---- time->Wed Aug 6 09:21:55 2025 type=AVC msg=audit(1754486515.032:13018): avc: denied { connectto } for pid=69545 comm="getent" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:21:55 2025 type=AVC msg=audit(1754486515.033:13019): avc: denied { connectto } for pid=69545 comm="getent" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:21:55 2025 type=AVC msg=audit(1754486515.043:13020): avc: denied { connectto } for pid=69549 comm="getent" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:21:55 2025 type=AVC msg=audit(1754486515.044:13021): avc: denied { connectto } for pid=69549 comm="getent" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:21:55 2025 type=AVC msg=audit(1754486515.062:13022): avc: denied { read } for pid=69553 comm="systemctl" name="journal" dev="xvda2" ino=1489 scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_log_t:s0 tclass=dir permissive=0 ---- time->Wed Aug 6 09:21:55 2025 type=AVC msg=audit(1754486515.064:13023): avc: denied { getattr } for pid=69554 comm="sh" path="/usr/bin/rpm" dev="xvda2" ino=158373 scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:object_r:rpm_exec_t:s0 tclass=file permissive=0 ---- time->Wed Aug 6 09:21:55 2025 type=AVC msg=audit(1754486515.078:13024): avc: denied { read } for pid=69556 comm="systemctl" name="journal" dev="xvda2" ino=1489 scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_log_t:s0 tclass=dir permissive=0 ---- time->Wed Aug 6 09:21:55 2025 type=AVC msg=audit(1754486515.089:13027): avc: denied { connectto } for pid=69563 comm="su" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:22:03 2025 type=AVC msg=audit(1754486523.804:13032): avc: denied { search } for pid=69764 comm="(sd-askpwagent)" name="fs" dev="proc" ino=2203 scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sysctl_fs_t:s0 tclass=dir permissive=0 ---- time->Wed Aug 6 09:22:26 2025 type=AVC msg=audit(1754486546.632:13568): avc: denied { connectto } for pid=72584 comm="getent" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:22:26 2025 type=AVC msg=audit(1754486546.632:13569): avc: denied { connectto } for pid=72584 comm="getent" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:22:26 2025 type=AVC msg=audit(1754486546.641:13570): avc: denied { name_connect } for pid=72582 comm="python3" dest=1433 scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:object_r:mssql_port_t:s0 tclass=tcp_socket permissive=0 ---- time->Wed Aug 6 09:23:26 2025 type=AVC msg=audit(1754486606.177:14654): avc: denied { connectto } for pid=78823 comm="getent" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:23:26 2025 type=AVC msg=audit(1754486606.178:14655): avc: denied { connectto } for pid=78823 comm="getent" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:23:26 2025 type=AVC msg=audit(1754486606.194:14656): avc: denied { read } for pid=78827 comm="systemctl" name="journal" dev="xvda2" ino=1489 scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_log_t:s0 tclass=dir permissive=0 ---- time->Wed Aug 6 09:23:26 2025 type=AVC msg=audit(1754486606.206:14659): avc: denied { connectto } for pid=78834 comm="su" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:24:19 2025 type=AVC msg=audit(1754486659.529:15607): avc: denied { connectto } for pid=83970 comm="getent" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:24:19 2025 type=AVC msg=audit(1754486659.529:15608): avc: denied { connectto } for pid=83970 comm="getent" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:25:19 2025 type=AVC msg=audit(1754486719.700:16608): avc: denied { connectto } for pid=89396 comm="getent" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:25:19 2025 type=AVC msg=audit(1754486719.701:16609): avc: denied { connectto } for pid=89396 comm="getent" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:25:19 2025 type=AVC msg=audit(1754486719.717:16610): avc: denied { read } for pid=89400 comm="systemctl" name="journal" dev="xvda2" ino=1489 scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_log_t:s0 tclass=dir permissive=0 ---- time->Wed Aug 6 09:25:19 2025 type=AVC msg=audit(1754486719.729:16613): avc: denied { connectto } for pid=89407 comm="su" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:26:11 2025 type=AVC msg=audit(1754486771.168:17521): avc: denied { connectto } for pid=94543 comm="getent" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:26:11 2025 type=AVC msg=audit(1754486771.169:17522): avc: denied { connectto } for pid=94543 comm="getent" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:26:11 2025 type=AVC msg=audit(1754486771.177:17523): avc: denied { name_connect } for pid=94541 comm="python3" dest=1432 scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:object_r:mssql_port_t:s0 tclass=tcp_socket permissive=0 ---- time->Wed Aug 6 09:27:08 2025 type=AVC msg=audit(1754486828.918:18491): avc: denied { connectto } for pid=99807 comm="getent" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:27:08 2025 type=AVC msg=audit(1754486828.919:18492): avc: denied { connectto } for pid=99807 comm="getent" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:27:08 2025 type=AVC msg=audit(1754486828.937:18493): avc: denied { read } for pid=99811 comm="systemctl" name="journal" dev="xvda2" ino=1489 scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_log_t:s0 tclass=dir permissive=0 ---- time->Wed Aug 6 09:27:08 2025 type=AVC msg=audit(1754486828.949:18496): avc: denied { connectto } for pid=99818 comm="su" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:27:16 2025 type=AVC msg=audit(1754486836.199:18561): avc: denied { connectto } for pid=100328 comm="getent" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:27:16 2025 type=AVC msg=audit(1754486836.200:18562): avc: denied { connectto } for pid=100328 comm="getent" path="/systemd/userdb/io.systemd.DynamicUser" scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:system_r:kernel_t:s0 tclass=unix_stream_socket permissive=0 ---- time->Wed Aug 6 09:27:16 2025 type=AVC msg=audit(1754486836.207:18563): avc: denied { name_connect } for pid=100326 comm="python3" dest=1433 scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:object_r:mssql_port_t:s0 tclass=tcp_socket permissive=0 ---- time->Wed Aug 6 09:28:03 2025 type=AVC msg=audit(1754486883.365:19350): avc: denied { search } for pid=100671 comm="Wt-8" name="/" dev="xvda2" ino=2 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir permissive=0 srawcon="system_u:system_r:mssql_server_t:s0" ---- time->Wed Aug 6 09:28:03 2025 type=AVC msg=audit(1754486883.365:19351): avc: denied { search } for pid=100671 comm="Wt-8" name="/" dev="xvda2" ino=2 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir permissive=0 srawcon="system_u:system_r:mssql_server_t:s0" ---- time->Wed Aug 6 09:28:04 2025 type=AVC msg=audit(1754486884.065:19352): avc: denied { search } for pid=100671 comm="sqlservr" name="/" dev="xvda2" ino=2 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir permissive=0 srawcon="system_u:system_r:mssql_server_t:s0" ---- time->Wed Aug 6 09:28:04 2025 type=AVC msg=audit(1754486884.366:19353): avc: denied { search } for pid=100671 comm="Wt-8" name="/" dev="xvda2" ino=2 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir permissive=0 srawcon="system_u:system_r:mssql_server_t:s0" ---- time->Wed Aug 6 09:28:04 2025 type=AVC msg=audit(1754486884.366:19354): avc: denied { search } for pid=100671 comm="Wt-8" name="/" dev="xvda2" ino=2 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir permissive=0 srawcon="system_u:system_r:mssql_server_t:s0" ---- time->Wed Aug 6 09:28:04 2025 type=AVC msg=audit(1754486884.496:19356): avc: denied { signal } for pid=1 comm="systemd" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=process permissive=0 trawcon="system_u:system_r:mssql_server_t:s0" ---- time->Wed Aug 6 09:28:04 2025 type=AVC msg=audit(1754486884.496:19358): avc: denied { sigkill } for pid=1 comm="systemd" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=process permissive=0 trawcon="system_u:system_r:mssql_server_t:s0" ---- time->Wed Aug 6 09:28:04 2025 type=AVC msg=audit(1754486884.496:19359): avc: denied { signal } for pid=1 comm="systemd" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=process permissive=0 trawcon="system_u:system_r:mssql_server_t:s0" ---- time->Wed Aug 6 09:28:04 2025 type=AVC msg=audit(1754486884.496:19360): avc: denied { sigkill } for pid=1 comm="systemd" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=process permissive=0 trawcon="system_u:system_r:mssql_server_t:s0" ---- time->Wed Aug 6 09:28:04 2025 type=AVC msg=audit(1754486884.497:19361): avc: denied { signull } for pid=1 comm="systemd" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=process permissive=0 trawcon="system_u:system_r:mssql_server_t:s0" ---- time->Wed Aug 6 09:28:04 2025 type=AVC msg=audit(1754486884.497:19362): avc: denied { signull } for pid=1 comm="systemd" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=process permissive=0 trawcon="system_u:system_r:mssql_server_t:s0" ---- time->Wed Aug 6 09:28:05 2025 type=AVC msg=audit(1754486885.366:19364): avc: denied { search } for pid=100671 comm="Wt-8" name="/" dev="xvda2" ino=2 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir permissive=0 srawcon="system_u:system_r:mssql_server_t:s0" ---- time->Wed Aug 6 09:28:05 2025 type=AVC msg=audit(1754486885.366:19365): avc: denied { search } for pid=100671 comm="Wt-8" name="/" dev="xvda2" ino=2 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir permissive=0 srawcon="system_u:system_r:mssql_server_t:s0" ---- time->Wed Aug 6 09:28:06 2025 type=AVC msg=audit(1754486886.066:19408): avc: denied { search } for pid=100671 comm="sqlservr" name="/" dev="xvda2" ino=2 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir permissive=0 srawcon="system_u:system_r:mssql_server_t:s0" ---- time->Wed Aug 6 09:28:06 2025 type=AVC msg=audit(1754486886.366:19470): avc: denied { search } for pid=100671 comm="Wt-8" name="/" dev="xvda2" ino=2 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir permissive=0 srawcon="system_u:system_r:mssql_server_t:s0" ---- time->Wed Aug 6 09:28:06 2025 type=AVC msg=audit(1754486886.366:19471): avc: denied { search } for pid=100671 comm="Wt-8" name="/" dev="xvda2" ino=2 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir permissive=0 srawcon="system_u:system_r:mssql_server_t:s0" ---- time->Wed Aug 6 09:28:07 2025 type=AVC msg=audit(1754486887.366:19535): avc: denied { search } for pid=100671 comm="Wt-8" name="/" dev="xvda2" ino=2 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir permissive=0 srawcon="system_u:system_r:mssql_server_t:s0" ---- time->Wed Aug 6 09:28:07 2025 type=AVC msg=audit(1754486887.366:19536): avc: denied { search } for pid=100671 comm="Wt-8" name="/" dev="xvda2" ino=2 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir permissive=0 srawcon="system_u:system_r:mssql_server_t:s0" ---- time->Wed Aug 6 09:28:08 2025 type=AVC msg=audit(1754486888.066:19574): avc: denied { search } for pid=100671 comm="sqlservr" name="/" dev="xvda2" ino=2 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir permissive=0 srawcon="system_u:system_r:mssql_server_t:s0" ---- time->Wed Aug 6 09:28:08 2025 type=AVC msg=audit(1754486888.366:19593): avc: denied { search } for pid=100671 comm="Wt-8" name="/" dev="xvda2" ino=2 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir permissive=0 srawcon="system_u:system_r:mssql_server_t:s0" ---- time->Wed Aug 6 09:28:08 2025 type=AVC msg=audit(1754486888.366:19594): avc: denied { search } for pid=100671 comm="Wt-8" name="/" dev="xvda2" ino=2 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir permissive=0 srawcon="system_u:system_r:mssql_server_t:s0" ---- time->Wed Aug 6 09:28:09 2025 type=AVC msg=audit(1754486889.082:19630): avc: denied { signal } for pid=100644 comm="sqlservr" scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=process permissive=0 srawcon="system_u:system_r:mssql_server_t:s0" trawcon="system_u:system_r:mssql_server_t:s0"