Compare commits

..

251 Commits

Author SHA1 Message Date
Petr Lautrbach
beb2a71e3f setroubleshoot-3.3.24-1
- Add 'fur' into shipped locales
- Update translations
- Log full reports with correct syslog identifier
- Cancel pending alarm during AVC analyses
2020-10-13 10:10:10 +02:00
Vit Mojzis
5886bbdd11 tests/Regression/Report-bugs: Add new test RPM 2020-08-05 18:05:15 +02:00
Fedora Release Engineering
3502f40970 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-08-01 09:02:16 +00:00
Fedora Release Engineering
eed1173ddb - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-07-29 10:35:09 +00:00
Tom Stellard
6edc7d2d0f Use make macros
https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
2020-07-14 14:08:30 +00:00
Petr Lautrbach
ce0b7236a0 Cancel pending alarm during AVC analyses
Previously the alarm was reset only in main DBUS thread and only when a new AVC
appeared. In cases when there were several AVC messages in short time, analyses
could take more than a default timeout and later analyses were not saved to
the database. Now we cancel pending timeouts before analyze_avc() and reset the
timeout back to default when it's done.

Fixes:
    $ journalctl | grep 'sealert -l'
    setroubleshoot[314039]: SELinux is preventing bash from search access on the directory .local. For complete SELinux messages run: sealert -l ccf3307a-f4ab-4584-87c6-63884daf841a

    $ sealert -l ccf3307a-f4ab-4584-87c6-63884daf841a
    Error
    query_alerts error (1003): id (ccf3307a-f4ab-4584-87c6-63884daf841a) not found
2020-05-27 13:59:07 +02:00
Petr Lautrbach
6882e142b6 tests: Add public_content test
Does public_content plugin work as expected with the current
setroubleshoot-server?
2020-05-27 13:58:28 +02:00
Miro Hrončok
4810120f39 Rebuilt for Python 3.9 2020-05-26 03:50:21 +02:00
Vit Mojzis
01e036ef43 tests: Add Regression/Report-bugs-on-corresponding-components
Policy packages to be used in the test are specified using
TEST_PACKAGES variable in the Makefile. Corresponding avc_<package_name>
file has to exist for each such package.

avc_<package_name> files contain AVCs with "scontext" domain defined
in policy module installed by <package_name> RPM. The test verifies that
setroubleshoot is able to properly identify the source package.
2020-05-22 13:17:51 +02:00
Vit Mojzis
bb3d75bf71 tests/sealert-s-traceback-invalid-display: remove invalid argument
The argument was never used since sealert always crashed on GUI setup,
but it iss still better to remove it to avoid issues in the future.
2020-05-13 16:44:48 +02:00
Vit Mojzis
8e35736477 tests: Add Regression/sealert-s-traceback-invalid-display
This test should make sure that "sealert -s" does not traceback
with DISPLAY set to invalid value.
2020-04-28 15:56:44 +02:00
Vit Mojzis
9c9318679f setroubleshoot-3.3.23-1
- browser: Check return value of Gdk.Screen().get_default()
- Improve and unify error messages
- setroubleshoot.util: Catch exceptions from sepolicy import
- Add dpkg support
- Do not refer to hardcoded selinux-policy rpm in signature
- Make date/time format locale specific
- Improve speed of plugin evaluation
2020-04-21 22:50:41 +02:00
Petr Lautrbach
3242bcadb0 setroubleshoot-3.3.22-6.fc33
- Do not try to report a bug on None package (#1809801)
2020-03-04 20:26:36 +01:00
Petr Lautrbach
678fd233e3 setroubleshoot-3.3.22-5
- root user doesn't need to use SetroubleshootPrivileged API
2020-02-28 13:37:14 +01:00
Petr Lautrbach
e2dfff1666 setroubleshoot-3.3.22-4
- sealert to report a bug on a package which owns the related SELinux domain
  https://pagure.io/setroubleshoot/issue/18
2020-02-27 15:04:17 +01:00
Fedora Release Engineering
4759318f5d - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2020-01-30 23:17:11 +00:00
Petr Lautrbach
61171038c2 setroubleshoot-3.3.22-2
- Log plugin exception traceback when log level is DEBUG
- sepolicy.info() returns a generator, not a list (#1784564)
2020-01-11 21:06:38 +01:00
Petr Lautrbach
2751df1935 no-plugin-exception-during-analyses: Fix indentation 2020-01-11 19:46:39 +01:00
Petr Lautrbach
e4ba63e00b no-plugin-exception-during-analyses: Test sealert -a ./short.log
short.log exposes a problem with Plugin Exception in catchall_labels plugin

Covers "'generator' object is not subscriptable" in sealert output:

    $ sealert -a ./short.log
    100% done'generator' object is not subscriptable
    100% done
    found 2 alerts in ./short.log
    ...
2020-01-11 19:28:15 +01:00
Petr Lautrbach
77e7a0320c tests: Few no-plugin-exception-during-analyses improvements
- when first grep fails print journal as well
- check for setroubleshoot-server instead of setroubleshoot
- improve grep assert to match "passwd" and "/usr/bin/passwd"
2020-01-06 16:05:21 +01:00
Petr Lautrbach
0340721f20 tests: Add Regression/no-plugin-exception-during-analyses to CI tests 2020-01-06 09:52:59 +01:00
Petr Lautrbach
8937bc78c8 tests: Report setroubleshoot-server version during no-plugin-exception-during-analyses 2020-01-06 09:49:41 +01:00
Petr Lautrbach
2602b87ed0 tests: Does setroubleshoot report any 'Plugin Exception' during analyses?
This test should cover cases when setroubleshoot reports "Plugin Exception"
during analyses, see https://bugzilla.redhat.com/show_bug.cgi?id=1784564

Example log with the reported problem:
    setroubleshoot[834]: Plugin Exception catchall_labels
    setroubleshoot[834]: Plugin Exception file
    setroubleshoot[834]: Plugin Exception openvpn
2020-01-03 15:57:56 +01:00
Petr Lautrbach
1bbd702684 setroubleshoot-3.3.22
- sepolicy.info() returns a generator, not a list (#1784564)
2020-01-02 16:16:57 +01:00
Vit Mojzis
82e602850c setroubleshoot-3.3.21-1
- Fix AVC.__typeMatch to handle aliases properly
- Handle sockets with abstract path properly (#1775135)
2019-12-11 16:39:29 +01:00
Vit Mojzis
7573f5f239 tests: Add Regression/embedded-null-byte-in-audit-records 2019-12-11 16:16:13 +01:00
Miro Hrončok
f13e6870bb Rebuilt for Python 3.8.0rc1 (#1748018) 2019-10-03 14:38:42 +02:00
Petr Lautrbach
160875de3e setroubleshoot-3.3.20-3.fc32
- Use dbus.mainloop.glib.DBusGMainLoop() instead of dbus.glib
2019-08-27 23:22:54 +02:00
Miro Hrončok
e305bc4874 Rebuilt for Python 3.8 2019-08-19 11:05:48 +02:00
Vit Mojzis
24d5048bc1 setroubleshoot-3.3.20-1
- Update "missing" scripts to automake-1.15
- Add active polling for acquiring policy file
- Fix translation of hex values in AVCs
- require initscripts to ensure that "service" call works properly
- Add man page for seapplet
- setroubleshoot-server: only require gobject-base
2019-07-26 10:13:32 +02:00
Stephen Gallagher
746ad7cd5d
setroubleshoot-server: only require gobject-base
When only the server is being installed, there is no need for the
cairo portions of gobject. This change avoids pulling in the X11
stack.

Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2019-07-25 11:14:51 -04:00
Martin Kutlak
6f74db21dd Correct the name for libreport Python3 require
The name of the package changed after [1].

We kept a provide for libreport-python3 but it will be removed with new release of libreport.

[1] https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3#Packages_with_Python_modules

Signed-off-by: Martin Kutlak <mkutlak@redhat.com>
2019-07-02 15:19:15 +02:00
Fedora Release Engineering
f8ff97289e - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2019-02-02 15:14:31 +00:00
Petr Lautrbach
e5d099e99c setroubleshoot-3.3.19
- Require plugins >= 3.3.10
2018-12-08 22:54:51 +01:00
Petr Lautrbach
a4ac25c20f setroubleshoot-3.3.18-3
- Update scriptlets to reload auditd after install or uninstall
2018-11-29 11:59:39 +01:00
Petr Lautrbach
ea0d9634a3 Update scriptlets to reload auditd service
When setroubleshoot sedispatch is installed, or updated, auditd needs to be
reloaded so that it runs the new installed plugin. Since auditd needs to know
who reloaded him, `systemctl` can't be used. We need to use `service` script.

This fixes the problem when setroubleshoot is installed, but it doesn't collect
AVC denial messages until the machine is rebooted.

/com/redhat/setroubleshootd interface is not used for years therefore we can
drop it.
2018-11-29 11:54:54 +01:00
Petr Lautrbach
68fd5e93b2 setroubleshoot-3.3.18-2
- Update translations
- Improve myplatform detection in get_os_environment()
2018-09-20 10:49:46 +02:00
Petr Lautrbach
390018d909 setroubleshoot-3.3.18-1
- Move sedispatch.conf to /etc/audit/plugins.d/
- Fix summary and "if" text for AVCs with unknown target path
2018-07-18 22:08:30 +02:00
Petr Lautrbach
e6ad318f5b Disable automatic compilation of Python files in extra directories
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/IDDR65FMKZYZYLL6DGFEKFACC55PELW3/
https://fedoraproject.org/wiki/Packaging:Python_Appendix#Manual_byte_compilation
2018-07-16 13:10:41 +02:00
Fedora Release Engineering
2ac92dadc6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-07-14 06:00:15 +00:00
Miro Hrončok
9402ffe298 Rebuilt for Python 3.7 2018-06-19 11:27:25 +02:00
Petr Lautrbach
8dfd332b08 setroubleshoot-3.3.17-1
- Set auto_save_interval to 5 (#1548913,#1523406,#1539180)
- seapplet: Try send and close notifications (#1541624,#1541719,#1544222,#1539367)
2018-02-26 21:17:57 +01:00
Petr Lautrbach
a6f6a4c670 List gcc in BuildRequires
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/IJFYI5Q2BYZKIGDFS2WLOBDUSEGWHIKV/
https://fedoraproject.org/wiki/Packaging:C_and_C%2B%2B#BuildRequires_and_Requires
2018-02-20 10:20:05 +01:00
Petr Lautrbach
2c1d331cf5 setroubleshoot-3.3.16-1
- Do not show status_icon when there's no alert (#1543758)
- Run seapplet only on SELinux enabled system (#1541631)
- Use context in Gio.AppInfo.launch (#1542156)
2018-02-20 10:04:27 +01:00
Petr Lautrbach
b38f5c7b27 Spec file cleanup
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/MRWOMRZ6KPCV25EFHJ2O67BCCP3L4Y6N/
2018-02-16 13:06:20 +01:00
Igor Gnatenko
5fa4687faf
Remove %clean section
None of currently supported distributions need that.
Last one was EL5 which is EOL for a while.

Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2018-02-14 07:39:16 +01:00
Igor Gnatenko
ac7c38c70b
Escape macros in %changelog
Reference: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/Y2ZUKK2B7T2IKXPMODNF6HB2O5T5TS6H/
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2018-02-09 09:06:16 +01:00
Björn Esser
870ec3c38b
Fix runtime dependency: 's!lipreport!libreport!g' (#1536580)
Prefer %%global over %%define
Remove obsolete %%defattr(-,root,root,-)
2018-01-19 17:59:12 +01:00
Petr Lautrbach
b748a74d0a setroubleshoot-3.3.15
- Rewrite seapplet to Python3 to use Notify and Gtk 3.0
- Add setroubleshoot-seappletlegacy with legacy seappletlegacy based on Gtk 2
- sealert: Finish dbus communication after error
2018-01-19 17:08:56 +01:00
Igor Gnatenko
66eddf963e Remove obsolete scriptlets
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2018-01-06 00:36:21 +01:00
Vit Mojzis
3a2f956a93 Add readme dealing with translations
- Clarify relation between individual repositories containing
translations
- Explain how to use zanata interface on a few important use-cases
2018-01-05 17:25:48 +01:00
Petr Lautrbach
68760e80b6 setroubleshoot-3.3.14-3
- Update translations
2017-11-23 09:08:10 +01:00
Petr Lautrbach
151c346ff4 0001-framework-Update-translations.patch 2017-11-20 07:28:14 +01:00
Petr Lautrbach
ad328e7b5e setroubleshoot-3.3.14-2
- Update translations
2017-11-20 07:25:18 +01:00
Petr Lautrbach
90373a5b74 setroubleshoot-3.3.14-1
- Increase the space for suggested solutions in sealert
- Highlight suggestions with the highest confidence
- Remove additional "If " string from plugin messages
- Fix sealert message for process2 (#1507909)
- Do not change if_string[0] to lowercase
2017-11-18 22:14:01 +01:00
Petr Lautrbach
edbaa86466 Remove unused patches 2017-09-15 10:25:53 +02:00
Petr Lautrbach
d3a05435be setroubleshoot-3.3.13-1
- Don't stop when the plugin directory is empty
- Fix missing margins on Troubleshoot window
- Resize all solutions panels horizontally
- Fix missing priority color for proposed solutions
- Do not split If sentences to framework and plugins - requires
  setroubleshoot-plugins 3.3.8 at least (rhbz#1210243, rhbz#1322734,
hbz#1115510)
- Set translation domain for Gtk.Builder() object to have strings
  correctly translated
- Make labels on GtkButtons translatable
- Handla all exceptions from do_analyze_logfile()
- Fix semi-translated messages
- Update translations
- Do not catch POSIX signals (rhbz#1366004, rhbz#1419245)
2017-09-15 08:02:41 +02:00
Fedora Release Engineering
95f01e48d9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild 2017-08-03 08:21:41 +00:00
Fedora Release Engineering
3b1b354a9e - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild 2017-07-27 18:28:22 +00:00
Petr Lautrbach
36fe5b517c setroubleshoot-3.3.12-1
- Remove "Report bug" button when mozplugger plugin is used (#1290135)
- Change "check_for_man" return value upon failure (#1431191)
- Fix "plugin details" message content
- Add "init_args" function to Plugin
- Fix sealert crash when setroubleshootd fails to start (#1405003)
- Improve obtaining AVC object path
- Fix setroubleshootd.8
- Fix report problem summary string
- sealert - provide a better error message when SELinux is disabled
- Spelling fixes
- Python 3.6 invalid escape sequence deprecation fixes
2017-06-13 16:51:49 +02:00
Petr Lautrbach
2dbc30bae4 Change links from fedorahosted.org to pagure.io 2017-03-02 10:39:06 +01:00
Petr Lautrbach
9a15d74ce0 Remove -S git from %autosetup to prevent FTBFS in rawhide (#1424428) 2017-02-19 13:37:58 +01:00
Fedora Release Engineering
ac3de9585d - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild 2017-02-11 13:20:09 +00:00
Petr Lautrbach
2b98cfec14 Own __pycache__ directory
Resolves: rhbz#1413004
2017-01-16 18:50:37 +01:00
Miro Hrončok
be1dffd065 Rebuild for Python 3.6 2016-12-19 18:20:38 +01:00
Petr Lautrbach
3878bfdd1e setroubleshoot-3.3.11-1
- Fix "list all alerts" in sealert gui (#1370272, #1332485)
- Fix sealert message for capability2 (#1360392)
2016-08-31 15:07:54 +02:00
Fedora Release Engineering
64ebe7704b - https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages 2016-07-19 12:36:30 +00:00
Petr Lautrbach
90b19d66d1 setroubleshoot-3.3.10-1
- setroubleshootd fixed to catch all subprocess exceptions
- Translations updated
2016-07-16 16:04:04 +02:00
Petr Lautrbach
ce9c2af5de setroubleshoot-3.3.9.1-1
- Do not use dangerous shell=True
- Use subprocess.check_output() with a sequence of program arguments
2016-06-21 16:57:35 +02:00
Petr Lautrbach
e68bd478ee setroubleshoot-3.3.8.1-1
- fixed get_all_alerts_ignored()
2016-06-02 18:50:29 +02:00
Petr Lautrbach
3e8751de38 setroubleshoot-3.3.8-1
- added setroubleshootd_log.log_full=True|False directive
- setroubleshootd_log.level and sealert_log.level can be set to
  different values
- get_alert() and get_all_alerts_since() DBUS APIs change to use
  number of microseconds instead of date string
- setroubleshoot.conf cleanup
2016-06-02 15:18:33 +02:00
Petr Lautrbach
288066f917 Move /run/setroubleshoot to setroubleshoot-server
setroubleshootd listens for clients on socket created in
/run/setroubleshoot by default. Therefore this directory and related
tmpfiles.d file belongs to setroubleshoot-server.

Fixes: rhbz#1329550
/bin/sealert[22726]: attempt to open server connection failed: No such
file or directory
2016-05-31 19:03:58 +02:00
Petr Lautrbach
28deddb948 setroubleshoot-3.3.7-1
- Added new methods to DBUS API:
  set_filter(), get_all_alerts_ignored(), delete_alert()
2016-05-18 22:18:31 +02:00
Petr Lautrbach
d6a205f01b setroubleshoot-3.3.6-1
- Translations updated (#1322654)
- Suggest my-<command>.pp modules instead of mypol.pp (#1329037)
2016-05-06 13:59:55 +02:00
Petr Lautrbach
f6e56901ad setroubleshoot-3.3.5-3
- Drop unwanted debug message in sedispatch (#1326985)
2016-04-14 11:28:55 +02:00
Petr Lautrbach
ce197f93a4 setroubleshoot-3.3.5-2
- setroubleshoot: Ensure that dbus string param isn't null
2016-04-07 11:39:16 +02:00
Petr Lautrbach
6143dd987f Ensure that dbus string param isn't null
An alert's level can be None, but DBUS doesn't allow that for
string parameters.

Resolves: https://github.com/fedora-selinux/setroubleshoot/pull/27
2016-04-07 11:32:18 +02:00
Petr Lautrbach
89d148b7e2 setroubleshoot-3.3.5-1
- get_alert() DBUS API extended with more parameters
- sedispatch uses a timeout when collecting audit events (#1322771)
- Use correct packaging for byte compiled files (#1321047)
2016-04-04 21:16:54 +02:00
Petr Lautrbach
c964568ba8 Use correct packaging for byte compiled files
setroubleshoot and setroubleshoot-server use same python directory.
Therefore we need to list all byte compiled files in each sub-package.

Resolves: rhbz#1321047
2016-03-27 23:09:57 +02:00
Petr Lautrbach
dafb5b6519 setroubleshoot-3.3.4
* Thu Feb 11 2016 Petr Lautrbach <plautrba@redhat.com> 3.3.4-1
- fixed traceback in SetroubleshootFixit.py (#1279396)
2016-02-11 14:00:58 +01:00
Fedora Release Engineering
94626bf95d - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild 2016-02-04 23:53:10 +00:00
Petr Lautrbach
a265a5e810 Remove 3.3.2-1 changelog entry 2016-01-21 14:51:54 +01:00
Petr Lautrbach
c408ea6407 setroubleshoot-3.3.3-1
* Thu Jan 21 2016 Petr Lautrbach <plautrba@redhat.com> 3.3.3-1
- fixed few UI browser problems
- extended DBUS API, see DBUS.md
- import MIMEText from the right module (#1297111)
2016-01-21 14:49:31 +01:00
Petr Lautrbach
36ec75fd22 setroubleshoot-3.3.2-1 2016-01-21 14:49:28 +01:00
Peter Robinson
03a0683b83 - Rebuilt for https://fedoraproject.org/wiki/Changes/python3.5 2015-11-10 18:07:24 +00:00
Richard Hughes
1af0470727 Move the AppData file to the right subpackage so it gets used 2015-09-16 17:48:13 +01:00
Miroslav Grepl
91df1b8f65 * Fri Aug 28 2015 Michal Srb <msrb@redhat.com> - 3.3.1-0.2
- Sanitize requires for Python 3
2015-08-28 12:45:01 +02:00
Petr Lautrbach
f37e9eb044 setroubleshoot-3.3.1-0.1
- port setroubleshoot to Python 3
- based on python3 branch fedora-selinux/setroubleshoot
- HEAD e52a05819c4dfe5bdc6998c75780c890ca9ed288
2015-08-18 18:14:09 +02:00
Petr Lautrbach
162fd460fb Change owner of files in /var/lib/setroubleshoot when updating from older release 2015-08-12 17:25:29 +02:00
Petr Lautrbach
da781da597 setroubleshoot-server depends on policycoreutils-python-utils (#1246625)
setroubleshoot-3.2.24-3
2015-07-27 10:41:59 +02:00
Dennis Gilmore
1bef540bf9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild 2015-06-19 00:40:34 +00:00
Petr Lautrbach
ef2d2417ea * Thu Apr 23 2015 Petr Lautrbach <plautrba@redhat.com> 3.2.24-1
- translations updated from https://fedora.zanata.org/project/view/setroubleshoot
- setroubleshoot_database.xml and email_alert_recipients are %ghost again
2015-04-23 15:12:39 +02:00
Petr Lautrbach
06c37a06e3 setroubleshoot_database.xml and email_alert_recipients needs to be
%ghost in order not to overwrite existing files
2015-04-23 15:09:37 +02:00
Petr Lautrbach
0d5986d28b * Thu Apr 09 2015 Petr Lautrbach <plautrba@redhat.com> 3.2.23-1
- setroubleshootd is set to be run as setroubleshoot user instead of root user
- several bugfixes
2015-04-09 15:42:50 +02:00
Richard Hughes
329c7eab28 Add an AppData file for the software center 2015-03-26 16:43:04 +00:00
Petr Lautrbach
b66f1cfa5c * Thu Mar 26 2015 Petr Lautrbach <plautrba@redhat.com> 3.2.22-1
- Ship a symbolic setroubleshoot icon (#1182652)
- Fix get_rpm_nvr_*_temporary functions - CVE-2015-1815 (#1203352)
2015-03-26 09:17:31 +01:00
Petr Lautrbach
579a0b7a35 Provide the policy rpm in Bugzilla bug reports by jfilak@redhat.com
setroubleshoot-3.2.21-1
2015-02-11 11:29:24 +01:00
Kevin Fenzi
f039224019 Rebuild for rpm bug 1131960 2014-08-21 11:49:55 -06:00
Peter Robinson
c51f88e9e4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild 2014-08-18 02:03:34 +00:00
Dan Walsh
b4e6193762 Fix handling of target paths that decode screws up 2014-06-11 05:17:14 -07:00
Dennis Gilmore
11f98dd53a - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild 2014-06-08 01:11:06 -05:00
Dan Walsh
c2e9eb8bae Remove at_console lines from policykit so cockpit can use dbus interfaces. 2014-05-19 09:42:52 -04:00
Miroslav Grepl
d9b3c82f47 Require libreport-gtk >= 2.2.1-2 2014-04-11 07:58:37 +02:00
Miroslav Grepl
3a6a1a6ee6 * Thu Apr 10 2014 Miroslav Grepl <mgrepl@redhat.com> - 3.2.18-1.1
- Add the policy rpm string to the user comments of an already reported bug from jfilak@redhat.com
2014-04-10 16:43:17 +02:00
Dan Walsh
f48447593a Stop sending syslog.LOG_DEBUG Messages unless loglevel is set to debug 2014-03-25 09:12:02 -04:00
Dan Walsh
c0d103c4e0 Fix unicode settings 2014-01-20 17:46:53 -05:00
Dan Walsh
05a8fc5fc8 Remove requires for notify-python and yum 2014-01-07 17:24:46 -05:00
Dan Walsh
dc5526b3dc Don't error out on no policy installed
- Update translations.
2014-01-02 18:22:00 -05:00
Dan Walsh
08bbf91b68 Eliminate requirement on service script. 2014-01-02 13:25:47 -05:00
Dan Walsh
5606f3d4ed Update Lanquages
- Use setup.py in Makefile for setroubleshoot dir
2013-12-03 10:06:42 -05:00
Dan Walsh
417635d010 Update Lanquages
- Use setup.py in Makefile for setroubleshoot dir
2013-12-03 09:55:48 -05:00
Dan Walsh
2918fb83ce Add requires for libreport-python 2013-11-20 10:06:16 -05:00
Dan Walsh
31aefd2430 Add requires for libreport-python 2013-11-20 10:05:53 -05:00
Dan Walsh
eaab26adc9 Add requires for libreport-python 2013-11-20 09:36:13 -05:00
Dan Walsh
49bf583c35 Remove "the the" typo from code.
- Update Translations
2013-09-16 14:57:43 -04:00
Dan Walsh
082ab32e4c Move some of the Requires block down to -server package 2013-09-10 10:55:33 -04:00
Dan Walsh
14da5f414a Fix typo again in audit_data.py
- Make setroubleshoot less noicy in logs
2013-08-05 14:28:15 -04:00
Dan Walsh
39e41a4a3b Fix typo in audit_data.py 2013-08-01 21:39:50 -04:00
Adam Williamson
1e3091af04 fix up RPM changelog date, fix systemd-python requirement versioning 2013-08-01 08:58:19 -07:00
Dan Walsh
4dae46179d Add journald support for OBJECT_ID when logging journal messages
- Update Translations.
2013-07-31 14:40:35 -04:00
Dan Walsh
820ebc2e9c Make audit2allow optional, only requre policycoreutils-python not -devel.
- Update Translations.
2013-05-21 09:52:13 -04:00
Dan Walsh
0776c0272f On update cp instead of rename, since there could be a situation where
someone has ~/.config on a different file sytem then ~.  It has happened.
- Fix --password spelling error
- Remove --quit option from sealert
- Update translations
2013-05-07 15:55:16 -04:00
Dan Walsh
745a96a1db On update cp instead of rename, since there could be a situation where
someone has ~/.config on a different file sytem then ~.  It has happened.
- Fix --password spelling error
- Remove --quit option from sealert
- Update translations
2013-05-07 15:01:30 -04:00
Dan Walsh
07b8e47f99 On update cp instead of rename, since there could be a situation where
someone has ~/.config on a different file sytem then ~.  It has happened.
- Fix --password spelling error
- Remove --quit option from sealert
- Update translations
2013-05-07 14:24:39 -04:00
Dan Walsh
a8fa0aa2cd Fix handling of timeout attempt #2 2013-04-19 13:51:44 -04:00
Dan Walsh
01b7198e1d Fix translations to show in browser 2013-04-19 11:24:17 -04:00
Dan Walsh
0347255963 Fix translations to show in browser 2013-04-19 11:22:45 -04:00
Dan Walsh
c637e61ba2 Fix handling of timeout
- Update Translations
2013-04-19 08:49:08 -04:00
Dan Walsh
f7b12f03ce Fix handling of timeout
- Update Translations
2013-04-19 08:32:49 -04:00
Dan Walsh
7ab3ca40cd Remove old options from setroubleshoot usage statement.
- Update Translations
2013-04-08 15:00:56 -04:00
Dan Walsh
0ab57c14ae Remove old options from setroubleshoot usage statement.
- Update Translations
2013-04-08 14:10:23 -04:00
Dan Walsh
abf12c936e Remove old options from setroubleshoot usage statement.
- Update Translations
2013-04-08 14:01:24 -04:00
Dan Walsh
b485199b61 Fix usage of "it's" versus its in man pages.
- Update Translations

- Remove requirement for setools-libs-python, no longer needed.
2013-03-27 12:14:31 -04:00
Dan Walsh
6a5acd7336 Remove requirement for setools-libs-python, no longer needed. 2013-03-26 13:02:20 -04:00
Dan Walsh
5a67529501 Remove requirement for setools-libs-python, no longer needed. 2013-03-26 11:28:24 -04:00
Dan Walsh
c51057549a Update Translations
- Fix audit2allow -R output to actually work.
2013-03-05 14:00:27 -05:00
Dan Walsh
c161aacacb Fix handling of sesearch data 2013-02-15 11:48:34 -05:00
Dan Walsh
d463db3293 Remove sesearch from package and start using sepolicy from policycoreutils-python
- Fix retrieval of writable types to translate attributes into the group of types available, and not return non file types.
2013-02-04 14:11:28 -05:00
Dan Walsh
cdc4090d18 Remove sesearch from package and start using sepolicy from policycoreutils-python
- Fix retrieval of writable types to translate attributes into the group of types available, and not return non file types.
2013-01-31 14:16:51 -05:00
Dan Walsh
105601e9d4 Update translations.
- Restart auditd service on install and removal
2013-01-22 15:08:39 -05:00
Dan Walsh
09d8f014ad Update translations. 2013-01-14 16:40:51 -05:00
Dan Walsh
db70389507 Require policycoreutils-devel to pull in audit2allow 2013-01-14 16:40:06 -05:00
Dan Walsh
7f5337dcb1 More translation fixes. 2012-07-27 08:09:51 -04:00
Dan Walsh
7d712361d7 More translation fixes. 2012-07-27 07:41:36 -04:00
Dan Walsh
6ae2837091 Fix Translations code to actually show translations 2012-07-25 11:10:22 -04:00
Dan Walsh
91210069f7 Fix translations to actually work 2012-07-25 11:09:29 -04:00
Dennis Gilmore
c1e5257480 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild 2012-07-21 14:25:39 -05:00
Dan Walsh
411d80b880 Change requires to libreport-gtk instead of report-gtk 2012-06-07 14:22:58 -04:00
Dan Walsh
0e2a3bb9b9 Fix crash caused by switching to syslog, and update trans 2012-01-23 13:34:19 -05:00
Dan Walsh
3d294d0f45 remove specific logging and move to syslog
Fix handling of AVC messages broken by fix for memory leaks
2012-01-20 16:01:26 -05:00
Dan Walsh
645442a3a6 remove specific logging and move to syslog
Fix handling of AVC messages broken by fix for memory leaks
2012-01-20 15:45:35 -05:00
Dan Walsh
ca587936ab Fixup for memory leaks 2012-01-17 13:46:09 -05:00
Dan Walsh
7403f4388b Update to latest translations 2012-01-06 09:28:45 -05:00
Dan Walsh
60a40eb56a Update to latest translations 2012-01-06 09:27:14 -05:00
Rex Dieter
28f2ad885c optimize/update scriptlets
don't own icons/hicolor
drop %config tag on applications/*.desktop
2011-12-23 09:43:57 -06:00
Dan Walsh
c6f492a0fd Patch from Mgrepl to stop printable from crashing if None is passed in
Update to latest translations
2011-12-20 13:57:58 +00:00
Dan Walsh
fbc7225a03 Patch from Mgrepl to stop printable from crashing if None is passed in
Update to latest translations
2011-12-19 16:45:34 -05:00
Dan Walsh
d692d158cc Patch from Mgrepl to stop printable from crashing if None is passed in 2011-12-13 16:30:10 -05:00
Dan Walsh
22d57e2e76 Update to latest translations
Fix memory leak in sedispatch
2011-12-08 14:43:21 -05:00
Dan Walsh
fbe8a4b202 Update to latest translations
Fix memory leak in sedispatch
2011-12-08 13:31:27 -05:00
Dan Walsh
84a36601df Update to latest translations 2011-12-05 17:17:03 -05:00
Dan Walsh
1e8d277b8c Set the gobject prg_name for better integration into the desktop 2011-11-11 11:47:18 -05:00
Dan Walsh
f13df42147 Don't report to syslog when sedispatch gets an signal to exit. 2011-11-04 13:08:09 -04:00
Dan Walsh
f8a240b27b Apply Miroslav patch that rewrites sealert option handling with using optparse. Fixing conflicting options problems. 2011-10-27 08:26:38 -04:00
Dan Walsh
c42c750c64 Apply Miroslav patch that rewrites sealert option handling with using optparse. Fixing conflicting options problems. 2011-10-26 15:41:11 -04:00
Dan Walsh
05b395ed50 Fix requires to include pygtk2-libglade 2011-08-26 14:32:05 -04:00
Dan Walsh
31ade72e44 Remove dependancy on X from sedispatch 2011-07-13 16:53:20 -04:00
Dan Walsh
841e2eca02 Move serverconnection.py and FixIt commands from setroubleshoot to setroubleshoot-server
Remove run_cmd.py
2011-06-24 14:35:41 -04:00
Dan Walsh
9944e56fa4 Stop translating strings into bogus hex strings 2011-04-18 17:00:53 -04:00
Dan Walsh
5abe99fa11 Allow browser to close even if windows are still open
Cleanup imports in gui_utils.py
2011-04-13 16:39:19 -04:00
Dan Walsh
8615f8e612 - Cleanup handling of current_alert
- Change Details button to say Plugin\nDetails
2011-02-09 11:10:55 -05:00
Dan Walsh
beaec65585 - Cleanup handling of current_alert
- Change Details button to say Plugin\nDetails
2011-02-09 11:06:12 -05:00
Dennis Gilmore
b9d5aba84d - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild 2011-02-09 07:20:31 -06:00
Dan Walsh
1343fe6e94 - Turn off sensitivity of details button when no AVC's exist 2011-01-26 09:15:56 -05:00
Dan Walsh
36061a7e53 - Add ProtocolError from xmlrpclib so Bugzilla reporting throwing an error will work. 2011-01-24 14:17:51 -05:00
Dan Walsh
78b258f7e6 - Fixup for allow_execstack have to add pid to avc struct 2011-01-18 14:13:43 -05:00
Dan Walsh
09574c5dac - Fix email_alerts to work with new infrastructure 2011-01-18 11:03:41 -05:00
Dan Walsh
e876f5234d - Added details button and context as tooltips to gui on front end for advanced users 2011-01-07 17:16:35 -05:00
Dan Walsh
983a54c27b - Fix man page to reflect change in gui
- Fix sealert -fixit call to import load_plugins
- update translations
- Fix handling of empty tpath in gui
2011-01-06 11:39:09 -05:00
Dan Walsh
39f1aaddd5 - Fix dbus Introspect handling
- Make sealert use terminal for errors when in terminal mode
2010-12-23 10:08:50 -05:00
Dan Walsh
217f3c11b9 - Update Translations 2010-12-22 09:40:45 -05:00
Dan Walsh
b348d93b9b - Fix Details Button
- Fix table display
- Handle situations when you have no spath and tpath
2010-12-22 09:39:48 -05:00
Dan Walsh
7083f0913a - Fix Details Button
- Fix table display
- Handle situations when you have no spath and tpath
2010-12-02 10:41:11 -05:00
Dan Walsh
27cd0be3b3 - Fix dbus config file to allow console to use sealert 2010-11-29 15:26:03 -05:00
Dan Walsh
d1c95fcf92 - Fix dbus config file to allow console to use sealert 2010-11-29 15:25:53 -05:00
Dan Walsh
88b3527a90 - setroubleshoot will create /var/run/setroubleshoot if it does not exist 2010-11-29 11:59:01 -05:00
Dan Walsh
61894ca985 - Ghost /var/run/setroubleshoot 2010-11-24 08:48:10 -05:00
Dan Walsh
97cb36e53d - Update translations
- Allow seapplet to check for updates
2010-11-23 12:00:31 -05:00
Dan Walsh
2ce9dbbca8 - Better handling of tracebacks in terminal mode
- Fix up messages on process and capability avc messages
- Update translations
2010-11-22 11:03:04 -05:00
Dan Walsh
1ab99590b2 - Fix config name 2010-11-19 10:40:18 -05:00
Dan Walsh
fbe8e21164 - Fix crash in sealert with missing log_*
- Report bugzillas in english
2010-11-18 10:01:25 -05:00
Dan Walsh
ebd98a5285 - Fix crash in sealert with missing log_*
- Report bugzillas in english
2010-11-17 16:03:43 -05:00
Dan Walsh
1013279669 - Fix crash in sealert with missing log_*
- Report bugzillas in english
2010-11-17 16:00:21 -05:00
Dan Walsh
8f0907dece - Apply patch from Yuri Chornoivan to fix spelling mistakes
- Remove py files that are no longer used
- Add details button
2010-11-15 13:49:54 -05:00
Dan Walsh
3af8ffa776 - Apply patch from Yuri Chornoivan to fix spelling mistakes
- Remove py files that are no longer used
- Add details button
2010-11-15 12:08:50 -05:00
Dan Walsh
1b4b8ab021 - Apply patch from Yuri Chornoivan to fix spelling mistakes
- Remove py files that are no longer used
- Add details button
2010-11-15 11:59:03 -05:00
Dan Walsh
cf19fc6b55 - Apply patch from Yuri Chornoivan to fix spelling mistakes
- Remove py files that are no longer used
- Add details button
2010-11-15 11:39:39 -05:00
Dan Walsh
3b6d7a89b9 - Fix handling of report_count and ignore button
illa, since report will do the right thing
Resolves: #576927
2010-11-10 13:51:06 -05:00
Dan Walsh
b6c0a8cc7b - Add details button
- Fix deleteall
- Select radiobutton if only one plugin
2010-11-09 17:42:17 -05:00
Dan Walsh
45815cea74 - Remove icons
- Rebuild for new libnotify
2010-11-05 13:55:08 -04:00
Dan Walsh
115fbd91d3 - Remove icons
- Rebuild for new libnotify
2010-11-05 13:30:39 -04:00
Dan Walsh
d48e715fa1 - Remove icons
- Rebuild for new libnotify
2010-11-05 12:01:02 -04:00
Dan Walsh
f26f320f39 - Remove icons
- Rebuild for new libnotify
2010-11-05 11:30:15 -04:00
Dan Walsh
732ce7f6e1 - Remove icons
- Rebuild for new libnotify
2010-11-05 09:22:38 -04:00
Dan Walsh
3df68a9255 - Remove icons
- Rebuild for new libnotify
2010-11-05 07:36:28 -04:00
Dan Walsh
e13345e5ec - Fix handling delete all
- Fix fix it button
- Make ignore button work.
2010-11-02 17:04:49 -04:00
Dan Walsh
ecb677d79d - Fix fix_it call with mispelling of analysis_id 2010-11-01 15:43:14 -04:00
Dan Walsh
6db0d090f8 - Turn on ignore button, add tooltips. Work on alert list. 2010-10-28 17:17:36 -04:00
Dan Walsh
9efb4d216d - Redesign of setroubleshoot 2010-10-27 17:52:43 -04:00
Dan Walsh
061a9a9a42 - Remove default width request so that the app can expand with different langs. 2010-10-18 14:40:09 -04:00
Dan Walsh
aba31891b2 - Remove default width request so that the app can expand with different langs. 2010-10-18 14:37:45 -04:00
Jochen Schmitt
7064c1cae7 - Rebuild for python-2.7 2010-08-25 11:39:22 +02:00
David Malcolm
427e46c1a6 rebuild again for python 2.7 2010-07-30 15:51:19 -04:00
Fedora Release Engineering
22ce20383f dist-git conversion 2010-07-29 12:38:44 +00:00
Daniel J Walsh
6c7078d8c9 - Fix os.exists call in setroubleshoot
- Update po
- Use -s flag in python to prevent using user site directory
2010-07-22 20:48:54 +00:00
Daniel J Walsh
1b15991faf Tju Jul 22 2010 Dan Walsh <dwalsh@redhat.com> - 2.2.91-1 Fix os.exists call
in setroubleshoot
- Update po
- Use -s flag in python to prevent using user site directory
2010-07-22 20:29:39 +00:00
dmalcolm
2aec2d2112 - Rebuilt for
https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
2010-07-22 06:30:01 +00:00
Daniel J Walsh
ceafd3f42e - Fix rpm version of policy 2010-06-22 18:05:21 +00:00
Daniel J Walsh
5463c20e89 - Checking for policy version was going into infinite loop 2010-06-16 20:51:04 +00:00
Daniel J Walsh
f221eabab4 - Add white level, so plugins can tell setroubleshoot to ignore avc 2010-03-15 20:59:23 +00:00
Daniel J Walsh
0461d69b84 - Fix seapplet infinite loop from Tim Eliseo 2010-02-16 21:49:02 +00:00
Daniel J Walsh
4cb656d9dd - Fix requires setools-libs-python line 2010-02-10 14:08:03 +00:00
Daniel J Walsh
7462d1b90f - Fix setroubleshoot seapplet to not show ignored avc 2010-02-04 20:57:58 +00:00
Daniel J Walsh
fb1ab6eb8b - Remove packagekit dependancy 2010-02-02 14:39:25 +00:00
Daniel J Walsh
850ccd40ff - Add Gavin Romig-Koch report patch
- Cleanup Browser window
- Remove avc messages that are allowed or dontaudited in current policy
2010-01-27 21:56:23 +00:00
Daniel J Walsh
c6bd2e52e8 - Remove untest attachfile code
- Catch ProtocolError
2010-01-22 15:08:44 +00:00
Daniel J Walsh
b05263b9c8 - Remove untest attachfile code 2010-01-22 14:01:09 +00:00
Daniel J Walsh
ce41f88e6c - Remove untest attachfile code 2010-01-22 13:56:51 +00:00
Daniel J Walsh
cb7a551db4 - Fix remembering of bugzilla username/password 2010-01-20 19:52:14 +00:00
Daniel J Walsh
264bc612f0 - Fix remembering of bugzilla username/password 2010-01-20 19:49:02 +00:00
Daniel J Walsh
5ad09f50d4 - Remove send_interface from Setroubleshootd.conf 2010-01-19 20:42:17 +00:00
Daniel J Walsh
1a0bcb9da0 - Don't crash on missing inode
- Fix up default_encoding an translations
2010-01-18 21:29:29 +00:00
Daniel J Walsh
2e2f4a63ca - Cleanup spec file
- Add default_encoding
- Fix wording in bug report window
2010-01-13 19:34:42 +00:00
Daniel J Walsh
a230529eef - Fix ignore button
- Add delete button
2009-12-03 21:54:35 +00:00
Daniel J Walsh
160f45de2a - Exit with error code if you run sealert as root and try to connect to
session bus
- Fix Crash when ino is not defined
2009-11-30 16:00:43 +00:00
Bill Nottingham
a363dbde85 Fix typo that causes a failure to update the common directory. (releng
#2781)
2009-11-25 23:15:29 +00:00
Daniel J Walsh
81475d84c5 - Fix bug in substitute code 2009-11-18 15:17:23 +00:00
Daniel J Walsh
b7e4883785 - Fix semanage fcontext lines to substitute "." for " " in path
- Update po
2009-11-16 22:15:54 +00:00
Daniel J Walsh
c5480cba07 - Fix bugzilla reporting to work on RHEL6 2009-11-10 15:53:17 +00:00
Daniel J Walsh
d936921322 - Do not translate hex files
- Catch exception on non dbus system
2009-11-03 16:54:46 +00:00
Daniel J Walsh
0c2a68c923 - Get version correct for both RHEL and Fedora 2009-11-02 15:54:16 +00:00
Daniel J Walsh
9d40617e3b - Fix crash on selinux disabled and bad /etc/redhat-release reporing of
bugzillas
2009-10-30 20:58:09 +00:00
Daniel J Walsh
09adeff70f - Update po
- Fix bugzilla reporting to handle LoadError exception
Thu Oct 15 2009 Dan Walsh <dwalsh@redhat.com> - 2.2.41-1
- Add icon to browser
2009-10-26 14:02:16 +00:00
Daniel J Walsh
3a3fb5ad16 - Add icon to browser 2009-10-15 15:08:42 +00:00
Daniel J Walsh
311202ac0f - Fix up browser button handling when there are 0, 1 or more alerts 2009-10-15 14:25:51 +00:00
Daniel J Walsh
ddd48bc496 - Catch additional bugzilla exception 2009-10-13 21:20:15 +00:00
Daniel J Walsh
cf39ec6677 - Show that the application is starting.
- Fix ignore sealert button
2009-10-08 16:29:39 +00:00
Daniel J Walsh
5672a4b1a6 - Don't throw up an error box if yum cache is not setup 2009-10-07 18:40:26 +00:00
Daniel J Walsh
84bff11185 - Fix Fix It button
- Remove Setroubleshoot: from every heading
2009-10-05 15:32:52 +00:00
Daniel J Walsh
49085e708d - Fix translations, plurals and glade
- Update Po
- Fix plural form
- Add support for Green Plugins
2009-10-01 18:37:56 +00:00
Daniel J Walsh
b630e92433 - Fix translations, plurals and glade 2009-09-29 12:39:15 +00:00
32 changed files with 11267 additions and 4880 deletions

View File

@ -1,70 +0,0 @@
setroubleshoot-2.0.6.tar.gz
setroubleshoot-2.0.8.tar.gz
setroubleshoot-2.0.9.tar.gz
setroubleshoot-2.0.10.tar.gz
setroubleshoot-2.0.11.tar.gz
setroubleshoot-2.0.12.tar.gz
setroubleshoot-2.1.1.tar.gz
setroubleshoot-2.1.2.tar.gz
setroubleshoot-2.1.3.tar.gz
setroubleshoot-2.1.4.tar.gz
setroubleshoot-2.1.5.tar.gz
setroubleshoot-2.1.6.tar.gz
setroubleshoot-2.1.7.tar.gz
setroubleshoot-2.1.8.tar.gz
setroubleshoot-2.1.9.tar.gz
setroubleshoot-2.1.10.tar.gz
setroubleshoot-2.1.11.tar.gz
setroubleshoot-2.1.12.tar.gz
setroubleshoot-2.1.13.tar.gz
setroubleshoot-2.1.14.tar.gz
setroubleshoot-2.2.1.tar.gz
setroubleshoot-2.2.2.tar.gz
setroubleshoot-2.2.7.tar.gz
setroubleshoot-2.2.8.tar.gz
setroubleshoot-2.2.9.tar.gz
setroubleshoot-2.2.10.tar.gz
setroubleshoot-2.2.11.tar.gz
setroubleshoot-2.2.12.tar.gz
setroubleshoot-2.2.13.tar.gz
setroubleshoot-2.2.14.tar.gz
setroubleshoot-2.2.15.tar.gz
setroubleshoot-2.2.16.tar.gz
setroubleshoot-2.2.17.tar.gz
setroubleshoot-2.2.18.tar.gz
setroubleshoot-2.2.19.tar.gz
setroubleshoot-2.2.20.tar.gz
setroubleshoot-2.2.21.tar.gz
setroubleshoot-2.2.22.tar.gz
setroubleshoot-2.2.23.tar.gz
setroubleshoot-2.2.24.tar.gz
setroubleshoot-2.2.26.tar.gz
setroubleshoot-2.2.27.tar.gz
setroubleshoot-2.2.28.tar.gz
setroubleshoot-2.2.30.tar.gz
setroubleshoot-2.2.31.tar.gz
setroubleshoot-2.2.32.tar.gz
setroubleshoot-2.2.33.tar.gz
setroubleshoot-2.2.34.tar.gz
setroubleshoot-2.2.35.tar.gz
setroubleshoot-2.2.36.tar.gz
setroubleshoot-2.2.37.tar.gz
setroubleshoot-2.2.38.tar.gz
setroubleshoot-2.2.39.tar.gz
setroubleshoot-2.2.40.tar.gz
setroubleshoot-2.2.41.tar.gz
setroubleshoot-2.2.42.tar.gz
setroubleshoot-2.2.43.tar.gz
setroubleshoot-2.2.44.tar.gz
setroubleshoot-2.2.45.tar.gz
setroubleshoot-2.2.46.tar.gz
setroubleshoot-2.2.47.tar.gz
setroubleshoot-2.2.48.tar.gz
setroubleshoot-2.2.50.tar.gz
setroubleshoot-2.2.52.tar.gz
setroubleshoot-2.2.55.tar.gz
setroubleshoot-2.2.56.tar.gz
setroubleshoot-2.2.57.tar.gz
setroubleshoot-2.2.58.tar.gz
setroubleshoot-2.2.59.tar.gz
setroubleshoot-2.2.60.tar.gz

211
.gitignore vendored Normal file
View File

@ -0,0 +1,211 @@
setroubleshoot-2.0.6.tar.gz
setroubleshoot-2.0.8.tar.gz
setroubleshoot-2.0.9.tar.gz
setroubleshoot-2.0.10.tar.gz
setroubleshoot-2.0.11.tar.gz
setroubleshoot-2.0.12.tar.gz
setroubleshoot-2.1.1.tar.gz
setroubleshoot-2.1.2.tar.gz
setroubleshoot-2.1.3.tar.gz
setroubleshoot-2.1.4.tar.gz
setroubleshoot-2.1.5.tar.gz
setroubleshoot-2.1.6.tar.gz
setroubleshoot-2.1.7.tar.gz
setroubleshoot-2.1.8.tar.gz
setroubleshoot-2.1.9.tar.gz
setroubleshoot-2.1.10.tar.gz
setroubleshoot-2.1.11.tar.gz
setroubleshoot-2.1.12.tar.gz
setroubleshoot-2.1.13.tar.gz
setroubleshoot-2.1.14.tar.gz
setroubleshoot-2.2.1.tar.gz
setroubleshoot-2.2.2.tar.gz
setroubleshoot-2.2.7.tar.gz
setroubleshoot-2.2.8.tar.gz
setroubleshoot-2.2.9.tar.gz
setroubleshoot-2.2.10.tar.gz
setroubleshoot-2.2.11.tar.gz
setroubleshoot-2.2.12.tar.gz
setroubleshoot-2.2.13.tar.gz
setroubleshoot-2.2.14.tar.gz
setroubleshoot-2.2.15.tar.gz
setroubleshoot-2.2.16.tar.gz
setroubleshoot-2.2.17.tar.gz
setroubleshoot-2.2.18.tar.gz
setroubleshoot-2.2.19.tar.gz
setroubleshoot-2.2.20.tar.gz
setroubleshoot-2.2.21.tar.gz
setroubleshoot-2.2.22.tar.gz
setroubleshoot-2.2.23.tar.gz
setroubleshoot-2.2.24.tar.gz
setroubleshoot-2.2.26.tar.gz
setroubleshoot-2.2.27.tar.gz
setroubleshoot-2.2.28.tar.gz
setroubleshoot-2.2.30.tar.gz
setroubleshoot-2.2.31.tar.gz
setroubleshoot-2.2.32.tar.gz
setroubleshoot-2.2.33.tar.gz
setroubleshoot-2.2.34.tar.gz
setroubleshoot-2.2.35.tar.gz
setroubleshoot-2.2.36.tar.gz
setroubleshoot-2.2.37.tar.gz
setroubleshoot-2.2.38.tar.gz
setroubleshoot-2.2.39.tar.gz
setroubleshoot-2.2.40.tar.gz
setroubleshoot-2.2.41.tar.gz
setroubleshoot-2.2.42.tar.gz
setroubleshoot-2.2.43.tar.gz
setroubleshoot-2.2.44.tar.gz
setroubleshoot-2.2.45.tar.gz
setroubleshoot-2.2.46.tar.gz
setroubleshoot-2.2.47.tar.gz
setroubleshoot-2.2.48.tar.gz
setroubleshoot-2.2.50.tar.gz
setroubleshoot-2.2.52.tar.gz
setroubleshoot-2.2.55.tar.gz
setroubleshoot-2.2.56.tar.gz
setroubleshoot-2.2.57.tar.gz
setroubleshoot-2.2.58.tar.gz
setroubleshoot-2.2.59.tar.gz
setroubleshoot-2.2.60.tar.gz
setroubleshoot-2.2.61.tar.gz
setroubleshoot-2.2.62.tar.gz
setroubleshoot-2.2.63.tar.gz
setroubleshoot-2.2.64.tar.gz
setroubleshoot-2.2.65.tar.gz
setroubleshoot-2.2.66.tar.gz
setroubleshoot-2.2.67.tar.gz
setroubleshoot-2.2.69.tar.gz
setroubleshoot-2.2.70.tar.gz
setroubleshoot-2.2.71.tar.gz
setroubleshoot-2.2.72.tar.gz
setroubleshoot-2.2.73.tar.gz
setroubleshoot-2.2.74.tar.gz
setroubleshoot-2.2.75.tar.gz
setroubleshoot-2.2.76.tar.gz
setroubleshoot-2.2.77.tar.gz
setroubleshoot-2.2.79.tar.gz
setroubleshoot-2.2.80.tar.gz
setroubleshoot-2.2.81.tar.gz
setroubleshoot-2.2.82.tar.gz
setroubleshoot-2.2.83.tar.gz
setroubleshoot-2.2.84.tar.gz
setroubleshoot-2.2.85.tar.gz
setroubleshoot-2.2.86.tar.gz
setroubleshoot-2.2.87.tar.gz
setroubleshoot-2.2.88.tar.gz
setroubleshoot-2.2.89.tar.gz
setroubleshoot-2.2.91.tar.gz
setroubleshoot-2.2.93.tar.gz
/setroubleshoot-2.2.95.tar.gz
/setroubleshoot-2.2.96.tar.gz
/setroubleshoot-2.2.97.tar.gz
/setroubleshoot-2.2.98.tar.gz
/setroubleshoot-2.2.99.tar.gz
/setroubleshoot-2.2.100.tar.gz
/setroubleshoot-2.2.101.tar.gz
/setroubleshoot-2.2.102.tar.gz
/setroubleshoot-3.0.0.tar.gz
/setroubleshoot-3.0.1.tar.gz
/setroubleshoot-3.0.2.tar.gz
/setroubleshoot-3.0.3.tar.gz
/setroubleshoot-3.0.4.tar.gz
/setroubleshoot-3.0.5.tar.gz
/setroubleshoot-3.0.6.tar.gz
/setroubleshoot-3.0.7.tar.gz
/setroubleshoot-3.0.8.tar.gz
/setroubleshoot-3.0.9.tar.gz
/setroubleshoot-3.0.10.tar.gz
/setroubleshoot-3.0.11.tar.gz
/setroubleshoot-3.0.12.tar.gz
/setroubleshoot-3.0.13.tar.gz
/setroubleshoot-3.0.14.tar.gz
/setroubleshoot-3.0.15.tar.gz
/setroubleshoot-3.0.16.tar.gz
/setroubleshoot-3.0.17.tar.gz
/setroubleshoot-3.0.19.tar.gz
/setroubleshoot-3.0.20.tar.gz
/setroubleshoot-3.0.22.tar.gz
/setroubleshoot-3.0.23.tar.gz
/setroubleshoot-3.0.24.tar.gz
/setroubleshoot-3.0.25.tar.gz
/setroubleshoot-3.0.26.tar.gz
/setroubleshoot-3.0.27.tar.gz
/setroubleshoot-3.0.31.tar.gz
/setroubleshoot-3.0.32.tar.gz
/setroubleshoot-3.0.33.tar.gz
/setroubleshoot-3.0.37.tar.gz
/setroubleshoot-3.0.38.tar.gz
/setroubleshoot-3.0.40.tar.gz
/setroubleshoot-3.0.41.tar.gz
/setroubleshoot-3.0.42.tar.gz
/setroubleshoot-3.0.43.tar.gz
/setroubleshoot-3.0.44.tar.gz
/setroubleshoot-3.0.45.tar.gz
/setroubleshoot-3.0.46.tar.gz
/setroubleshoot-3.0.47.tar.gz
/setroubleshoot-3.1.1.tar.gz
/setroubleshoot-3.1.2.tar.gz
/setroubleshoot-3.1.3.tar.gz
/setroubleshoot-3.1.4.tar.gz
/setroubleshoot-3.1.5.tar.gz
/setroubleshoot-3.1.6.tar.gz
/setroubleshoot-3.1.7.tar.gz
/setroubleshoot-3.1.8.tar.gz
/setroubleshoot-3.1.9.tar.gz
/setroubleshoot-3.1.11.tar.gz
/setroubleshoot-3.1.12.tar.gz
/setroubleshoot-3.1.14.tar.gz
/setroubleshoot-3.1.15.tar.gz
/setroubleshoot-3.1.16.tar.gz
/setroubleshoot-3.1.17.tar.gz
/setroubleshoot-3.1.18.tar.gz
/setroubleshoot-3.1.20.tar.gz
/setroubleshoot-3.1.21.tar.gz
/setroubleshoot-3.2.1.tar.gz
/setroubleshoot-3.2.2.tar.gz
/setroubleshoot-3.2.3.tar.gz
/setroubleshoot-3.2.4.tar.gz
/setroubleshoot-3.2.5.tar.gz
/setroubleshoot-3.2.6.tar.gz
/setroubleshoot-3.2.7.tar.gz
/setroubleshoot-3.2.8.tar.gz
/setroubleshoot-3.2.9.tar.gz
/setroubleshoot-3.2.10.tar.gz
/setroubleshoot-3.2.11.tar.gz
/setroubleshoot-3.2.12.tar.gz
/setroubleshoot-3.2.13.tar.gz
/setroubleshoot-3.2.14.tar.gz
/setroubleshoot-3.2.15.tar.gz
/setroubleshoot-3.2.16.tar.gz
/setroubleshoot-3.2.17.tar.gz
/setroubleshoot-3.2.18.tar.gz
/setroubleshoot-3.2.20.tar.gz
/setroubleshoot-3.2.21.tar.gz
/setroubleshoot-3.2.22.tar.gz
/setroubleshoot-3.2.23.tar.gz
/setroubleshoot-3.2.24.tar.gz
/setroubleshoot-3.3.1.tar.gz
/setroubleshoot-3.3.3.tar.gz
/setroubleshoot-3.3.4.tar.gz
/setroubleshoot-3.3.5.tar.gz
/setroubleshoot-3.3.6.tar.gz
/setroubleshoot-3.3.7.tar.gz
/setroubleshoot-3.3.8.tar.gz
/setroubleshoot-3.3.8.1.tar.gz
/setroubleshoot-3.3.9.1.tar.gz
/setroubleshoot-3.3.10.tar.gz
/setroubleshoot-3.3.11.tar.gz
/setroubleshoot-3.3.12.tar.gz
/setroubleshoot-3.3.13.tar.gz
/setroubleshoot-3.3.14.tar.gz
/setroubleshoot-3.3.15.tar.gz
/setroubleshoot-3.3.16.tar.gz
/setroubleshoot-3.3.17.tar.gz
/setroubleshoot-3.3.18.tar.gz
/setroubleshoot-3.3.19.tar.gz
/setroubleshoot-3.3.20.tar.gz
/setroubleshoot-3.3.21.tar.gz
/setroubleshoot-3.3.22.tar.gz
/setroubleshoot-3.3.23.tar.gz
/setroubleshoot-3.3.24.tar.gz

File diff suppressed because it is too large Load Diff

View File

@ -1,21 +0,0 @@
# Makefile for source rpm: setroubleshoot
# $Id: Makefile,v 1.2 2007/10/15 19:22:37 notting Exp $
NAME := setroubleshoot
SPECFILE = $(firstword $(wildcard *.spec))
define find-makefile-common
for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
endef
MAKEFILE_COMMON := $(shell $(find-makefile-common))
ifeq ($(MAKEFILE_COMMON),)
# attempt a checkout
define checkout-makefile-common
test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
endef
MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
endif
include $(MAKEFILE_COMMON)

29
README.translations Normal file
View File

@ -0,0 +1,29 @@
Setroubleshoot translations currently live in the following locations:
- https://fedora.zanata.org/project/view/setroubleshoot
- contains translations for both stable (RHEL) and master (Fedora) branches
- maintains large number of languages (several of which do not actually contain any translated strings)
- updated by community and partially by RH localization effort
- setroubleshoot source repositories (https://pagure.io/setroubleshoot and https://github.com/fedora-selinux/setroubleshoot)
- is kept up-to-date with fedora.zanata
How to update source files on fedora.zanata:
$ git clone git@github.com:fedora-selinux/setroubleshoot.git
$ cd setroubleshoot/framework
# Update Makefile
$ ./autogen.sh
# generate new potfile
$ cd po
$ make setroubleshoot.pot
# Repeat the process for plugins
# Push potfiles to zanata
$ zanata-cli push --push-type source
How to pull new translations from zanata
$ git clone git@github.com:fedora-selinux/setroubleshoot.git
$ cd setroubleshoot
# Make sure "zanata.xml" file pointing to corresponding translations branch is present
# Optionally update source files on zanata
# Pull new translations from zanata
$ zanata-cli -e pull --pull-type trans

1
branch
View File

@ -1 +0,0 @@
F-12

File diff suppressed because it is too large Load Diff

26
setroubleshoot-po.patch Normal file
View File

@ -0,0 +1,26 @@
diff -up setroubleshoot-3.2.14/po/bn_IN.po~ setroubleshoot-3.2.14/po/bn_IN.po
--- setroubleshoot-3.2.14/po/bn_IN.po~ 2013-11-20 10:01:40.717181224 -0500
+++ setroubleshoot-3.2.14/po/bn_IN.po 2013-11-20 10:02:47.154195170 -0500
@@ -165,9 +165,7 @@ msgstr "উৎসের পà§<C3A0>রকà§<C3A0>à
#: ../src/browser.py:269
msgid "Attempted Access"
-msgstr ""
-"\n"
-"বà§<C3A0>যবহারের পà§<C3A0>রয়াস\n"
+msgstr "বà§<C3A0>যবহারের পà§<C3A0>রয়াস"
#: ../src/browser.py:269
msgid "On this"
@@ -222,9 +220,8 @@ msgstr ""
msgid ""
"Report\n"
"Bug"
-msgstr ""
-"বাগ সমà§<C3A0>পরà§<C3A0>কে\n"
-"সূচিত করà§<C3A0>ন\n"
+msgstr "বাগ সমà§<C3A0>পরà§<C3A0>কে\n"
+"সূচিত করà§<C3A0>ন"
#: ../src/browser.py:543
#, python-format

View File

@ -1,26 +0,0 @@
diff -up setroubleshoot-2.2.60/src/browser.py~ setroubleshoot-2.2.60/src/browser.py
--- setroubleshoot-2.2.60/src/browser.py~ 2010-01-22 09:20:37.000000000 -0500
+++ setroubleshoot-2.2.60/src/browser.py 2010-01-29 09:16:08.000000000 -0500
@@ -147,9 +147,7 @@ class BugReport:
return retval
except CommunicationError, e:
msg = _("Your bug could not be filed due to the following error when communicating with bugzilla:\n\n%s" % str(e))
- except ProtocolError, e:
- msg = _("Your bug could not be filed due to the following error when communicating with bugzilla:\n\n%s" % str(e))
- FailDialog(msg)
+ FailDialog(msg)
return -1
diff -up setroubleshoot-2.2.60/src/filer.py~ setroubleshoot-2.2.60/src/filer.py
--- setroubleshoot-2.2.60/src/filer.py~ 2009-12-21 11:28:48.000000000 -0500
+++ setroubleshoot-2.2.60/src/filer.py 2010-01-29 09:15:40.000000000 -0500
@@ -339,7 +339,7 @@ class BugzillaFiler(AbstractFiler):
try:
self._bz = bugzilla.Bugzilla(url=self.bugUrl)
retval = self._bz.login(username, password)
- except ProtocolError, e:
+ except xmlrpclib.ProtocolError, e:
raise CommunicationError(str(e))
except socket.error, e:
raise CommunicationError(str(e))

File diff suppressed because it is too large Load Diff

1
setroubleshoot.tmpfiles Normal file
View File

@ -0,0 +1 @@
d /run/setroubleshoot 711 setroubleshoot setroubleshoot -

View File

@ -1 +1 @@
6e5b39bed02d14e1c44a630cfcb3c305 setroubleshoot-2.2.60.tar.gz
SHA512 (setroubleshoot-3.3.24.tar.gz) = ba96206fe135a719b685c825a69ebf7f9f6d99c6a24fb135763da9cee5ad14b1afdca5da1465374d327eb51ff830727a20b79ec51902e50f2e790661c63c0a0d

View File

@ -0,0 +1,68 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /CoreOS/setroubleshoot/Regression/Report-bugs-on-corresponding-components
# Description: Can sealert identify source RPM of AVC domain type?
# Author: Vit Mojzis <vmojzis@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2020 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/CoreOS/setroubleshoot/Regression/Report-bugs-on-corresponding-components
export TESTVERSION=1.0
# Policy packages to be used in testing
# The followng export does not work properly in Fedora CI - relying on fallback in runtest.sh
# export TEST_PACKAGES ?= flatpak-selinux tpm2-abrmd-selinux container-selinux usbguard-selinux mysql-selinux
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile avc_flatpak-selinux avc_tpm2-abrmd-selinux avc_container-selinux avc_usbguard-selinux avc_mysql-selinux avc_fapolicyd-selinux
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Vit Mojzis <vmojzis@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: Test for BZ#1811644 (Let setroubleshoot to report bugs on components)" >> $(METADATA)
@echo "Type: Regression" >> $(METADATA)
@echo "TestTime: 5m" >> $(METADATA)
@echo "RunFor: setroubleshoot" >> $(METADATA)
@echo "Requires: setroubleshoot-server flatpak-selinux tpm2-abrmd-selinux container-selinux usbguard-selinux mysql-selinux fapolicyd-selinux" >> $(METADATA)
@echo "Requires: $(TEST_PACKAGES)" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2+" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Bug: 1811644" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5 -RHEL6 -RHEL7 -RHEL7" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -0,0 +1,2 @@
type=AVC msg=audit(1575985388.869:225): avc: denied { read } for pid=1365 comm="systemd-user-ru" name="secrets" dev="tmpfs" ino=32249 scontext=system_u:system_r:container_logreader_t:s0 tcontext=system_u:object_r:shadow_t:s0:c446,c857 tclass=dir permissive=0

View File

@ -0,0 +1,2 @@
type=AVC msg=audit(1596470053.831:306): avc: denied { unlink } for pid=6304 comm="fapolicyd" name="fapolicyd.pid" dev="tmpfs" ino=37446 scontext=system_u:system_r:fapolicyd_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=0

View File

@ -0,0 +1,2 @@
type=AVC msg=audit(1575985388.869:225): avc: denied { connect } for pid=1365 comm="systemd-user-ru" name="secrets" dev="tmpfs" ino=32249 scontext=system_u:system_r:flatpak_helper_t:s0 tcontext=system_u:object_r:shadow_t:s0:c446,c857 tclass=socket permissive=0

View File

@ -0,0 +1,2 @@
type=AVC msg=audit(1582621541.469:6896): avc: denied { write } for pid=1627505 comm="python3" name="plautrba" dev="dm-4" ino=19529729 scontext=system_u:system_r:mysqld_t:s0 tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=dir permissive=1

View File

@ -0,0 +1,2 @@
type=AVC msg=audit(1575985388.869:225): avc: denied { connect } for pid=1365 comm="systemd-user-ru" name="secrets" dev="tmpfs" ino=32249 scontext=system_u:system_r:tabrmd_t:s0 tcontext=system_u:object_r:shadow_t:s0:c446,c857 tclass=socket permissive=0

View File

@ -0,0 +1,2 @@
type=AVC msg=audit(1582801464.5:491): avc: denied { map } for pid=5100 comm="bash" path="/usr/bin/bash" dev="vda1" ino=1707663 scontext=system_u:system_r:usbguard_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1

View File

@ -0,0 +1,79 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/setroubleshoot/Regression/Report-bugs-on-corresponding-components
# Description: Can sealert identify source RPM of AVC domain type?
# Author: Vit Mojzis <vmojzis@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2020 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/bin/rhts-environment.sh || exit 1
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="setroubleshoot"
if [ -z "${TEST_PACKAGES+set}" ];
then PACKAGES=(flatpak-selinux tpm2-abrmd-selinux container-selinux usbguard-selinux mysql-selinux fapolicyd-selinux)
else PACKAGES=(${TEST_PACKAGES[@]})
fi
#corresponding module names
#MODULES=(flatpak tabrmd container usbguard mysql)
# <rpm package> - <selinux module> - <domain type>
# flatpak-selinux - flatpak - flatpak_helper_t
# tpm2-abrmd-selinux - tabrmd - tabrmd_t
# container-selinux - container - docker_t
# usbguard-selinux - usbguard - usbguard_t -- fedora only
# mysql-selinux - mysql - mysql_t -- fedora only
rlJournalStart
rlPhaseStartSetup
rlAssertRpm $PACKAGE
OUTPUT_FILE=`mktemp`
# Package installation is handled by Makefile for now
# install availlable policy packages
# for RPM in ${PACKAGES[@]};
# do
# sudo dnf install -y ${RPM} || continue
# done
rlPhaseEnd
rlPhaseStartTest
for RPM in ${PACKAGES[@]};
do
# run only for policies that are installed
rpm -q ${RPM} >& /dev/null
if [ $? -ne 0 ]; then echo "${RPM} not installed! Skipping."; continue; fi
rlRun "sealert -a ./avc_${RPM} 2>&1 | tee ${OUTPUT_FILE} | grep \"Local Policy RPM\""
if [ $? -ne 0 ]; then cat ${OUTPUT_FILE}; fi
# test if correct rpm was identified
rlRun "grep -i \"Local Policy RPM\" ${OUTPUT_FILE} | grep \"$RPM\S*$\" -o"
done
rlPhaseEnd
rlPhaseStartCleanup
rm -f ${OUTPUT_FILE}
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

View File

@ -0,0 +1,657 @@
type=USER_END msg=audit(1574410625.429:1286): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574410625.430:1287): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574410625.686:1288): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_START msg=audit(1574410625.687:1289): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574410625.688:1290): pid=10314 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10314 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574410625.688:1291): pid=10314 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10314 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574410625.688:1292): pid=10314 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10314 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574410625.689:1293): pid=10314 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_END msg=audit(1574410626.111:1294): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574410626.112:1295): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574410626.349:1296): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_START msg=audit(1574410626.351:1297): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574410626.352:1298): pid=10327 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10327 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574410626.352:1299): pid=10327 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10327 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574410626.352:1300): pid=10327 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10327 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574410626.353:1301): pid=10327 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_END msg=audit(1574410626.763:1302): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574410626.764:1303): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574410627.020:1304): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_START msg=audit(1574410627.021:1305): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574410627.023:1306): pid=10334 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10334 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574410627.023:1307): pid=10334 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10334 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574410627.023:1308): pid=10334 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10334 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574410627.024:1309): pid=10334 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=FS_RELABEL msg=audit(1574410638.448:1310): pid=10341 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=mass relabel exe="/usr/sbin/setfiles" hostname=? addr=? terminal=? res=success'
type=USER_END msg=audit(1574410638.793:1311): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574410638.794:1312): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574410639.119:1313): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_START msg=audit(1574410639.120:1314): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574410639.121:1315): pid=10343 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10343 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574410639.121:1316): pid=10343 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10343 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574410639.121:1317): pid=10343 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10343 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574410639.123:1318): pid=10343 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_END msg=audit(1574410639.854:1319): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574410639.855:1320): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574410640.278:1321): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_START msg=audit(1574410640.279:1322): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574410640.280:1323): pid=10350 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10350 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574410640.280:1324): pid=10350 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10350 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574410640.280:1325): pid=10350 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10350 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574410640.281:1326): pid=10350 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_END msg=audit(1574410640.699:1327): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574410640.700:1328): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574410640.964:1329): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_START msg=audit(1574410640.965:1330): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574410640.967:1331): pid=10357 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10357 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574410640.967:1332): pid=10357 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10357 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574410640.967:1333): pid=10357 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10357 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574410640.968:1334): pid=10357 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_END msg=audit(1574410641.402:1335): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574410641.403:1336): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574410641.668:1337): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_START msg=audit(1574410641.670:1338): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574410641.671:1339): pid=10364 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10364 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574410641.671:1340): pid=10364 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10364 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574410641.671:1341): pid=10364 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10364 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574410641.672:1342): pid=10364 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_END msg=audit(1574410642.088:1343): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574410642.089:1344): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574410642.378:1345): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_START msg=audit(1574410642.379:1346): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574410642.380:1347): pid=10371 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10371 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574410642.380:1348): pid=10371 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10371 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574410642.380:1349): pid=10371 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10371 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574410642.381:1350): pid=10371 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_END msg=audit(1574410642.798:1351): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574410642.799:1352): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574410643.576:1353): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_START msg=audit(1574410643.577:1354): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574410643.578:1355): pid=10378 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=10378 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574410643.578:1356): pid=10378 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=10378 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574410643.578:1357): pid=10378 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=10378 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574410643.580:1358): pid=10378 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=SERVICE_START msg=audit(1574410644.001:1359): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-shutdownd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=USER_END msg=audit(1574410644.178:1360): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574410644.178:1361): pid=8559 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-204-48.brq.redhat.com addr=10.40.204.48 terminal=ssh res=success'
type=SERVICE_START msg=audit(1574410704.009:1362): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhel-dmesg comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.009:1363): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhel-dmesg comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574410704.044:1364): pid=796 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=796 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574410704.044:1365): pid=796 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=796 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574410704.044:1366): pid=796 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=796 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.081:1367): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=crond comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.081:1368): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=crond comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.082:1369): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=polkit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.082:1370): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=polkit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.083:1371): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=chronyd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.083:1372): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=chronyd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.085:1373): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=serial-getty@ttyS0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.085:1374): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=serial-getty@ttyS0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.088:1375): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=getty@tty1 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.088:1376): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=getty@tty1 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.089:1377): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rsyslog comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.089:1378): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rsyslog comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.090:1379): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sshd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.090:1380): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sshd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.097:1381): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhsmcertd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.097:1382): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhsmcertd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.110:1383): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sshd-keygen comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.110:1384): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sshd-keygen comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.116:1385): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-logind comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.116:1386): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-logind comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.128:1387): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-user-sessions comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.128:1388): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-user-sessions comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.187:1389): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=plymouth-poweroff comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.213:1390): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=postfix comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.213:1391): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=postfix comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.356:1392): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhnsd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.356:1393): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhnsd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.360:1394): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=tuned comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.360:1395): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=tuned comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.702:1396): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=network comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.702:1397): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=network comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.703:1398): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-wait-online comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.703:1399): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-wait-online comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.714:1400): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.714:1401): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.718:1402): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=dbus comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.719:1403): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=dbus comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.724:1404): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhel-domainname comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.724:1405): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhel-domainname comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.725:1406): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=selinux-policy-migrate-local-changes@targeted comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.725:1407): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=selinux-policy-migrate-local-changes@targeted comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.726:1408): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-vconsole-setup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.726:1409): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-vconsole-setup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.727:1410): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-done comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.727:1411): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-done comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.727:1412): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-journal-catalog-update comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.727:1413): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-journal-catalog-update comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.729:1414): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hwdb-update comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.729:1415): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hwdb-update comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.732:1416): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-sysctl comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.732:1417): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-sysctl comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SYSTEM_SHUTDOWN msg=audit(1574410704.735:1418): pid=10553 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="systemd-update-utmp" exe="/usr/lib/systemd/systemd-update-utmp" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.739:1419): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-random-seed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.739:1420): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-random-seed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574410704.740:1421): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-utmp comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574410704.740:1422): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-utmp comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=DAEMON_END msg=audit(1574410704.743:1004): op=terminate auid=0 pid=1 subj=system_u:system_r:init_t:s0 res=success
type=DAEMON_START msg=audit(1574672213.672:5618): op=start ver=2.8.5 format=raw kernel=3.10.0-1111.el7.x86_64 auid=4294967295 pid=440 uid=0 ses=4294967295 subj=system_u:system_r:auditd_t:s0 res=success
type=CONFIG_CHANGE msg=audit(1574672213.892:5): audit_backlog_limit=8192 old=64 auid=4294967295 ses=4294967295 subj=system_u:system_r:unconfined_service_t:s0 res=1
type=CONFIG_CHANGE msg=audit(1574672213.892:6): audit_failure=1 old=1 auid=4294967295 ses=4294967295 subj=system_u:system_r:unconfined_service_t:s0 res=1
type=SERVICE_START msg=audit(1574672213.898:7): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=auditd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SYSTEM_BOOT msg=audit(1574672213.918:8): pid=503 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="systemd-update-utmp" exe="/usr/lib/systemd/systemd-update-utmp" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672213.923:9): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-utmp comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672213.943:10): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=irqbalance comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672214.034:11): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=dbus comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672214.045:12): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rngd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672214.072:13): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rpcbind comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574672214.076:14): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=irqbalance comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672214.089:15): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=gssproxy comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672214.102:16): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhel-dmesg comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672214.162:17): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-logind comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672214.195:18): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=chronyd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672214.206:19): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=polkit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672215.255:20): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=cloud-init-local comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672215.327:21): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672215.436:22): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672215.465:23): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672215.742:24): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-wait-online comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672216.407:25): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=network comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672216.448:26): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhsmcertd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672216.471:27): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=restraintd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672217.742:28): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=tuned comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672217.985:29): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=postfix comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672218.213:30): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=cloud-init comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672218.263:31): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-user-sessions comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672218.274:32): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=crond comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672218.355:33): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=plymouth-start comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574672218.355:34): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=plymouth-start comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672218.368:35): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rpc-statd-notify comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574672218.368:36): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rpc-statd-notify comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672218.369:37): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=plymouth-quit-wait comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574672218.369:38): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=plymouth-quit-wait comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672218.370:39): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=plymouth-quit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574672218.370:40): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=plymouth-quit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672218.372:41): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=getty@tty1 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672218.373:42): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=serial-getty@ttyS0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672218.412:43): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=sshd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672218.445:44): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rsyslog comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672218.654:45): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=rhnsd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SYSTEM_RUNLEVEL msg=audit(1574672218.706:46): pid=1158 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='old-level=N new-level=3 comm="systemd-update-utmp" exe="/usr/lib/systemd/systemd-update-utmp" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672218.709:47): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-utmp-runlevel comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574672218.709:48): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-update-utmp-runlevel comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672219.065:49): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=cloud-config comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672219.376:50): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=cloud-final comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672219.496:51): pid=1310 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=1310 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672219.496:52): pid=1310 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=1310 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672219.496:53): pid=1310 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=1310 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574672219.603:54): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=1310 suid=74 rport=57270 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574672219.603:55): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=1310 suid=74 rport=57270 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
type=USER_AUTH msg=audit(1574672220.227:56): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth rport=57270 acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
type=USER_AUTH msg=audit(1574672220.227:57): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=key algo=ssh-rsa size=2048 fp=SHA256:f6:3d:5b:97:0b:77:c1:ca:d1:88:66:19:43:b6:46:bb:d6:b1:9b:77:03:92:51:fa:ff:3e:1c:f8:47:bc:0b:31 rport=57270 acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
type=USER_ACCT msg=audit(1574672220.242:58): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574672220.246:59): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=1310 suid=74 rport=57270 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
type=USER_AUTH msg=audit(1574672220.248:60): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=ssh res=success'
type=CRED_ACQ msg=audit(1574672220.252:61): pid=1305 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=LOGIN msg=audit(1574672220.253:62): pid=1305 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=1 res=1
type=USER_ROLE_CHANGE msg=audit(1574672220.426:63): pid=1305 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_START msg=audit(1574672220.470:64): pid=1305 uid=0 auid=0 ses=1 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574672220.739:65): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_START msg=audit(1574672220.741:66): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574672220.743:67): pid=1895 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=1895 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672220.744:68): pid=1895 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=1895 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672220.744:69): pid=1895 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=1895 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574672220.746:70): pid=1895 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_END msg=audit(1574672220.910:71): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=CRED_DISP msg=audit(1574672220.911:72): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_END msg=audit(1574672220.913:73): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574672220.915:74): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574672220.915:75): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=1305 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672220.915:76): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=1305 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672220.915:77): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=1305 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672220.915:78): pid=1305 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=1305 suid=0 rport=57270 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672221.181:79): pid=2142 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2142 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672221.181:80): pid=2142 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2142 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672221.181:81): pid=2142 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2142 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574672221.282:82): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2142 suid=74 rport=57302 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574672221.282:83): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2142 suid=74 rport=57302 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672221.557:84): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2142 suid=74 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672221.557:85): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=2142 suid=74 rport=57302 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672221.560:86): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2097 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672221.560:87): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2097 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672221.560:88): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2097 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=USER_LOGIN msg=audit(1574672221.560:89): pid=2097 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=ssh res=failed'
type=CRYPTO_KEY_USER msg=audit(1574672221.579:90): pid=2156 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2156 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672221.579:91): pid=2156 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2156 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672221.579:92): pid=2156 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2156 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574672221.675:93): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2156 suid=74 rport=57300 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574672221.675:94): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2156 suid=74 rport=57300 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672221.943:95): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2156 suid=74 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672221.943:96): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=2156 suid=74 rport=57300 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672221.944:97): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2098 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672221.944:98): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2098 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672221.944:99): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2098 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=USER_LOGIN msg=audit(1574672221.945:100): pid=2098 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=ssh res=failed'
type=CRYPTO_KEY_USER msg=audit(1574672221.960:101): pid=2165 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2165 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672221.960:102): pid=2165 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2165 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672221.960:103): pid=2165 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2165 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574672222.056:104): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2165 suid=74 rport=57304 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574672222.056:105): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2165 suid=74 rport=57304 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672222.337:106): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2165 suid=74 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672222.337:107): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=2165 suid=74 rport=57304 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672222.339:108): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2099 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672222.339:109): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2099 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672222.339:110): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2099 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=USER_LOGIN msg=audit(1574672222.339:111): pid=2099 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=ssh res=failed'
type=CRYPTO_KEY_USER msg=audit(1574672222.480:112): pid=2266 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2266 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672222.480:113): pid=2266 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2266 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672222.480:114): pid=2266 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2266 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574672222.594:115): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2266 suid=74 rport=57312 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574672222.594:116): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=2266 suid=74 rport=57312 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
type=USER_AUTH msg=audit(1574672223.224:117): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth rport=57312 acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
type=USER_AUTH msg=audit(1574672223.224:118): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=key algo=ssh-rsa size=2048 fp=SHA256:f6:3d:5b:97:0b:77:c1:ca:d1:88:66:19:43:b6:46:bb:d6:b1:9b:77:03:92:51:fa:ff:3e:1c:f8:47:bc:0b:31 rport=57312 acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
type=USER_ACCT msg=audit(1574672223.234:119): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574672223.235:120): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=2266 suid=74 rport=57312 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
type=USER_AUTH msg=audit(1574672223.237:121): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=ssh res=success'
type=CRED_ACQ msg=audit(1574672223.240:122): pid=2262 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=LOGIN msg=audit(1574672223.240:123): pid=2262 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=2 res=1
type=USER_ROLE_CHANGE msg=audit(1574672223.405:124): pid=2262 uid=0 auid=0 ses=2 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_START msg=audit(1574672223.453:125): pid=2262 uid=0 auid=0 ses=2 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574672223.683:126): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_START msg=audit(1574672223.685:127): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574672223.704:128): pid=2558 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2558 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672223.704:129): pid=2558 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2558 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672223.704:130): pid=2558 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2558 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574672223.711:131): pid=2558 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_END msg=audit(1574672223.892:132): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574672223.893:133): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574672224.017:134): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_START msg=audit(1574672224.018:135): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574672224.023:136): pid=2586 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2586 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672224.023:137): pid=2586 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2586 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672224.023:138): pid=2586 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2586 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574672224.024:139): pid=2586 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_END msg=audit(1574672224.589:140): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574672224.589:141): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574672224.713:142): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_START msg=audit(1574672224.714:143): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574672224.715:144): pid=2785 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2785 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672224.715:145): pid=2785 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2785 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672224.715:146): pid=2785 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2785 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574672224.721:147): pid=2785 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_END msg=audit(1574672224.881:148): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574672224.882:149): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574672225.004:150): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_START msg=audit(1574672225.006:151): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574672225.013:152): pid=2897 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2897 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672225.013:153): pid=2897 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2897 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672225.013:154): pid=2897 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2897 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574672225.015:155): pid=2897 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_END msg=audit(1574672225.346:156): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574672225.347:157): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574672225.473:158): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_START msg=audit(1574672225.475:159): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574672225.479:160): pid=3006 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=3006 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672225.479:161): pid=3006 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=3006 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672225.479:162): pid=3006 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=3006 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574672225.480:163): pid=3006 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_END msg=audit(1574672225.628:164): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574672225.629:165): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574672225.755:166): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_START msg=audit(1574672225.756:167): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574672225.768:168): pid=3070 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=3070 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672225.768:169): pid=3070 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=3070 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672225.768:170): pid=3070 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=3070 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574672225.770:171): pid=3070 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_END msg=audit(1574672226.329:172): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574672226.331:173): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=USER_END msg=audit(1574672226.353:174): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=CRED_DISP msg=audit(1574672226.357:175): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=liver3.lab.eng.brq.redhat.com addr=2620:52:0:2580:1602:ecff:fe3f:e710 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574672226.357:176): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=2262 suid=0 rport=57312 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.37.128.108 terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672226.357:177): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=2262 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672226.357:178): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=2262 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574672226.357:179): pid=2262 uid=0 auid=0 ses=2 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=2262 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574672236.042:180): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574672240.878:181): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=kdump comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574672255.229:182): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=USER_ACCT msg=audit(1574672462.013:183): pid=8783 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_localuser acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
type=CRED_ACQ msg=audit(1574672462.013:184): pid=8783 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
type=LOGIN msg=audit(1574672462.014:185): pid=8783 uid=0 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=3 res=1
type=USER_START msg=audit(1574672462.041:186): pid=8783 uid=0 auid=0 ses=3 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_loginuid,pam_keyinit,pam_limits,pam_systemd acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
type=CRED_REFR msg=audit(1574672462.042:187): pid=8783 uid=0 auid=0 ses=3 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
type=CRED_DISP msg=audit(1574672462.080:188): pid=8783 uid=0 auid=0 ses=3 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
type=USER_END msg=audit(1574672462.082:189): pid=8783 uid=0 auid=0 ses=3 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_loginuid,pam_keyinit,pam_limits,pam_systemd acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
type=SERVICE_START msg=audit(1574673147.110:190): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-tmpfiles-clean comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_STOP msg=audit(1574673147.110:191): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-tmpfiles-clean comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674924.305:192): pid=21112 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21112 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674924.305:193): pid=21112 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21112 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674924.305:194): pid=21112 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21112 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574674924.416:195): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=21112 suid=74 rport=43828 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574674924.417:196): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=21112 suid=74 rport=43828 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674924.931:197): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21112 suid=74 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674924.931:198): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21112 suid=74 rport=43828 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674924.934:199): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21111 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674924.935:200): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21111 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674924.935:201): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21111 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=USER_LOGIN msg=audit(1574674924.935:202): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
type=CRYPTO_KEY_USER msg=audit(1574674924.941:203): pid=21113 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21113 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674924.941:204): pid=21113 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21113 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674924.941:205): pid=21113 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21113 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574674925.044:206): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=21113 suid=74 rport=43832 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574674925.044:207): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=21113 suid=74 rport=43832 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674925.452:208): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21113 suid=74 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674925.452:209): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21113 suid=74 rport=43832 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674925.453:210): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21110 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674925.453:211): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21110 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674925.453:212): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21110 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=USER_LOGIN msg=audit(1574674925.454:213): pid=21110 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
type=CRYPTO_KEY_USER msg=audit(1574674925.456:214): pid=21114 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21114 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674925.456:215): pid=21114 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21114 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674925.456:216): pid=21114 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21114 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574674925.660:217): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=21114 suid=74 rport=43830 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574674925.660:218): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac=<implicit> pfs=curve25519-sha256 spid=21114 suid=74 rport=43830 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674925.987:219): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21114 suid=74 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674925.987:220): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21114 suid=74 rport=43830 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674925.988:221): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21109 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674925.988:222): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21109 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674925.988:223): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21109 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=USER_LOGIN msg=audit(1574674925.988:224): pid=21109 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login acct="(unknown)" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
type=CRYPTO_KEY_USER msg=audit(1574674926.175:225): pid=21116 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21116 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674926.175:226): pid=21116 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21116 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674926.175:227): pid=21116 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21116 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574674926.291:228): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21116 suid=74 rport=43838 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574674926.291:229): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21116 suid=74 rport=43838 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=USER_AUTH msg=audit(1574674926.933:230): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey_auth rport=43838 acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=USER_AUTH msg=audit(1574674926.933:231): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=key algo=ssh-rsa size=2048 fp=SHA256:f6:3d:5b:97:0b:77:c1:ca:d1:88:66:19:43:b6:46:bb:d6:b1:9b:77:03:92:51:fa:ff:3e:1c:f8:47:bc:0b:31 rport=43838 acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=USER_ACCT msg=audit(1574674926.940:232): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574674926.941:233): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21116 suid=74 rport=43838 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=USER_AUTH msg=audit(1574674926.942:234): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=success'
type=CRED_ACQ msg=audit(1574674926.943:235): pid=21115 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=LOGIN msg=audit(1574674926.943:236): pid=21115 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=4 res=1
type=USER_ROLE_CHANGE msg=audit(1574674927.057:237): pid=21115 uid=0 auid=0 ses=4 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_START msg=audit(1574674927.082:238): pid=21115 uid=0 auid=0 ses=4 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574674927.439:239): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_START msg=audit(1574674927.440:240): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574674927.443:241): pid=21118 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21118 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674927.443:242): pid=21118 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21118 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674927.443:243): pid=21118 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21118 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574674927.445:244): pid=21118 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_END msg=audit(1574674927.645:245): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574674927.646:246): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574674927.775:247): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_START msg=audit(1574674927.776:248): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574674927.777:249): pid=21123 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21123 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674927.777:250): pid=21123 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21123 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674927.777:251): pid=21123 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21123 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574674927.778:252): pid=21123 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_END msg=audit(1574674928.585:253): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574674928.586:254): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574674928.794:255): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_START msg=audit(1574674928.795:256): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574674928.796:257): pid=21129 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21129 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674928.796:258): pid=21129 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21129 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674928.796:259): pid=21129 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21129 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574674928.797:260): pid=21129 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_END msg=audit(1574674928.920:261): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574674928.921:262): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574674929.108:263): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_START msg=audit(1574674929.109:264): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574674929.110:265): pid=21134 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21134 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674929.110:266): pid=21134 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21134 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674929.110:267): pid=21134 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21134 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574674929.111:268): pid=21134 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=SERVICE_START msg=audit(1574674929.221:269): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=USER_END msg=audit(1574674929.343:270): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574674929.344:271): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574674929.463:272): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_START msg=audit(1574674929.464:273): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574674929.465:274): pid=21144 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21144 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674929.465:275): pid=21144 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21144 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674929.465:276): pid=21144 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21144 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574674929.467:277): pid=21144 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_END msg=audit(1574674929.590:278): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574674929.591:279): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574674929.711:280): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_START msg=audit(1574674929.712:281): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574674929.713:282): pid=21149 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21149 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674929.713:283): pid=21149 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21149 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674929.713:284): pid=21149 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21149 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574674929.714:285): pid=21149 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_END msg=audit(1574674932.341:286): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574674932.342:287): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574674932.471:288): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_START msg=audit(1574674932.472:289): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574674932.473:290): pid=21192 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21192 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674932.473:291): pid=21192 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21192 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674932.473:292): pid=21192 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21192 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574674932.474:293): pid=21192 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_END msg=audit(1574674932.659:294): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574674932.660:295): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574674932.867:296): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_START msg=audit(1574674932.868:297): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574674932.869:298): pid=21197 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21197 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674932.869:299): pid=21197 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21197 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674932.869:300): pid=21197 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21197 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574674932.870:301): pid=21197 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_END msg=audit(1574674933.076:302): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574674933.077:303): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574674933.285:304): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_START msg=audit(1574674933.286:305): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574674933.287:306): pid=21206 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21206 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674933.287:307): pid=21206 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21206 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674933.287:308): pid=21206 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21206 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574674933.288:309): pid=21206 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_END msg=audit(1574674933.494:310): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574674933.495:311): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574674933.703:312): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_START msg=audit(1574674933.704:313): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574674933.705:314): pid=21211 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21211 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674933.705:315): pid=21211 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21211 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674933.705:316): pid=21211 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21211 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574674933.707:317): pid=21211 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_END msg=audit(1574674933.912:318): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574674933.913:319): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=SERVICE_STOP msg=audit(1574674959.253:320): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=USER_LOGIN msg=audit(1574674986.024:321): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_START msg=audit(1574674986.025:322): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574674986.026:323): pid=21220 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21220 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674986.026:324): pid=21220 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21220 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574674986.026:325): pid=21220 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21220 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574674986.028:326): pid=21220 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_END msg=audit(1574674986.165:327): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574674986.166:328): pid=21115 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574674986.328:329): pid=21225 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21225 suid=0 exe="/usr/sbin/sshd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
type=CRYPTO_KEY_USER msg=audit(1574674986.328:330): pid=21225 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21225 suid=0 exe="/usr/sbin/sshd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
type=CRYPTO_KEY_USER msg=audit(1574674986.328:331): pid=21225 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21225 suid=0 exe="/usr/sbin/sshd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
type=USER_LOGIN msg=audit(1574674986.330:332): pid=21225 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/0 res=success'
type=USER_START msg=audit(1574674986.330:333): pid=21225 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/0 res=success'
type=CRED_REFR msg=audit(1574674986.331:334): pid=21225 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=SOFTWARE_UPDATE msg=audit(1574675011.281:335): pid=21251 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='sw="libconfig-1.4.9-5.el7.x86_64" sw_type=rpm key_enforce=0 gpg_res=0 root_dir="/" comm="yum" exe="/usr/bin/python2.7" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
type=SOFTWARE_UPDATE msg=audit(1574675012.831:336): pid=21251 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='sw="lldpad-1.0.1-5.git036e314.el7.x86_64" sw_type=rpm key_enforce=0 gpg_res=0 root_dir="/" comm="yum" exe="/usr/bin/python2.7" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
type=SOFTWARE_UPDATE msg=audit(1574675030.837:337): pid=21304 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='sw="systemd-python-219-73.el7.x86_64" sw_type=rpm key_enforce=0 gpg_res=0 root_dir="/" comm="yum" exe="/usr/bin/python2.7" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
type=SOFTWARE_UPDATE msg=audit(1574675031.450:338): pid=21304 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='sw="setroubleshoot-plugins-3.0.67-4.el7.noarch" sw_type=rpm key_enforce=0 gpg_res=0 root_dir="/" comm="yum" exe="/usr/bin/python2.7" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
type=ADD_GROUP msg=audit(1574675031.488:339): pid=21321 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:groupadd_t:s0-s0:c0.c1023 msg='op=add-group id=994 exe="/usr/sbin/groupadd" hostname=? addr=? terminal=? res=success'
type=GRP_MGMT msg=audit(1574675031.498:340): pid=21321 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:groupadd_t:s0-s0:c0.c1023 msg='op=add-shadow-group id=994 exe="/usr/sbin/groupadd" hostname=? addr=? terminal=? res=success'
type=ADD_USER msg=audit(1574675031.528:341): pid=21326 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:useradd_t:s0-s0:c0.c1023 msg='op=add-user id=997 exe="/usr/sbin/useradd" hostname=? addr=? terminal=? res=success'
type=USER_MGMT msg=audit(1574675031.554:342): pid=21331 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:useradd_t:s0-s0:c0.c1023 msg='op=pam_tally2 reset=0 id=997 exe="/usr/sbin/pam_tally2" hostname=? addr=? terminal=? res=success'
type=DAEMON_CONFIG msg=audit(1574675032.060:1548) op=reconfigure state=changed auid=0 pid=21340 subj=unconfined_u:unconfined_r:rpm_script_t:s0-s0:c0.c1023 res=success
type=SOFTWARE_UPDATE msg=audit(1574675032.075:343): pid=21304 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='sw="setroubleshoot-server-3.2.30-8.el7.x86_64" sw_type=rpm key_enforce=0 gpg_res=0 root_dir="/" comm="yum" exe="/usr/bin/python2.7" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
type=ADD_GROUP msg=audit(1574675044.229:344): pid=21352 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=add-group acct="sysadm-user" exe="/usr/sbin/useradd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
type=ADD_USER msg=audit(1574675044.235:345): pid=21352 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=add-user id=1000 exe="/usr/sbin/useradd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
type=USER_MGMT msg=audit(1574675044.278:346): pid=21357 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=pam_tally2 reset=0 id=1000 exe="/usr/sbin/pam_tally2" hostname=? addr=? terminal=/dev/pts/0 res=success'
type=ROLE_ASSIGN msg=audit(1574675045.373:347): pid=21352 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login-sename,role,range acct="sysadm-user" old-seuser=? old-role=? old-range=? new-seuser=sysadm_u new-role=sysadm_r new-range=s0-s0:c0.c1023 exe="/usr/sbin/useradd" hostname=? addr=? terminal=pts/0 res=success'
type=USER_AVC msg=audit(1574675047.413:348): pid=510 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc: received policyload notice (seqno=2) exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
type=MAC_POLICY_LOAD msg=audit(1574675045.619:349): policy loaded auid=0 ses=4
type=SYSCALL msg=audit(1574675045.619:349): arch=c000003e syscall=1 success=yes exit=3882864 a0=4 a1=7f7518eaf000 a2=3b3f70 a3=7ffe563fd8e0 items=0 ppid=21352 pid=21361 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=4 comm="load_policy" exe="/usr/sbin/load_policy" subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)
type=PROCTITLE msg=audit(1574675045.619:349): proctitle="/sbin/load_policy"
type=USER_MGMT msg=audit(1574675047.475:350): pid=21352 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=add-home-dir id=1000 exe="/usr/sbin/useradd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
type=USER_CHAUTHTOK msg=audit(1574675063.946:351): pid=21362 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:passwd_t:s0-s0:c0.c1023 msg='op=PAM:chauthtok grantors=pam_pwquality,pam_unix acct="sysadm-user" exe="/usr/bin/passwd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
type=CRYPTO_KEY_USER msg=audit(1574675095.611:352): pid=21370 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21370 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574675095.611:353): pid=21370 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21370 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574675095.611:354): pid=21370 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21370 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574675095.732:355): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21370 suid=74 rport=43938 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574675095.732:356): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21370 suid=74 rport=43938 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=USER_AUTH msg=audit(1574675096.637:357): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey acct="sysadm-user" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
type=USER_AUTH msg=audit(1574675100.275:358): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_ACCT msg=audit(1574675100.279:359): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574675100.285:360): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21370 suid=74 rport=43938 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=USER_AUTH msg=audit(1574675100.287:361): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="sysadm-user" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=success'
type=CRED_ACQ msg=audit(1574675100.288:362): pid=21369 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=LOGIN msg=audit(1574675100.288:363): pid=21369 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=5 res=1
type=USER_START msg=audit(1574675100.350:364): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=? acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=failed'
type=CRYPTO_KEY_USER msg=audit(1574675100.352:365): pid=21373 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21373 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574675100.352:366): pid=21373 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21373 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574675100.352:367): pid=21373 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21373 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_ACQ msg=audit(1574675100.354:368): pid=21373 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574675100.700:369): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/1 res=success'
type=USER_START msg=audit(1574675100.701:370): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/1 res=success'
type=CRYPTO_KEY_USER msg=audit(1574675100.705:371): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21374 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=USER_END msg=audit(1574675100.705:372): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=/dev/pts/1 res=success'
type=USER_LOGOUT msg=audit(1574675100.705:373): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=/dev/pts/1 res=success'
type=CRYPTO_KEY_USER msg=audit(1574675100.931:374): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21373 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574675100.931:375): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21373 suid=1000 rport=43938 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=CRED_DISP msg=audit(1574675100.933:376): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574675100.933:377): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21369 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574675100.933:378): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21369 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574675100.933:379): pid=21369 uid=0 auid=1000 ses=5 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21369 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=MAC_CONFIG_CHANGE msg=audit(1574675113.286:380): bool=ssh_sysadm_login val=1 old_val=0 auid=0 ses=4
type=SYSCALL msg=audit(1574675113.286:380): arch=c000003e syscall=1 success=yes exit=2 a0=3 a1=7ffd8dfb32e0 a2=2 a3=7ffd8dfb26e0 items=0 ppid=21236 pid=21376 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=4 comm="setsebool" exe="/usr/sbin/setsebool" subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)
type=PROCTITLE msg=audit(1574675113.286:380): proctitle=7365747365626F6F6C007373685F73797361646D5F6C6F67696E006F6E
type=USER_AVC msg=audit(1574675113.294:381): pid=510 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc: received policyload notice (seqno=3) exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'
type=CRYPTO_KEY_USER msg=audit(1574675115.046:382): pid=21378 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21378 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574675115.046:383): pid=21378 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21378 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574675115.046:384): pid=21378 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21378 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574675115.255:385): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21378 suid=74 rport=43948 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574675115.256:386): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21378 suid=74 rport=43948 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=USER_AUTH msg=audit(1574675116.381:387): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey acct="sysadm-user" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
type=USER_AUTH msg=audit(1574675119.281:388): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_ACCT msg=audit(1574675119.285:389): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574675119.289:390): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21378 suid=74 rport=43948 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=USER_AUTH msg=audit(1574675119.291:391): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="sysadm-user" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=success'
type=CRED_ACQ msg=audit(1574675119.292:392): pid=21377 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=LOGIN msg=audit(1574675119.292:393): pid=21377 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=6 res=1
type=USER_ROLE_CHANGE msg=audit(1574675119.318:394): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 selected-context=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_START msg=audit(1574675119.348:395): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574675119.349:396): pid=21381 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21381 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574675119.349:397): pid=21381 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21381 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574675119.350:398): pid=21381 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21381 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_ACQ msg=audit(1574675119.351:399): pid=21381 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574675119.842:400): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/1 res=success'
type=USER_START msg=audit(1574675119.843:401): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/1 res=success'
type=CRYPTO_KEY_USER msg=audit(1574675119.856:402): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21382 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1574675129.532:403): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='unit=lldpad comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=AVC msg=audit(1574675142.213:404): avc: denied { sendto } for pid=21445 comm="lldptool" path=002F636F6D2F696E74656C2F6C6C64706164 scontext=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:lldpad_t:s0 tclass=unix_dgram_socket permissive=0
type=SYSCALL msg=audit(1574675142.213:404): arch=c000003e syscall=42 success=no exit=-13 a0=3 a1=556166aa2082 a2=14 a3=f items=0 ppid=21382 pid=21445 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts1 ses=6 comm="lldptool" exe="/usr/sbin/lldptool" subj=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 key=(null)
type=PROCTITLE msg=audit(1574675142.213:404): proctitle=6C6C6470746F6F6C002D2D68656C70
type=AVC msg=audit(1574675155.993:405): avc: denied { sendto } for pid=21453 comm="vdptool" path=002F636F6D2F696E74656C2F6C6C64706164 scontext=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:lldpad_t:s0 tclass=unix_dgram_socket permissive=0
type=SYSCALL msg=audit(1574675155.993:405): arch=c000003e syscall=42 success=no exit=-13 a0=3 a1=55ed05d7f082 a2=14 a3=f items=0 ppid=21382 pid=21453 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts1 ses=6 comm="vdptool" exe="/usr/sbin/vdptool" subj=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 key=(null)
type=PROCTITLE msg=audit(1574675155.993:405): proctitle="vdptool"
type=AVC msg=audit(1574675156.994:406): avc: denied { sendto } for pid=21453 comm="vdptool" path=002F636F6D2F696E74656C2F6C6C64706164 scontext=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:lldpad_t:s0 tclass=unix_dgram_socket permissive=0
type=SYSCALL msg=audit(1574675156.994:406): arch=c000003e syscall=42 success=no exit=-13 a0=3 a1=55ed05d7f082 a2=14 a3=f items=0 ppid=21382 pid=21453 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts1 ses=6 comm="vdptool" exe="/usr/sbin/vdptool" subj=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 key=(null)
type=PROCTITLE msg=audit(1574675156.994:406): proctitle="vdptool"
type=USER_END msg=audit(1574675346.431:407): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=/dev/pts/1 res=success'
type=USER_LOGOUT msg=audit(1574675346.431:408): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=/dev/pts/1 res=success'
type=CRYPTO_KEY_USER msg=audit(1574675346.577:409): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21381 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574675346.578:410): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21381 suid=1000 rport=43948 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=USER_END msg=audit(1574675346.588:411): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRED_DISP msg=audit(1574675346.589:412): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574675346.590:413): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21377 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574675346.590:414): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21377 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574675346.590:415): pid=21377 uid=0 auid=1000 ses=6 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21377 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574676014.438:416): pid=21483 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21483 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574676014.438:417): pid=21483 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21483 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574676014.438:418): pid=21483 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21483 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574676014.561:419): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21483 suid=74 rport=44920 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574676014.561:420): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21483 suid=74 rport=44920 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=USER_AUTH msg=audit(1574676015.558:421): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
type=USER_ACCT msg=audit(1574676061.116:422): pid=21485 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_access,pam_unix,pam_localuser acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
type=CRED_ACQ msg=audit(1574676061.116:423): pid=21485 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
type=LOGIN msg=audit(1574676061.117:424): pid=21485 uid=0 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=7 res=1
type=USER_START msg=audit(1574676061.134:425): pid=21485 uid=0 auid=0 ses=7 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_loginuid,pam_keyinit,pam_limits,pam_systemd acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
type=CRED_REFR msg=audit(1574676061.134:426): pid=21485 uid=0 auid=0 ses=7 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
type=CRED_DISP msg=audit(1574676061.155:427): pid=21485 uid=0 auid=0 ses=7 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_env,pam_unix acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
type=USER_END msg=audit(1574676061.156:428): pid=21485 uid=0 auid=0 ses=7 subj=system_u:system_r:crond_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_loginuid,pam_keyinit,pam_limits,pam_systemd acct="root" exe="/usr/sbin/crond" hostname=? addr=? terminal=cron res=success'
type=USER_AUTH msg=audit(1574676091.306:429): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=failed'
type=USER_AUTH msg=audit(1574676093.653:430): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=password acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
type=USER_AUTH msg=audit(1574676097.622:431): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=? acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=failed'
type=USER_AUTH msg=audit(1574676099.791:432): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=password acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
type=USER_CHAUTHTOK msg=audit(1574676108.719:433): pid=21500 uid=0 auid=0 ses=4 subj=unconfined_u:unconfined_r:passwd_t:s0-s0:c0.c1023 msg='op=PAM:chauthtok grantors=pam_pwquality,pam_unix acct="root" exe="/usr/bin/passwd" hostname=ci-vm-10-0-137-208.hosted.upshift.rdu2.redhat.com addr=? terminal=pts/0 res=success'
type=USER_AUTH msg=audit(1574676112.952:434): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_ACCT msg=audit(1574676112.957:435): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574676112.959:436): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21483 suid=74 rport=44920 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=USER_AUTH msg=audit(1574676112.961:437): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=success'
type=CRED_ACQ msg=audit(1574676112.962:438): pid=21482 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=LOGIN msg=audit(1574676112.962:439): pid=21482 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=8 res=1
type=USER_ROLE_CHANGE msg=audit(1574676113.090:440): pid=21482 uid=0 auid=0 ses=8 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_START msg=audit(1574676113.117:441): pid=21482 uid=0 auid=0 ses=8 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574676113.509:442): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_START msg=audit(1574676113.510:443): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574676113.514:444): pid=21506 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21506 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574676113.514:445): pid=21506 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21506 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574676113.514:446): pid=21506 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21506 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574676113.516:447): pid=21506 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_END msg=audit(1574676114.450:448): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRED_DISP msg=audit(1574676114.451:449): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_END msg=audit(1574676114.453:450): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGOUT msg=audit(1574676114.454:451): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574676114.454:452): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21482 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574676114.454:453): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21482 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574676114.454:454): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21482 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574676114.454:455): pid=21482 uid=0 auid=0 ses=8 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21482 suid=0 rport=44920 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574676260.369:456): pid=21516 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21516 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574676260.369:457): pid=21516 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21516 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574676260.369:458): pid=21516 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21516 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574676260.572:459): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21516 suid=74 rport=45194 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574676260.573:460): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21516 suid=74 rport=45194 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=USER_AUTH msg=audit(1574676261.389:461): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey acct="sysadm-user" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
type=USER_AUTH msg=audit(1574676264.491:462): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_ACCT msg=audit(1574676264.495:463): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574676264.498:464): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21516 suid=74 rport=45194 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=USER_AUTH msg=audit(1574676264.500:465): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="sysadm-user" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=success'
type=CRED_ACQ msg=audit(1574676264.500:466): pid=21515 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=LOGIN msg=audit(1574676264.501:467): pid=21515 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=1000 tty=(none) old-ses=4294967295 ses=9 res=1
type=USER_ROLE_CHANGE msg=audit(1574676264.528:468): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 selected-context=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_START msg=audit(1574676264.553:469): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574676264.554:470): pid=21519 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21519 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574676264.555:471): pid=21519 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21519 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574676264.555:472): pid=21519 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21519 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_ACQ msg=audit(1574676264.556:473): pid=21519 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574676264.954:474): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/1 res=success'
type=USER_START msg=audit(1574676264.955:475): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=/dev/pts/1 res=success'
type=CRYPTO_KEY_USER msg=audit(1574676264.968:476): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21520 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=AVC msg=audit(1574676269.109:477): avc: denied { sendto } for pid=21539 comm="dcbtool" path=002F636F6D2F696E74656C2F6C6C64706164 scontext=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:lldpad_t:s0 tclass=unix_dgram_socket permissive=0
type=SYSCALL msg=audit(1574676269.109:477): arch=c000003e syscall=42 success=no exit=-13 a0=3 a1=558107411082 a2=14 a3=21000 items=0 ppid=21520 pid=21539 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts1 ses=9 comm="dcbtool" exe="/usr/sbin/dcbtool" subj=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 key=(null)
type=PROCTITLE msg=audit(1574676269.109:477): proctitle="dcbtool"
type=AVC msg=audit(1574676270.109:478): avc: denied { sendto } for pid=21539 comm="dcbtool" path=002F636F6D2F696E74656C2F6C6C64706164 scontext=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:lldpad_t:s0 tclass=unix_dgram_socket permissive=0
type=SYSCALL msg=audit(1574676270.109:478): arch=c000003e syscall=42 success=no exit=-13 a0=3 a1=558107411082 a2=14 a3=f items=0 ppid=21520 pid=21539 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts1 ses=9 comm="dcbtool" exe="/usr/sbin/dcbtool" subj=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 key=(null)
type=PROCTITLE msg=audit(1574676270.109:478): proctitle="dcbtool"
type=USER_END msg=audit(1574676314.202:479): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=/dev/pts/1 res=success'
type=USER_LOGOUT msg=audit(1574676314.202:480): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=login id=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=/dev/pts/1 res=success'
type=CRYPTO_KEY_USER msg=audit(1574676314.359:481): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21519 suid=1000 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574676314.359:482): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21519 suid=1000 rport=45194 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=USER_END msg=audit(1574676314.365:483): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_close grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRED_DISP msg=audit(1574676314.366:484): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="sysadm-user" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574676314.366:485): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21515 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574676314.367:486): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21515 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574676314.367:487): pid=21515 uid=0 auid=1000 ses=9 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21515 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574676320.600:488): pid=21551 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21551 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574676320.600:489): pid=21551 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21551 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574676320.600:490): pid=21551 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21551 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574676320.714:491): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-server cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21551 suid=74 rport=45270 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=CRYPTO_SESSION msg=audit(1574676320.714:492): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=start direction=from-client cipher=aes256-gcm@openssh.com ksize=256 mac=<implicit> pfs=curve25519-sha256@libssh.org spid=21551 suid=74 rport=45270 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=USER_AUTH msg=audit(1574676321.562:493): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=failed'
type=USER_AUTH msg=audit(1574676324.674:494): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_ACCT msg=audit(1574676324.678:495): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574676324.679:496): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=session fp=? direction=both spid=21551 suid=74 rport=45270 laddr=10.0.137.208 lport=22 exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=? res=success'
type=USER_AUTH msg=audit(1574676324.681:497): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=success acct="root" exe="/usr/sbin/sshd" hostname=? addr=10.40.205.43 terminal=ssh res=success'
type=CRED_ACQ msg=audit(1574676324.682:498): pid=21550 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=LOGIN msg=audit(1574676324.682:499): pid=21550 uid=0 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=10 res=1
type=USER_ROLE_CHANGE msg=audit(1574676324.801:500): pid=21550 uid=0 auid=0 ses=10 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='pam: default-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 selected-context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_START msg=audit(1574676324.826:501): pid=21550 uid=0 auid=0 ses=10 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_lastlog acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_LOGIN msg=audit(1574676325.219:502): pid=21550 uid=0 auid=0 ses=10 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=USER_START msg=audit(1574676325.220:503): pid=21550 uid=0 auid=0 ses=10 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=login id=0 exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'
type=CRYPTO_KEY_USER msg=audit(1574676325.223:504): pid=21554 uid=0 auid=0 ses=10 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:63:6c:4a:92:cd:40:49:fb:29:48:6a:71:8a:6d:8b:9f:b2:70:e1:68:da:94:80:00:fd:3c:43:db:25:f3:2b:bd direction=? spid=21554 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574676325.223:505): pid=21554 uid=0 auid=0 ses=10 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:59:05:5f:b6:6f:3b:f4:b1:b4:3a:06:e0:c2:ca:3f:ec:2c:0b:96:aa:4e:35:2a:e6:4b:af:07:d2:ae:26:66:20 direction=? spid=21554 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1574676325.223:506): pid=21554 uid=0 auid=0 ses=10 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=SHA256:a2:d0:1a:4c:56:85:f6:71:e2:84:7b:a4:60:03:8e:5c:1a:47:b4:47:e3:7b:ac:e1:24:70:4e:d1:6b:df:d2:84 direction=? spid=21554 suid=0 exe="/usr/sbin/sshd" hostname=? addr=? terminal=? res=success'
type=CRED_REFR msg=audit(1574676325.225:507): pid=21554 uid=0 auid=0 ses=10 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='op=PAM:setcred grantors=pam_unix acct="root" exe="/usr/sbin/sshd" hostname=ovpn-205-43.brq.redhat.com addr=10.40.205.43 terminal=ssh res=success'

View File

@ -0,0 +1,65 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/setroubleshoot/Regression/embedded-null-byte-in-audit-records
# Description: Is sealert able to processes audit messages which contain embedded null bytes?
# Author: Milos Malik <mmalik@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/bin/rhts-environment.sh || exit 1
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="setroubleshoot"
rlJournalStart
rlPhaseStartSetup
rlAssertRpm ${PACKAGE}
rlRun "rpm -qf /usr/sbin/ausearch"
rlRun "rpm -qf /usr/bin/audit2allow"
rlRun "rpm -qf /usr/bin/sealert"
OUTPUT_FILE=`mktemp`
rlPhaseEnd
rlPhaseStartTest "bz#1775135 + bz#1776199"
if rlIsRHEL 7 ; then
rlRun "ausearch -i -m avc -if ./audit.log"
rlRun "audit2allow -i ./audit.log"
# if sealert got stuck, kill it after 15 seconds
rlWatchdog "sealert -a ./audit.log 2>&1 | tee ${OUTPUT_FILE}" 15
else # Fedora, RHEL-8 and above
rlRun "ausearch -i -m avc -if ./short.log"
rlRun "audit2allow -i ./short.log"
# if sealert got stuck, kill it after 15 seconds
rlWatchdog "sealert -a ./short.log 2>&1 | tee ${OUTPUT_FILE}" 15
fi
rlRun "grep -i -e Traceback -e TypeError -e embedded -e \"null byte\" ${OUTPUT_FILE}" 1
rlRun "grep -i \"Plugin catchall\" ${OUTPUT_FILE}" 0
if [ $? -ne 0 ]; then cat ${OUTPUT_FILE}; fi
rlPhaseEnd
rlPhaseStartCleanup
rm -f ${OUTPUT_FILE}
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

View File

@ -0,0 +1,4 @@
type=AVC msg=audit(1574094303.139:1096): avc: denied { sendto } for pid=18278 comm="dcbtool" path=002F636F6D2F696E74656C2F6C6C64706164 scontext=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 tcontext=system_u:system_r:lldpad_t:s0 tclass=unix_dgram_socket permissive=0
type=SYSCALL msg=audit(1574094303.139:1096): arch=c000003e syscall=42 success=no exit=-13 a0=3 a1=55c52f80bf02 a2=14 a3=0 items=0 ppid=12504 pid=18278 auid=1005 uid=1005 gid=1005 euid=1005 suid=1005 fsuid=1005 egid=1005 sgid=1005 fsgid=1005 tty=pts1 ses=33 comm="dcbtool" exe="/usr/sbin/dcbtool" subj=sysadm_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 key=(null)ARCH=x86_64 SYSCALL=connect AUID="sysadm-user" UID="sysadm-user" GID="sysadm-user" EUID="sysadm-user" SUID="sysadm-user" FSUID="sysadm-user" EGID="sysadm-user" SGID="sysadm-user" FSGID="sysadm-user"
type=SOCKADDR msg=audit(1574094303.139:1096): saddr=0100002F636F6D2F696E74656C2F6C6C64706164SADDR={ saddr_fam=local path=/com/intel/lldpad }
type=PROCTITLE msg=audit(1574094303.139:1096): proctitle="dcbtool"

View File

@ -0,0 +1,65 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /CoreOS/setroubleshoot/Regression/no-plugin-exception-during-analyses
# Description: Does setroubleshoot report any 'Plugin Exception' during analyses?
# Author: Petr Lautrbach <plautrba@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2020 Red Hat, Inc.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/CoreOS/setroubleshoot/Regression/no-plugin-exception-during-analyses
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile short.log
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Petr Lautrbach <plautrba@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: Does setroubleshoot report any 'Plugin Exception' during analyses?" >> $(METADATA)
@echo "Type: Regression" >> $(METADATA)
@echo "TestTime: 5m" >> $(METADATA)
@echo "RunFor: setroubleshoot" >> $(METADATA)
@echo "Requires: setroubleshoot-server" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Environment: AVC_ERROR=+no_avc_check" >> $(METADATA)
@echo "Bug: 1784564" >> $(METADATA) # RHEL-7
rhts-lint $(METADATA)

View File

@ -0,0 +1,73 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/setroubleshoot/Regression/no-plugin-exception-during-analyses
# Description: Does setroubleshoot report any 'Plugin Exception' during analyses?
# Author: Petr Lautrbach <plautrba@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2020 Red Hat, Inc.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/bin/rhts-environment.sh || exit 1
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="setroubleshoot"
rlJournalStart
rlPhaseStartSetup
rlAssertRpm ${PACKAGE}-server
rlAssertRpm ${PACKAGE}-plugins
rlPhaseEnd
rlPhaseStartTest "no 'Plugin Exception'"
SINCE=$(date '+%Y-%m-%d %H:%M:%S')
RANDOM_NUMBER=${RANDOM}
rlRun "passwd --help >& /root/output-${RANDOM_NUMBER}.txt"
rlRun "rm -f /root/output-${RANDOM_NUMBER}.txt"
sleep 10
rlRun "journalctl --since=\"$SINCE\" > journal-after.txt"
STATUS=0
rlAssertGrep "setroubleshoot.*: SELinux is preventing (/usr/bin/)?passwd" journal-after.txt -E
[[ $? -eq 0 ]] || STATUS=$?
rlAssertNotGrep "setroubleshoot.*: Plugin Exception " journal-after.txt
[[ $? -eq 0 ]] || STATUS=$?
rlRun "[[ $STATUS -eq 0 ]] || cat journal-after.txt"
rlRun "rm -f journal-after.txt"
rlPhaseEnd
rlPhaseStartTest "no 'Plugin Exception' in short.log"
OUTPUT_FILE=`mktemp`
rlRun "sealert -a ./short.log >& $OUTPUT_FILE"
STATUS=0
rlAssertNotGrep "'generator' object is not subscriptable" $OUTPUT_FILE
[[ $? -eq 0 ]] || STATUS=$?
rlAssertGrep "Plugin catchall_labels" $OUTPUT_FILE
[[ $? -eq 0 ]] || STATUS=$?
rlRun "[[ $STATUS -eq 0 ]] || cat $OUTPUT_FILE"
rlRun "rm -f $OUTPUT_FILE"
rlPhaseEnd
rlPhaseStartCleanup
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

View File

@ -0,0 +1,10 @@
type=PROCTITLE msg=audit(1574867531.103:1226): proctitle=2F7573722F7362696E2F6368726F6E7964002D6E002D66002F7661722F72756E2F74696D656D61737465722F6368726F6E792E636F6E66
type=AVC msg=audit(1574867531.516:1227): avc: denied { read } for pid=936 comm="auditd" name="passwd" dev="sda2" ino=25468387 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
type=AVC msg=audit(1574867531.516:1228): avc: denied { read } for pid=936 comm="auditd" name="passwd" dev="sda2" ino=25468387 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
type=AVC msg=audit(1574867531.516:1229): avc: denied { write } for pid=936 comm="auditd" name="nss" dev="sda2" ino=209156 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0
type=AVC msg=audit(1574867531.516:1230): avc: denied { read } for pid=936 comm="auditd" name="group" dev="sda2" ino=25468401 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
type=AVC msg=audit(1574867531.516:1231): avc: denied { read } for pid=936 comm="auditd" name="group" dev="sda2" ino=25468401 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=0
type=AVC msg=audit(1574867531.516:1232): avc: denied { write } for pid=936 comm="auditd" name="nss" dev="sda2" ino=209156 scontext=system_u:system_r:auditd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=sock_file permissive=0
type=SYSCALL msg=audit(1574867527.549:1163): arch=c000003e syscall=21 success=no exit=-13 a0=7f61e4002460 a1=4 a2=0 a3=0 items=1 ppid=1 pid=1871 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="in:imjournal" exe="/usr/sbin/rsyslogd" subj=system_u:system_r:syslogd_t:s0 key=(null)ARCH=x86_64 SYSCALL=access AUID="unset" UID="root" GID="root" EUID="root" SUID="root" FSUID="root" EGID="root" SGID="root" FSGID="root"
type=CWD msg=audit(1574867527.549:1163): cwd="/"
type=PATH msg=audit(1574867527.549:1163): item=0 name="/var/lib/rsyslog/imjournal.state" inode=25845859 dev=08:02 mode=0100600 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:unlabeled_t:s0 nametype=NORMAL cap_fp=0000000000000000 cap_fi=0000000000000000 cap_fe=0 cap_fver=0OUID="root" OGID="root"

View File

@ -0,0 +1,63 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /CoreOS/setroubleshoot/Regression/sealert-s-traceback-invalid-display
# Description: Test for traceback when using sealert -s with DISPLAY set to invalid value
# Author: Vit Mojzis <vmojzis@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2020 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/CoreOS/setroubleshoot/Regression/sealert-s-traceback-invalid-display
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Vit Mojzis <vmojzis@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: Test for traceback when using sealert -s with display set to invalid value" >> $(METADATA)
@echo "Type: Regression" >> $(METADATA)
@echo "TestTime: 5m" >> $(METADATA)
@echo "RunFor: setroubleshoot" >> $(METADATA)
@echo "Requires: setroubleshoot" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Bug: 1574434" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5 -RHEL6 -RHEL7" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -0,0 +1,45 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/setroubleshoot/Regression/sealert-s-traceback-invalid-display
# Description: Test for traceback when using sealert -s with DISPLAY set to invalid value
# Author: Vit Mojzis <vmojzis@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2020 Red Hat, Inc.
#
# This program is free software: you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation, either version 2 of
# the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/bin/rhts-environment.sh || exit 1
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="setroubleshoot-server"
rlJournalStart
rlPhaseStartSetup
rlAssertRpm $PACKAGE
OUTPUT_FILE=`mktemp`
rlPhaseEnd
rlPhaseStartTest
rlRun "DISPLAY=yolo sealert -s 2>&1 | tee ${OUTPUT_FILE}"
rlRun "grep Traceback ${OUTPUT_FILE}" 1
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

View File

@ -0,0 +1,65 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /CoreOS/setroubleshoot-plugins/Sanity/public_content
# Description: Does the plugin work as expected?
# Author: Milos Malik <mmalik@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2017 Red Hat, Inc.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/CoreOS/setroubleshoot-plugins/Sanity/public_content
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
test -x runtest.sh || chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Milos Malik <mmalik@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: Does the plugin work as expected?" >> $(METADATA)
@echo "Type: Sanity" >> $(METADATA)
@echo "TestTime: 10m" >> $(METADATA)
@echo "RunFor: setroubleshoot-plugins" >> $(METADATA)
@echo "Requires: setroubleshoot-plugins setroubleshoot-server audit setools-console psmisc libselinux-utils rsyslog" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
@echo "Environment: AVC_ERROR=+no_avc_check" >> $(METADATA)
rhts-lint $(METADATA)

View File

@ -0,0 +1,7 @@
PURPOSE of /CoreOS/setroubleshoot-plugins/Sanity/public_content
Author: Milos Malik <mmalik@redhat.com>
Does the plugin work as expected?
Default value of ANALYSIS_DELAY can be overriden.

View File

@ -0,0 +1,87 @@
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/setroubleshoot-plugins/Sanity/public_content
# Description: Does the plugin work as expected?
# Author: Milos Malik <mmalik@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2017 Red Hat, Inc.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include Beaker environment
. /usr/bin/rhts-environment.sh || exit 1
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="setroubleshoot-plugins"
PLUGIN_NAME="public_content"
ANALYSIS_DELAY=${ANALYSIS_DELAY:-"16"}
rlJournalStart
rlPhaseStartSetup
rlAssertRpm ${PACKAGE}
rlAssertRpm setroubleshoot-server
rlServiceStart auditd
rlFileBackup /var/lib/setroubleshoot/setroubleshoot_database.xml
rlRun "rm -f /var/lib/setroubleshoot/setroubleshoot_database.xml"
BEFORE=`mktemp`
AFTER=`mktemp`
rlRun "killall setroubleshootd" 0,1
rlRun "mkdir -p /var/test-dir"
rlRun "chcon -t samba_share_t /var/test-dir"
rlRun "touch /var/test-file"
rlRun "chcon -t samba_share_t /var/test-file"
rlPhaseEnd
rlPhaseStartTest
if rlIsRHEL 6 7 ; then
ADD_OPT="-C"
fi
rlRun "sesearch -s rsync_t -t samba_share_t -c dir -p read -A --dontaudit ${ADD_OPT} | grep -v '\]' | grep -e allow -e dontaudit" 1
rlRun "sesearch -s rsync_t -t samba_share_t -c file -p read -A --dontaudit ${ADD_OPT} | grep -v '\]' | grep -e allow -e dontaudit" 1
rlRun "setsebool rsync_export_all_ro off"
if ! rlIsRHEL 6 ; then
rlRun "setsebool rsync_full_access off"
fi
rlRun "sealert -l '*' > ${BEFORE}"
rlRun "cat /var/log/messages > ./messages"
rlRun "setenforce 0"
rlRun "runcon system_u:system_r:rsync_t:s0 bash -c 'ls /var/test-dir'" 0,1
rlRun "runcon system_u:system_r:rsync_t:s0 bash -c 'cat /var/test-file'" 0,1
rlRun "setenforce 1"
rlRun "sleep ${ANALYSIS_DELAY}"
rlRun "ps -efZ | grep setroubleshootd" 0,1
rlRun "sealert -l '*' > ${AFTER}" 0-3
rlRun "ausearch -m avc -m selinux_err -i -ts recent | grep 'read.*ls.*test-dir.*:rsync_t:.*:samba_share_t:.*tclass=dir'"
rlRun "ausearch -m avc -m selinux_err -i -ts recent | grep 'read.*cat.*test-file.*:rsync_t:.*:samba_share_t:.*tclass=file'"
rlRun "diff ${BEFORE} ${AFTER} | grep \"Plugin.*suggests\""
rlRun "diff ${BEFORE} ${AFTER} | grep \"Plugin ${PLUGIN_NAME} .*suggests\""
rlRun "diff /var/log/messages ./messages | grep -i -e 'setroubleshoot.*exception' -e 'no such file or directory'" 1
rlPhaseEnd
rlPhaseStartCleanup
rlRun "rm -rf /var/test-dir /var/test-file"
rm -f ${BEFORE}
rm -f ${AFTER}
rlFileRestore
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

19
tests/tests.yml Normal file
View File

@ -0,0 +1,19 @@
- hosts: localhost
roles:
- role: standard-test-beakerlib
tags:
- classic
tests:
- Regression/embedded-null-byte-in-audit-records
- Regression/no-plugin-exception-during-analyses
- Regression/sealert-s-traceback-invalid-display
- Regression/Report-bugs-on-corresponding-components
- Sanity/public_content
required_packages:
- setroubleshoot-server
- setroubleshoot-plugins
- audit
- setools-console
- psmisc
- libselinux-utils
- rsyslog