid=1000 rport=45194 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_END msg=audit(1574676314.365:483): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRED_DISP msg=audit(1574676314.366:484): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676314.366:485): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21515 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676314.367:486): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21515 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676314.367:487): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21515 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676320.600:488): pid=21551 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21551 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676320.600:489): pid=21551 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21551 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676320.600:490): pid=21551 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21551 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574676320.714:491): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21551 suid=74 rport=45270 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=CRYPTO_SESSION msg=audit(1574676320.714:492): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21551 suid=74 rport=45270 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574676321.562:493): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
+type=USER_AUTH msg=audit(1574676324.674:494): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_ACCT msg=audit(1574676324.678:495): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676324.679:496): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21551 suid=74 rport=45270 laddr=10.0.137.208 lport=22  exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
+type=USER_AUTH msg=audit(1574676324.681:497): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=success'
+type=CRED_ACQ msg=audit(1574676324.682:498): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=LOGIN msg=audit(1574676324.682:499): pid=21550 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=10 res=1
+type=USER_ROLE_CHANGE msg=audit(1574676324.801:500): pid=21550 uid=0 auid=0 ses=10 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574676324.826:501): pid=21550 uid=0 auid=0 ses=10 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_LOGIN msg=audit(1574676325.219:502): pid=21550 uid=0 auid=0 ses=10 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=USER_START msg=audit(1574676325.220:503): pid=21550 uid=0 auid=0 ses=10 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676325.223:504): pid=21554 uid=0 auid=0 ses=10 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21554 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676325.223:505): pid=21554 uid=0 auid=0 ses=10 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21554 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRYPTO_KEY_USER msg=audit(1574676325.223:506): pid=21554 uid=0 auid=0 ses=10 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21554 suid=0  exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
+type=CRED_REFR msg=audit(1574676325.225:507): pid=21554 uid=0 auid=0 ses=10 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
--- a/tests/Regression/embedded-null-byte-in-audit-records/runtest.sh
+++ b/tests/Regression/embedded-null-byte-in-audit-records/runtest.sh
@ -0,0 +1,65 @@
+#!/bin/bash
+# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/setroubleshoot/Regression/embedded-null-byte-in-audit-records
+#   Description: Is sealert able to processes audit messages which contain embedded null bytes?
+#   Author: Milos Malik <mmalik@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2019 Red Hat, Inc.
+#
+#   This program is free software: you can redistribute it and/or
+#   modify it under the terms of the GNU General Public License as
+#   published by the Free Software Foundation, either version 2 of
+#   the License, or (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE.  See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program. If not, see http://www.gnu.org/licenses/.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include Beaker environment
+. /usr/bin/rhts-environment.sh || exit 1
+. /usr/share/beakerlib/beakerlib.sh || exit 1
+
+PACKAGE="setroubleshoot"
+
+rlJournalStart
+    rlPhaseStartSetup
+        rlAssertRpm ${PACKAGE}
+        rlRun "rpm -qf /usr/sbin/ausearch"
+        rlRun "rpm -qf /usr/bin/audit2allow"
+        rlRun "rpm -qf /usr/bin/sealert"
+        OUTPUT_FILE=`mktemp`
+    rlPhaseEnd
+
+    rlPhaseStartTest "bz#1775135 + bz#1776199"
+        if rlIsRHEL 7 ; then
+            rlRun "ausearch -i -m avc -if ./audit.log"
+            rlRun "audit2allow -i ./audit.log"
+            # if sealert got stuck, kill it after 15 seconds
+            rlWatchdog "sealert -a ./audit.log 2>&1 | tee ${OUTPUT_FILE}" 15
+        else # Fedora, RHEL-8 and above
+            rlRun "ausearch -i -m avc -if ./short.log"
+            rlRun "audit2allow -i ./short.log"
+            # if sealert got stuck, kill it after 15 seconds
+            rlWatchdog "sealert -a ./short.log 2>&1 | tee ${OUTPUT_FILE}" 15
+        fi
+        rlRun "grep -i -e Traceback -e TypeError -e embedded -e \"null byte\" ${OUTPUT_FILE}" 1
+        rlRun "grep -i \"Plugin catchall\" ${OUTPUT_FILE}" 0
+        if [ $? -ne 0 ]; then cat ${OUTPUT_FILE}; fi
+    rlPhaseEnd
+
+    rlPhaseStartCleanup
+        rm -f ${OUTPUT_FILE}
+    rlPhaseEnd
+rlJournalPrintText
+rlJournalEnd
+
--- a/tests/Regression/embedded-null-byte-in-audit-records/short.log
+++ b/tests/Regression/embedded-null-byte-in-audit-records/short.log
@ -0,0 +1,4 @@
+type=AVC msg=audit(1574094303.139:1096): avc:  denied  { sendto } for  pid=18278 comm="dcbtool" path=002F636F6D2F696E74656C2F6C6C64706164 scontext=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:lldpad_t:s0 tclass=unix_dgram_socket permissive=0
+type=SYSCALL msg=audit(1574094303.139:1096): arch=c000003e syscall=42 success=no exit=-13 a0=3 a1=55c52f80bf02 a2=14 a3=0 items=0 ppid=12504 pid=18278 auid=1005 uid=1005 gid=1005 euid=1005 suid=1005 fsuid=1005 egid=1005 sgid=1005 fsgid=1005 tty=pts1 ses=33 comm="dcbtool" exe="/usr/sbin/dcbtool" subj=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=connect AUID="sysadm-user" UID="sysadm-user" GID="sysadm-user" EUID="sysadm-user" SUID="sysadm-user" FSUID="sysadm-user" EGID="sysadm-user" SGID="sysadm-user" FSGID="sysadm-user"
+type=SOCKADDR msg=audit(1574094303.139:1096): saddr=0100002F636F6D2F696E74656C2F6C6C64706164SADDR={ saddr_fam=local path=/com/intel/lldpad }
+type=PROCTITLE msg=audit(1574094303.139:1096): proctitle="dcbtool"
--- a/tests/Regression/no-plugin-exception-during-analyses/Makefile
+++ b/tests/Regression/no-plugin-exception-during-analyses/Makefile
@ -0,0 +1,65 @@
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Makefile of /CoreOS/setroubleshoot/Regression/no-plugin-exception-during-analyses
+#   Description: Does setroubleshoot report any 'Plugin Exception' during analyses?
+#   Author: Petr Lautrbach <plautrba@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2020 Red Hat, Inc.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+export TEST=/CoreOS/setroubleshoot/Regression/no-plugin-exception-during-analyses
+export TESTVERSION=1.0
+
+BUILT_FILES=
+
+FILES=$(METADATA) runtest.sh Makefile short.log
+
+.PHONY: all install download clean
+
+run: $(FILES) build
+	./runtest.sh
+
+build: $(BUILT_FILES)
+	test -x runtest.sh || chmod a+x runtest.sh
+
+clean:
+	rm -f *~ $(BUILT_FILES)
+
+include /usr/share/rhts/lib/rhts-make.include
+
+$(METADATA): Makefile
+	@echo "Owner:           Petr Lautrbach <plautrba@redhat.com>" > $(METADATA)
+	@echo "Name:            $(TEST)" >> $(METADATA)
+	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
+	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
+	@echo "Description:     Does setroubleshoot report any 'Plugin Exception' during analyses?" >> $(METADATA)
+	@echo "Type:            Regression" >> $(METADATA)
+	@echo "TestTime:        5m" >> $(METADATA)
+	@echo "RunFor:          setroubleshoot" >> $(METADATA)
+	@echo "Requires:        setroubleshoot-server" >> $(METADATA)
+	@echo "Priority:        Normal" >> $(METADATA)
+	@echo "License:         GPLv2" >> $(METADATA)
+	@echo "Confidential:    no" >> $(METADATA)
+	@echo "Destructive:     no" >> $(METADATA)
+	@echo "Environment:     AVC_ERROR=+no_avc_check" >> $(METADATA)
+	@echo "Bug:             1784564" >> $(METADATA) # RHEL-7
+
+	rhts-lint $(METADATA)
+
--- a/tests/Regression/no-plugin-exception-during-analyses/runtest.sh
+++ b/tests/Regression/no-plugin-exception-during-analyses/runtest.sh
@ -0,0 +1,73 @@
+#!/bin/bash
+# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/setroubleshoot/Regression/no-plugin-exception-during-analyses
+#   Description: Does setroubleshoot report any 'Plugin Exception' during analyses?
+#   Author: Petr Lautrbach <plautrba@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2020 Red Hat, Inc.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include Beaker environment
+. /usr/bin/rhts-environment.sh || exit 1
+. /usr/share/beakerlib/beakerlib.sh || exit 1
+
+PACKAGE="setroubleshoot"
+
+rlJournalStart
+    rlPhaseStartSetup
+        rlAssertRpm ${PACKAGE}-server
+        rlAssertRpm ${PACKAGE}-plugins
+    rlPhaseEnd
+
+    rlPhaseStartTest "no 'Plugin Exception'"
+        SINCE=$(date '+%Y-%m-%d %H:%M:%S')
+        RANDOM_NUMBER=${RANDOM}
+        rlRun "passwd --help >& /root/output-${RANDOM_NUMBER}.txt"
+        rlRun "rm -f /root/output-${RANDOM_NUMBER}.txt"
+        sleep 10
+        rlRun "journalctl --since=\"$SINCE\" > journal-after.txt"
+        STATUS=0
+        rlAssertGrep "setroubleshoot.*: SELinux is preventing (/usr/bin/)?passwd" journal-after.txt -E
+        [[ $? -eq 0 ]] || STATUS=$?
+        rlAssertNotGrep "setroubleshoot.*: Plugin Exception " journal-after.txt
+        [[ $? -eq 0 ]] || STATUS=$?
+        rlRun "[[ $STATUS -eq 0 ]] || cat journal-after.txt"
+        rlRun "rm -f journal-after.txt"
+    rlPhaseEnd
+
+    rlPhaseStartTest "no 'Plugin Exception' in short.log"
+        OUTPUT_FILE=`mktemp`
+        rlRun "sealert -a ./short.log >& $OUTPUT_FILE"
+        STATUS=0
+        rlAssertNotGrep "'generator' object is not subscriptable" $OUTPUT_FILE
+        [[ $? -eq 0 ]] || STATUS=$?
+        rlAssertGrep "Plugin catchall_labels" $OUTPUT_FILE
+        [[ $? -eq 0 ]] || STATUS=$?
+        rlRun "[[ $STATUS -eq 0 ]] || cat $OUTPUT_FILE"
+        rlRun "rm -f $OUTPUT_FILE"
+    rlPhaseEnd
+
+    rlPhaseStartCleanup
+    rlPhaseEnd
+rlJournalPrintText
+rlJournalEnd
+
--- a/tests/Regression/no-plugin-exception-during-analyses/short.log
+++ b/tests/Regression/no-plugin-exception-during-analyses/short.log
@ -0,0 +1,10 @@
+type=PROCTITLE msg=audit(1574867531.103:1226): proctitle=2F7573722F7362696E2F6368726F6E7964002D6E002D66002F7661722F72756E2F74696D656D61737465722F6368726F6E792E636F6E66
+type=AVC msg=audit(1574867531.516:1227): avc:  denied  { read } for  pid=936 comm="auditd" name="passwd" dev="sda2" ino=25468387 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
+type=AVC msg=audit(1574867531.516:1228): avc:  denied  { read } for  pid=936 comm="auditd" name="passwd" dev="sda2" ino=25468387 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
+type=AVC msg=audit(1574867531.516:1229): avc:  denied  { write } for  pid=936 comm="auditd" name="nss" dev="sda2" ino=209156 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0
+type=AVC msg=audit(1574867531.516:1230): avc:  denied  { read } for  pid=936 comm="auditd" name="group" dev="sda2" ino=25468401 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
+type=AVC msg=audit(1574867531.516:1231): avc:  denied  { read } for  pid=936 comm="auditd" name="group" dev="sda2" ino=25468401 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
+type=AVC msg=audit(1574867531.516:1232): avc:  denied  { write } for  pid=936 comm="auditd" name="nss" dev="sda2" ino=209156 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0
+type=SYSCALL msg=audit(1574867527.549:1163): arch=c000003e syscall=21 success=no exit=-13 a0=7f61e4002460 a1=4 a2=0 a3=0 items=1 ppid=1 pid=1871 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="in:imjournal" exe="/usr/sbin/rsyslogd" subj=system_u:system_r:syslogd_t:s0 key=(null)ARCH=x86_64 SYSCALL=access AUID="unset" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root"
+type=CWD msg=audit(1574867527.549:1163): cwd="/"
+type=PATH msg=audit(1574867527.549:1163): item=0 name="/var/lib/rsyslog/imjournal.state" inode=25845859 dev=08:02 mode=0100600 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:unlabeled_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0OUID="root" OGID="root"
--- a/tests/Regression/sealert-s-traceback-invalid-display/Makefile
+++ b/tests/Regression/sealert-s-traceback-invalid-display/Makefile
@ -0,0 +1,63 @@
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Makefile of /CoreOS/setroubleshoot/Regression/sealert-s-traceback-invalid-display
+#   Description: Test for traceback when using sealert -s with DISPLAY set to invalid value
+#   Author: Vit Mojzis <vmojzis@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2020 Red Hat, Inc.
+#
+#   This program is free software: you can redistribute it and/or
+#   modify it under the terms of the GNU General Public License as
+#   published by the Free Software Foundation, either version 2 of
+#   the License, or (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE.  See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program. If not, see http://www.gnu.org/licenses/.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+export TEST=/CoreOS/setroubleshoot/Regression/sealert-s-traceback-invalid-display
+export TESTVERSION=1.0
+
+BUILT_FILES=
+
+FILES=$(METADATA) runtest.sh Makefile
+
+.PHONY: all install download clean
+
+run: $(FILES) build
+	./runtest.sh
+
+build: $(BUILT_FILES)
+	test -x runtest.sh || chmod a+x runtest.sh
+
+clean:
+	rm -f *~ $(BUILT_FILES)
+
+include /usr/share/rhts/lib/rhts-make.include
+
+$(METADATA): Makefile
+	@echo "Owner:           Vit Mojzis <vmojzis@redhat.com>" > $(METADATA)
+	@echo "Name:            $(TEST)" >> $(METADATA)
+	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
+	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
+	@echo "Description:     Test for traceback when using sealert -s with display set to invalid value" >> $(METADATA)
+	@echo "Type:            Regression" >> $(METADATA)
+	@echo "TestTime:        5m" >> $(METADATA)
+	@echo "RunFor:          setroubleshoot" >> $(METADATA)
+	@echo "Requires:        setroubleshoot" >> $(METADATA)
+	@echo "Priority:        Normal" >> $(METADATA)
+	@echo "License:         GPLv2" >> $(METADATA)
+	@echo "Confidential:    no" >> $(METADATA)
+	@echo "Destructive:     no" >> $(METADATA)
+	@echo "Bug:             1574434" >> $(METADATA)
+	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5 -RHEL6 -RHEL7" >> $(METADATA)
+
+	rhts-lint $(METADATA)
--- a/tests/Regression/sealert-s-traceback-invalid-display/runtest.sh
+++ b/tests/Regression/sealert-s-traceback-invalid-display/runtest.sh
@ -0,0 +1,45 @@
+#!/bin/bash
+# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/setroubleshoot/Regression/sealert-s-traceback-invalid-display
+#   Description: Test for traceback when using sealert -s with DISPLAY set to invalid value
+#   Author: Vit Mojzis <vmojzis@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2020 Red Hat, Inc.
+#
+#   This program is free software: you can redistribute it and/or
+#   modify it under the terms of the GNU General Public License as
+#   published by the Free Software Foundation, either version 2 of
+#   the License, or (at your option) any later version.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE.  See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public License
+#   along with this program. If not, see http://www.gnu.org/licenses/.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include Beaker environment
+. /usr/bin/rhts-environment.sh || exit 1
+. /usr/share/beakerlib/beakerlib.sh || exit 1
+
+PACKAGE="setroubleshoot-server"
+
+rlJournalStart
+    rlPhaseStartSetup
+        rlAssertRpm $PACKAGE
+        OUTPUT_FILE=`mktemp`
+    rlPhaseEnd
+
+    rlPhaseStartTest
+        rlRun "DISPLAY=yolo sealert -s 2>&1 | tee ${OUTPUT_FILE}"
+        rlRun "grep Traceback ${OUTPUT_FILE}" 1
+    rlPhaseEnd
+rlJournalPrintText
+rlJournalEnd
--- a/tests/Sanity/public_content/Makefile
+++ b/tests/Sanity/public_content/Makefile
@ -0,0 +1,65 @@
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Makefile of /CoreOS/setroubleshoot-plugins/Sanity/public_content
+#   Description: Does the plugin work as expected?
+#   Author: Milos Malik <mmalik@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2017 Red Hat, Inc.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+export TEST=/CoreOS/setroubleshoot-plugins/Sanity/public_content
+export TESTVERSION=1.0
+
+BUILT_FILES=
+
+FILES=$(METADATA) runtest.sh Makefile PURPOSE
+
+.PHONY: all install download clean
+
+run: $(FILES) build
+	./runtest.sh
+
+build: $(BUILT_FILES)
+	test -x runtest.sh || chmod a+x runtest.sh
+
+clean:
+	rm -f *~ $(BUILT_FILES)
+
+include /usr/share/rhts/lib/rhts-make.include
+
+$(METADATA): Makefile
+	@echo "Owner:           Milos Malik <mmalik@redhat.com>" > $(METADATA)
+	@echo "Name:            $(TEST)" >> $(METADATA)
+	@echo "TestVersion:     $(TESTVERSION)" >> $(METADATA)
+	@echo "Path:            $(TEST_DIR)" >> $(METADATA)
+	@echo "Description:     Does the plugin work as expected?" >> $(METADATA)
+	@echo "Type:            Sanity" >> $(METADATA)
+	@echo "TestTime:        10m" >> $(METADATA)
+	@echo "RunFor:          setroubleshoot-plugins" >> $(METADATA)
+	@echo "Requires:        setroubleshoot-plugins setroubleshoot-server audit setools-console psmisc libselinux-utils rsyslog" >> $(METADATA)
+	@echo "Priority:        Normal" >> $(METADATA)
+	@echo "License:         GPLv2" >> $(METADATA)
+	@echo "Confidential:    no" >> $(METADATA)
+	@echo "Destructive:     no" >> $(METADATA)
+	@echo "Releases:        -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
+	@echo "Environment:     AVC_ERROR=+no_avc_check" >> $(METADATA)
+
+	rhts-lint $(METADATA)
+
--- a/tests/Sanity/public_content/PURPOSE
+++ b/tests/Sanity/public_content/PURPOSE
@ -0,0 +1,7 @@
+PURPOSE of /CoreOS/setroubleshoot-plugins/Sanity/public_content
+Author: Milos Malik <mmalik@redhat.com>
+
+Does the plugin work as expected?
+
+Default value of ANALYSIS_DELAY can be overriden.
+
--- a/tests/Sanity/public_content/runtest.sh
+++ b/tests/Sanity/public_content/runtest.sh
@ -0,0 +1,87 @@
+#!/bin/bash
+# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   runtest.sh of /CoreOS/setroubleshoot-plugins/Sanity/public_content
+#   Description: Does the plugin work as expected?
+#   Author: Milos Malik <mmalik@redhat.com>
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+#
+#   Copyright (c) 2017 Red Hat, Inc.
+#
+#   This copyrighted material is made available to anyone wishing
+#   to use, modify, copy, or redistribute it subject to the terms
+#   and conditions of the GNU General Public License version 2.
+#
+#   This program is distributed in the hope that it will be
+#   useful, but WITHOUT ANY WARRANTY; without even the implied
+#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+#   PURPOSE. See the GNU General Public License for more details.
+#
+#   You should have received a copy of the GNU General Public
+#   License along with this program; if not, write to the Free
+#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+#   Boston, MA 02110-1301, USA.
+#
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+# Include Beaker environment
+. /usr/bin/rhts-environment.sh || exit 1
+. /usr/share/beakerlib/beakerlib.sh || exit 1
+
+PACKAGE="setroubleshoot-plugins"
+PLUGIN_NAME="public_content"
+ANALYSIS_DELAY=${ANALYSIS_DELAY:-"16"}
+
+rlJournalStart
+    rlPhaseStartSetup
+        rlAssertRpm ${PACKAGE}
+        rlAssertRpm setroubleshoot-server
+        rlServiceStart auditd
+        rlFileBackup /var/lib/setroubleshoot/setroubleshoot_database.xml
+        rlRun "rm -f /var/lib/setroubleshoot/setroubleshoot_database.xml"
+        BEFORE=`mktemp`
+        AFTER=`mktemp`
+        rlRun "killall setroubleshootd" 0,1
+        rlRun "mkdir -p /var/test-dir"
+        rlRun "chcon -t samba_share_t /var/test-dir"
+        rlRun "touch /var/test-file"
+        rlRun "chcon -t samba_share_t /var/test-file"
+    rlPhaseEnd
+
+    rlPhaseStartTest
+        if rlIsRHEL 6 7 ; then
+            ADD_OPT="-C"
+        fi
+        rlRun "sesearch -s rsync_t -t samba_share_t -c dir -p read -A --dontaudit ${ADD_OPT} | grep -v '\]' | grep -e allow -e dontaudit" 1
+        rlRun "sesearch -s rsync_t -t samba_share_t -c file -p read -A --dontaudit ${ADD_OPT} | grep -v '\]' | grep -e allow -e dontaudit" 1
+        rlRun "setsebool rsync_export_all_ro off"
+        if ! rlIsRHEL 6 ; then
+            rlRun "setsebool rsync_full_access off"
+        fi
+        rlRun "sealert -l '*' > ${BEFORE}"
+        rlRun "cat /var/log/messages > ./messages"
+        rlRun "setenforce 0"
+        rlRun "runcon system_u:system_r:rsync_t:s0 bash -c 'ls /var/test-dir'" 0,1
+        rlRun "runcon system_u:system_r:rsync_t:s0 bash -c 'cat /var/test-file'" 0,1
+        rlRun "setenforce 1"
+        rlRun "sleep ${ANALYSIS_DELAY}"
+        rlRun "ps -efZ | grep setroubleshootd" 0,1
+        rlRun "sealert -l '*' > ${AFTER}" 0-3
+        rlRun "ausearch -m avc -m selinux_err -i -ts recent | grep 'read.*ls.*test-dir.*:rsync_t:.*:samba_share_t:.*tclass=dir'"
+        rlRun "ausearch -m avc -m selinux_err -i -ts recent | grep 'read.*cat.*test-file.*:rsync_t:.*:samba_share_t:.*tclass=file'"
+        rlRun "diff ${BEFORE} ${AFTER} | grep \"Plugin.*suggests\""
+        rlRun "diff ${BEFORE} ${AFTER} | grep \"Plugin ${PLUGIN_NAME} .*suggests\""
+        rlRun "diff /var/log/messages ./messages | grep -i -e 'setroubleshoot.*exception' -e 'no such file or directory'" 1
+    rlPhaseEnd
+
+    rlPhaseStartCleanup
+        rlRun "rm -rf /var/test-dir /var/test-file"
+        rm -f ${BEFORE}
+        rm -f ${AFTER}
+        rlFileRestore
+    rlPhaseEnd
+rlJournalPrintText
+rlJournalEnd
+
--- a/tests/tests.yml
+++ b/tests/tests.yml
@ -0,0 +1,19 @@
+- hosts: localhost
+  roles:
+  - role: standard-test-beakerlib
+    tags:
+    - classic
+    tests:
+    - Regression/embedded-null-byte-in-audit-records
+    - Regression/no-plugin-exception-during-analyses
+    - Regression/sealert-s-traceback-invalid-display
+    - Regression/Report-bugs-on-corresponding-components
+    - Sanity/public_content
+    required_packages:
+    - setroubleshoot-server
+    - setroubleshoot-plugins
+    - audit
+    - setools-console
+    - psmisc
+    - libselinux-utils
+    - rsyslog
Author	SHA1	Message	Date
Petr Lautrbach	beb2a71e3f	setroubleshoot-3.3.24-1 - Add 'fur' into shipped locales - Update translations - Log full reports with correct syslog identifier - Cancel pending alarm during AVC analyses	2020-10-13 10:10:10 +02:00
Vit Mojzis	5886bbdd11	tests/Regression/Report-bugs: Add new test RPM	2020-08-05 18:05:15 +02:00
Fedora Release Engineering	3502f40970	- Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2020-08-01 09:02:16 +00:00
Fedora Release Engineering	eed1173ddb	- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2020-07-29 10:35:09 +00:00
Tom Stellard	6edc7d2d0f	Use make macros https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro	2020-07-14 14:08:30 +00:00
Petr Lautrbach	ce0b7236a0	Cancel pending alarm during AVC analyses Previously the alarm was reset only in main DBUS thread and only when a new AVC appeared. In cases when there were several AVC messages in short time, analyses could take more than a default timeout and later analyses were not saved to the database. Now we cancel pending timeouts before analyze_avc() and reset the timeout back to default when it's done. Fixes: $ journalctl \| grep 'sealert -l' setroubleshoot[314039]: SELinux is preventing bash from search access on the directory .local. For complete SELinux messages run: sealert -l ccf3307a-f4ab-4584-87c6-63884daf841a $ sealert -l ccf3307a-f4ab-4584-87c6-63884daf841a Error query_alerts error (1003): id (ccf3307a-f4ab-4584-87c6-63884daf841a) not found	2020-05-27 13:59:07 +02:00
Petr Lautrbach	6882e142b6	tests: Add public_content test Does public_content plugin work as expected with the current setroubleshoot-server?	2020-05-27 13:58:28 +02:00
Miro Hrončok	4810120f39	Rebuilt for Python 3.9	2020-05-26 03:50:21 +02:00
Vit Mojzis	01e036ef43	tests: Add Regression/Report-bugs-on-corresponding-components Policy packages to be used in the test are specified using TEST_PACKAGES variable in the Makefile. Corresponding avc_<package_name> file has to exist for each such package. avc_<package_name> files contain AVCs with "scontext" domain defined in policy module installed by <package_name> RPM. The test verifies that setroubleshoot is able to properly identify the source package.	2020-05-22 13:17:51 +02:00
Vit Mojzis	bb3d75bf71	tests/sealert-s-traceback-invalid-display: remove invalid argument The argument was never used since sealert always crashed on GUI setup, but it iss still better to remove it to avoid issues in the future.	2020-05-13 16:44:48 +02:00
Vit Mojzis	8e35736477	tests: Add Regression/sealert-s-traceback-invalid-display This test should make sure that "sealert -s" does not traceback with DISPLAY set to invalid value.	2020-04-28 15:56:44 +02:00
Vit Mojzis	9c9318679f	setroubleshoot-3.3.23-1 - browser: Check return value of Gdk.Screen().get_default() - Improve and unify error messages - setroubleshoot.util: Catch exceptions from sepolicy import - Add dpkg support - Do not refer to hardcoded selinux-policy rpm in signature - Make date/time format locale specific - Improve speed of plugin evaluation	2020-04-21 22:50:41 +02:00
Petr Lautrbach	3242bcadb0	setroubleshoot-3.3.22-6.fc33 - Do not try to report a bug on None package (#1809801)	2020-03-04 20:26:36 +01:00
Petr Lautrbach	678fd233e3	setroubleshoot-3.3.22-5 - root user doesn't need to use SetroubleshootPrivileged API	2020-02-28 13:37:14 +01:00
Petr Lautrbach	e2dfff1666	setroubleshoot-3.3.22-4 - sealert to report a bug on a package which owns the related SELinux domain https://pagure.io/setroubleshoot/issue/18	2020-02-27 15:04:17 +01:00
Fedora Release Engineering	4759318f5d	- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2020-01-30 23:17:11 +00:00
Petr Lautrbach	61171038c2	setroubleshoot-3.3.22-2 - Log plugin exception traceback when log level is DEBUG - sepolicy.info() returns a generator, not a list (#1784564)	2020-01-11 21:06:38 +01:00
Petr Lautrbach	2751df1935	no-plugin-exception-during-analyses: Fix indentation	2020-01-11 19:46:39 +01:00
Petr Lautrbach	e4ba63e00b	no-plugin-exception-during-analyses: Test sealert -a ./short.log short.log exposes a problem with Plugin Exception in catchall_labels plugin Covers "'generator' object is not subscriptable" in sealert output: $ sealert -a ./short.log 100% done'generator' object is not subscriptable 100% done found 2 alerts in ./short.log ...	2020-01-11 19:28:15 +01:00
Petr Lautrbach	77e7a0320c	tests: Few no-plugin-exception-during-analyses improvements - when first grep fails print journal as well - check for setroubleshoot-server instead of setroubleshoot - improve grep assert to match "passwd" and "/usr/bin/passwd"	2020-01-06 16:05:21 +01:00
Petr Lautrbach	0340721f20	tests: Add Regression/no-plugin-exception-during-analyses to CI tests	2020-01-06 09:52:59 +01:00
Petr Lautrbach	8937bc78c8	tests: Report setroubleshoot-server version during no-plugin-exception-during-analyses	2020-01-06 09:49:41 +01:00
Petr Lautrbach	2602b87ed0	tests: Does setroubleshoot report any 'Plugin Exception' during analyses? This test should cover cases when setroubleshoot reports "Plugin Exception" during analyses, see https://bugzilla.redhat.com/show_bug.cgi?id=1784564 Example log with the reported problem: setroubleshoot[834]: Plugin Exception catchall_labels setroubleshoot[834]: Plugin Exception file setroubleshoot[834]: Plugin Exception openvpn	2020-01-03 15:57:56 +01:00
Petr Lautrbach	1bbd702684	setroubleshoot-3.3.22 - sepolicy.info() returns a generator, not a list (#1784564)	2020-01-02 16:16:57 +01:00
Vit Mojzis	82e602850c	setroubleshoot-3.3.21-1 - Fix AVC.__typeMatch to handle aliases properly - Handle sockets with abstract path properly (#1775135)	2019-12-11 16:39:29 +01:00
Vit Mojzis	7573f5f239	tests: Add Regression/embedded-null-byte-in-audit-records	2019-12-11 16:16:13 +01:00
Miro Hrončok	f13e6870bb	Rebuilt for Python 3.8.0rc1 (#1748018 )	2019-10-03 14:38:42 +02:00
Petr Lautrbach	160875de3e	setroubleshoot-3.3.20-3.fc32 - Use dbus.mainloop.glib.DBusGMainLoop() instead of dbus.glib	2019-08-27 23:22:54 +02:00
Miro Hrončok	e305bc4874	Rebuilt for Python 3.8	2019-08-19 11:05:48 +02:00
Vit Mojzis	24d5048bc1	setroubleshoot-3.3.20-1 - Update "missing" scripts to automake-1.15 - Add active polling for acquiring policy file - Fix translation of hex values in AVCs - require initscripts to ensure that "service" call works properly - Add man page for seapplet - setroubleshoot-server: only require gobject-base	2019-07-26 10:13:32 +02:00
Stephen Gallagher	746ad7cd5d	setroubleshoot-server: only require gobject-base When only the server is being installed, there is no need for the cairo portions of gobject. This change avoids pulling in the X11 stack. Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>	2019-07-25 11:14:51 -04:00
Martin Kutlak	6f74db21dd	Correct the name for libreport Python3 require The name of the package changed after [1]. We kept a provide for libreport-python3 but it will be removed with new release of libreport. [1] https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3#Packages_with_Python_modules Signed-off-by: Martin Kutlak <mkutlak@redhat.com>	2019-07-02 15:19:15 +02:00
Fedora Release Engineering	f8ff97289e	- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2019-02-02 15:14:31 +00:00
				`@ -0,0 +1,2 @@`
				`type=AVC msg=audit(1575985388.869:225): avc: denied { read } for pid=1365 comm="systemd-user-ru" name="secrets" dev="tmpfs" ino=32249 scontext=system_u:system_r:container_logreader_t:s0 tcontext=system_u:object_r:shadow_t:s0:c446,c857 tclass=dir permissive=0`
				`@ -0,0 +1,2 @@`
				`type=AVC msg=audit(1596470053.831:306): avc: denied { unlink } for pid=6304 comm="fapolicyd" name="fapolicyd.pid" dev="tmpfs" ino=37446 scontext=system_u:system_r:fapolicyd_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=0`
				`@ -0,0 +1,2 @@`
				`type=AVC msg=audit(1582621541.469:6896): avc: denied { write } for pid=1627505 comm="python3" name="plautrba" dev="dm-4" ino=19529729 scontext=system_u:system_r:mysqld_t:s0 tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=dir permissive=1`
				`@ -0,0 +1,2 @@`
				`type=AVC msg=audit(1582801464.5:491): avc: denied { map } for pid=5100 comm="bash" path="/usr/bin/bash" dev="vda1" ino=1707663 scontext=system_u:system_r:usbguard_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1`