Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Nov 26 14:54:13 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/sbin/hdparm -Tt /dev/sda
- Nov 26 14:54:13 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 26 14:54:26 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 26 14:56:39 mscd pkexec: pam_unix(polkit-1:session): session opened for user root by (uid=1001)
- Nov 26 14:56:39 mscd pkexec[9911]: mscd: Executing command [USER=root] [TTY=unknown] [CWD=/home/mscd] [COMMAND=/usr/lib/update-notifier/package-system-locked]
- Nov 26 15:00:11 mscd polkitd(authority=local): Operator of unix-session:c17 successfully authenticated as unix-user:mscd to gain TEMPORARY authorization for action org.freedesktop.udisks2.open-device-system for system-bus-name::1.145 [gnome-disks] (owned by unix-user:mscd)
- Nov 26 15:14:08 mscd polkitd(authority=local): message repeated 2 times: [ Operator of unix-session:c17 successfully authenticated as unix-user:mscd to gain TEMPORARY authorization for action org.freedesktop.udisks2.open-device-system for system-bus-name::1.145 [gnome-disks] (owned by unix-user:mscd)]
- Nov 26 15:16:49 mscd polkitd(authority=local): Operator of unix-session:c17 successfully authenticated as unix-user:mscd to gain TEMPORARY authorization for action org.freedesktop.udisks2.filesystem-unmount-others for system-bus-name::1.145 [gnome-disks] (owned by unix-user:mscd)
- Nov 26 15:17:01 mscd CRON[14320]: pam_unix(cron:session): session opened for user root by (uid=0)
- Nov 26 15:17:01 mscd CRON[14320]: pam_unix(cron:session): session closed for user root
- Nov 26 15:20:15 mscd polkitd(authority=local): Operator of unix-session:c17 successfully authenticated as unix-user:mscd to gain TEMPORARY authorization for action org.freedesktop.udisks2.open-device-system for system-bus-name::1.145 [gnome-disks] (owned by unix-user:mscd)
- Nov 26 15:21:45 mscd polkitd(authority=local): Operator of unix-session:c17 successfully authenticated as unix-user:mscd to gain TEMPORARY authorization for action org.freedesktop.udisks2.open-device-system for system-bus-name::1.156 [gnome-disks] (owned by unix-user:mscd)
- Nov 26 15:28:59 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get install openssh-server
- Nov 26 15:28:59 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 26 15:31:24 mscd useradd[17860]: new user: name=sshd, UID=117, GID=65534, home=/var/run/sshd, shell=/usr/sbin/nologin
- Nov 26 15:31:24 mscd usermod[17865]: change user 'sshd' password
- Nov 26 15:31:24 mscd chage[17870]: changed password expiry for sshd
- Nov 26 15:31:25 mscd sshd[17925]: Server listening on 0.0.0.0 port 22.
- Nov 26 15:31:25 mscd sshd[17925]: Server listening on :: port 22.
- Nov 26 15:31:25 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 26 15:32:39 mscd pkexec: pam_unix(polkit-1:session): session opened for user root by (uid=1001)
- Nov 26 15:32:39 mscd pkexec[18226]: mscd: Executing command [USER=root] [TTY=unknown] [CWD=/home/mscd] [COMMAND=/usr/lib/update-notifier/package-system-locked]
- Nov 26 15:33:35 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get install gcc
- Nov 26 15:33:35 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 26 15:33:35 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 26 16:07:02 mscd sudo: pam_unix(sudo:auth): authentication failure; logname=mscd uid=1001 euid=0 tty=/dev/pts/0 ruser=mscd rhost= user=mscd
- Nov 26 16:07:07 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get update
- Nov 26 16:07:07 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 26 16:07:49 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 26 16:07:54 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get update
- Nov 26 16:07:54 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 26 16:08:36 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 26 16:09:10 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get update
- Nov 26 16:09:10 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 26 16:09:52 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 26 16:09:55 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get update
- Nov 26 16:09:55 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 26 16:10:37 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 26 16:12:00 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get update
- Nov 26 16:12:00 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 26 16:12:42 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 26 16:13:36 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get update
- Nov 26 16:13:36 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 26 16:14:18 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 26 16:17:01 mscd CRON[26327]: pam_unix(cron:session): session opened for user root by (uid=0)
- Nov 26 16:17:01 mscd CRON[26327]: pam_unix(cron:session): session closed for user root
- Nov 26 16:21:41 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get update
- Nov 26 16:21:41 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 26 16:22:24 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 26 16:24:37 mscd dbus[998]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.109" (uid=0 pid=3179 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.35" (uid=0 pid=1546 comm="NetworkManager ")
- Nov 26 16:24:43 mscd dbus[998]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.109" (uid=0 pid=3179 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.35" (uid=0 pid=1546 comm="NetworkManager ")
- Nov 26 16:35:39 mscd pkexec: pam_unix(polkit-1:session): session opened for user root by (uid=1001)
- Nov 26 16:35:39 mscd pkexec[29858]: mscd: Executing command [USER=root] [TTY=unknown] [CWD=/home/mscd] [COMMAND=/usr/lib/update-notifier/package-system-locked]
- Nov 26 17:17:01 mscd CRON[37313]: pam_unix(cron:session): session opened for user root by (uid=0)
- Nov 26 17:17:01 mscd CRON[37313]: pam_unix(cron:session): session closed for user root
- Nov 26 18:17:01 mscd CRON[48199]: pam_unix(cron:session): session opened for user root by (uid=0)
- Nov 26 18:17:01 mscd CRON[48199]: pam_unix(cron:session): session closed for user root
- Nov 26 18:32:22 mscd polkitd(authority=local): Operator of unix-session:c17 successfully authenticated as unix-user:mscd to gain TEMPORARY authorization for action org.freedesktop.udisks2.open-device-system for system-bus-name::1.180 [gnome-disks] (owned by unix-user:mscd)
- Nov 26 18:34:42 mscd polkitd(authority=local): Unregistered Authentication Agent for unix-session:c17 (system bus name :1.99, object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
- Nov 27 12:00:35 mscd su[1431]: Successful su for root by root
- Nov 27 12:00:35 mscd su[1431]: + ??? root:root
- Nov 27 12:00:35 mscd su[1431]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 27 12:00:35 mscd su[1385]: Successful su for root by root
- Nov 27 12:00:35 mscd su[1385]: + ??? root:root
- Nov 27 12:00:35 mscd su[1385]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 27 12:00:35 mscd su[1441]: Successful su for root by root
- Nov 27 12:00:35 mscd su[1431]: pam_unix(su:session): session closed for user root
- Nov 27 12:00:35 mscd su[1441]: + ??? root:root
- Nov 27 12:00:35 mscd su[1441]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 27 12:00:35 mscd su[1385]: pam_unix(su:session): session closed for user root
- Nov 27 12:00:35 mscd su[1441]: pam_unix(su:session): session closed for user root
- Nov 27 12:00:35 mscd su[1446]: Successful su for root by root
- Nov 27 12:00:35 mscd su[1446]: + ??? root:root
- Nov 27 12:00:35 mscd su[1446]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 27 12:00:35 mscd su[1450]: Successful su for root by root
- Nov 27 12:00:35 mscd su[1450]: + ??? root:root
- Nov 27 12:00:35 mscd su[1449]: Successful su for root by root
- Nov 27 12:00:35 mscd su[1450]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 27 12:00:35 mscd su[1449]: + ??? root:root
- Nov 27 12:00:35 mscd su[1449]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 27 12:00:35 mscd su[1446]: pam_unix(su:session): session closed for user root
- Nov 27 12:00:35 mscd su[1449]: pam_unix(su:session): session closed for user root
- Nov 27 12:00:35 mscd su[1450]: pam_unix(su:session): session closed for user root
- Nov 27 12:00:35 mscd su[1457]: Successful su for root by root
- Nov 27 12:00:35 mscd su[1457]: + ??? root:root
- Nov 27 12:00:35 mscd su[1457]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 27 12:00:35 mscd su[1464]: Successful su for root by root
- Nov 27 12:00:35 mscd su[1464]: + ??? root:root
- Nov 27 12:00:35 mscd su[1467]: Successful su for root by root
- Nov 27 12:00:35 mscd su[1467]: + ??? root:root
- Nov 27 12:00:35 mscd su[1464]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 27 12:00:35 mscd su[1467]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 27 12:00:35 mscd su[1457]: pam_unix(su:session): session closed for user root
- Nov 27 12:00:35 mscd su[1464]: pam_unix(su:session): session closed for user root
- Nov 27 12:00:35 mscd su[1467]: pam_unix(su:session): session closed for user root
- Nov 27 12:00:35 mscd su[1481]: Successful su for root by root
- Nov 27 12:00:35 mscd su[1481]: + ??? root:root
- Nov 27 12:00:35 mscd su[1481]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 27 12:00:35 mscd su[1487]: Successful su for root by root
- Nov 27 12:00:35 mscd su[1487]: + ??? root:root
- Nov 27 12:00:35 mscd su[1486]: Successful su for root by root
- Nov 27 12:00:35 mscd su[1486]: + ??? root:root
- Nov 27 12:00:35 mscd su[1486]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 27 12:00:35 mscd su[1487]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 27 12:00:35 mscd su[1481]: pam_unix(su:session): session closed for user root
- Nov 27 12:00:35 mscd su[1486]: pam_unix(su:session): session closed for user root
- Nov 27 12:00:35 mscd su[1487]: pam_unix(su:session): session closed for user root
- Nov 27 12:00:35 mscd su[1534]: Successful su for root by root
- Nov 27 12:00:35 mscd su[1534]: + ??? root:root
- Nov 27 12:00:35 mscd su[1534]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 27 12:00:35 mscd su[1542]: Successful su for root by root
- Nov 27 12:00:35 mscd su[1542]: + ??? root:root
- Nov 27 12:00:35 mscd su[1542]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 27 12:00:35 mscd su[1542]: pam_unix(su:session): session closed for user root
- Nov 27 12:00:35 mscd su[1534]: pam_unix(su:session): session closed for user root
- Nov 27 12:00:35 mscd sshd[1743]: Server listening on 0.0.0.0 port 22.
- Nov 27 12:00:35 mscd sshd[1743]: Server listening on :: port 22.
- Nov 27 12:00:36 mscd su[2013]: Successful su for root by root
- Nov 27 12:00:36 mscd su[2013]: + ??? root:root
- Nov 27 12:00:36 mscd su[2013]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 27 12:00:36 mscd su[2013]: pam_unix(su:session): session closed for user root
- Nov 27 12:00:36 mscd lightdm: PAM unable to dlopen(pam_kwallet.so): /lib/security/pam_kwallet.so: cannot open shared object file: No such file or directory
- Nov 27 12:00:36 mscd lightdm: PAM adding faulty module: pam_kwallet.so
- Nov 27 12:00:36 mscd lightdm: pam_unix(lightdm-greeter:session): session opened for user lightdm by (uid=0)
- Nov 27 12:00:36 mscd lightdm: PAM unable to dlopen(pam_kwallet.so): /lib/security/pam_kwallet.so: cannot open shared object file: No such file or directory
- Nov 27 12:00:36 mscd lightdm: PAM adding faulty module: pam_kwallet.so
- Nov 27 12:00:36 mscd lightdm: pam_succeed_if(lightdm:auth): requirement "user ingroup nopasswdlogin" not met by user "mscd"
- Nov 27 12:00:47 mscd dbus[980]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.76" (uid=0 pid=2598 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1571 comm="NetworkManager ")
- Nov 27 12:00:48 mscd lightdm: pam_unix(lightdm-greeter:session): session closed for user lightdm
- Nov 27 12:00:48 mscd lightdm: pam_unix(lightdm:session): session opened for user mscd by (uid=0)
- Nov 27 12:00:49 mscd polkitd(authority=local): Registered Authentication Agent for unix-session:c17 (system bus name :1.105 [/usr/lib/policykit-1-gnome/polkit-gnome-authentication-agent-1], object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
- Nov 27 12:01:52 mscd pkexec: pam_unix(polkit-1:session): session opened for user root by (uid=1001)
- Nov 27 12:01:52 mscd pkexec[3639]: mscd: Executing command [USER=root] [TTY=unknown] [CWD=/home/mscd] [COMMAND=/usr/lib/update-notifier/package-system-locked]
- Nov 27 12:17:01 mscd CRON[6767]: pam_unix(cron:session): session opened for user root by (uid=0)
- Nov 27 12:17:01 mscd CRON[6767]: pam_unix(cron:session): session closed for user root
- Nov 27 12:28:54 mscd pkexec: pam_unix(polkit-1:session): session opened for user root by (uid=1001)
- Nov 27 12:28:54 mscd pkexec[8908]: mscd: Executing command [USER=root] [TTY=unknown] [CWD=/home/mscd] [COMMAND=/usr/lib/update-notifier/package-system-locked]
- Nov 27 12:29:29 mscd dbus[980]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.76" (uid=0 pid=2598 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1571 comm="NetworkManager ")
- Nov 27 12:29:31 mscd gnome-keyring-daemon[2747]: keyring alias directory: /home/mscd/.local/share/keyrings
- Nov 27 12:29:53 mscd dbus[980]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.76" (uid=0 pid=2598 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1571 comm="NetworkManager ")
- Nov 27 12:52:11 mscd dbus[980]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.76" (uid=0 pid=2598 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1571 comm="NetworkManager ")
- Nov 27 12:53:13 mscd dbus[980]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.76" (uid=0 pid=2598 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1571 comm="NetworkManager ")
- Nov 27 13:17:01 mscd CRON[18136]: pam_unix(cron:session): session opened for user root by (uid=0)
- Nov 27 13:17:01 mscd CRON[18136]: pam_unix(cron:session): session closed for user root
- Nov 27 13:34:37 mscd dbus[980]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.76" (uid=0 pid=2598 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1571 comm="NetworkManager ")
- Nov 27 13:36:25 mscd dbus[980]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.76" (uid=0 pid=2598 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1571 comm="NetworkManager ")
- Nov 27 13:54:30 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get install htop
- Nov 27 13:54:30 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 27 13:55:12 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 27 13:55:19 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get install htop
- Nov 27 13:55:19 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 27 13:56:00 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 27 13:59:52 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get install --fix-missing
- Nov 27 13:59:52 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 27 13:59:53 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 27 14:17:01 mscd CRON[29217]: pam_unix(cron:session): session opened for user root by (uid=0)
- Nov 27 14:17:01 mscd CRON[29217]: pam_unix(cron:session): session closed for user root
- Nov 27 14:32:42 mscd dbus[980]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.76" (uid=0 pid=2598 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1571 comm="NetworkManager ")
- Nov 27 14:34:29 mscd dbus[980]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.76" (uid=0 pid=2598 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1571 comm="NetworkManager ")
- Nov 27 15:17:01 mscd CRON[40332]: pam_unix(cron:session): session opened for user root by (uid=0)
- Nov 27 15:17:01 mscd CRON[40332]: pam_unix(cron:session): session closed for user root
- Nov 27 15:49:39 mscd dbus[980]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.76" (uid=0 pid=2598 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1571 comm="NetworkManager ")
- Nov 27 15:50:00 mscd dbus[980]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.76" (uid=0 pid=2598 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1571 comm="NetworkManager ")
- Nov 27 16:17:01 mscd CRON[51514]: pam_unix(cron:session): session opened for user root by (uid=0)
- Nov 27 16:17:01 mscd CRON[51514]: pam_unix(cron:session): session closed for user root
- Nov 27 17:14:45 mscd sudo: mscd : TTY=pts/2 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get install bmon
- Nov 27 17:14:45 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 27 17:14:53 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 27 17:15:04 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get install iotop
- Nov 27 17:15:04 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 27 17:15:06 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 27 17:15:18 mscd sudo: mscd : TTY=pts/2 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get install htop
- Nov 27 17:15:18 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 27 17:15:24 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 27 17:15:31 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/sbin/iotop
- Nov 27 17:15:31 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 27 17:15:33 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 27 17:16:51 mscd pkexec: pam_unix(polkit-1:session): session opened for user root by (uid=1001)
- Nov 27 17:16:51 mscd pkexec[64611]: mscd: Executing command [USER=root] [TTY=unknown] [CWD=/home/mscd] [COMMAND=/usr/lib/update-notifier/package-system-locked]
- Nov 27 17:17:01 mscd CRON[64672]: pam_unix(cron:session): session opened for user root by (uid=0)
- Nov 27 17:17:01 mscd CRON[64672]: pam_unix(cron:session): session closed for user root
- Nov 27 17:20:28 mscd sudo: mscd : TTY=pts/2 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/sbin/iotop
- Nov 27 17:20:28 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 27 18:17:01 mscd CRON[76667]: pam_unix(cron:session): session opened for user root by (uid=0)
- Nov 27 18:17:01 mscd CRON[76667]: pam_unix(cron:session): session closed for user root
- Nov 27 18:32:36 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 27 18:32:39 mscd polkitd(authority=local): Unregistered Authentication Agent for unix-session:c17 (system bus name :1.105, object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
- Nov 29 11:47:34 mscd su[1418]: Successful su for root by root
- Nov 29 11:47:34 mscd su[1419]: Successful su for root by root
- Nov 29 11:47:34 mscd su[1419]: + ??? root:root
- Nov 29 11:47:34 mscd su[1418]: + ??? root:root
- Nov 29 11:47:34 mscd su[1417]: Successful su for root by root
- Nov 29 11:47:34 mscd su[1418]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 11:47:34 mscd su[1419]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 11:47:34 mscd su[1417]: + ??? root:root
- Nov 29 11:47:34 mscd su[1417]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 11:47:34 mscd su[1419]: pam_unix(su:session): session closed for user root
- Nov 29 11:47:34 mscd su[1418]: pam_unix(su:session): session closed for user root
- Nov 29 11:47:34 mscd su[1417]: pam_unix(su:session): session closed for user root
- Nov 29 11:47:34 mscd su[1450]: Successful su for root by root
- Nov 29 11:47:34 mscd su[1449]: Successful su for root by root
- Nov 29 11:47:34 mscd su[1450]: + ??? root:root
- Nov 29 11:47:34 mscd su[1449]: + ??? root:root
- Nov 29 11:47:34 mscd su[1450]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 11:47:34 mscd su[1449]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 11:47:34 mscd su[1454]: Successful su for root by root
- Nov 29 11:47:34 mscd su[1454]: + ??? root:root
- Nov 29 11:47:34 mscd su[1454]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 11:47:34 mscd su[1450]: pam_unix(su:session): session closed for user root
- Nov 29 11:47:34 mscd su[1454]: pam_unix(su:session): session closed for user root
- Nov 29 11:47:34 mscd su[1449]: pam_unix(su:session): session closed for user root
- Nov 29 11:47:34 mscd su[1466]: Successful su for root by root
- Nov 29 11:47:34 mscd su[1466]: + ??? root:root
- Nov 29 11:47:34 mscd su[1466]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 11:47:34 mscd su[1468]: Successful su for root by root
- Nov 29 11:47:34 mscd su[1468]: + ??? root:root
- Nov 29 11:47:34 mscd su[1467]: Successful su for root by root
- Nov 29 11:47:34 mscd su[1467]: + ??? root:root
- Nov 29 11:47:34 mscd su[1468]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 11:47:34 mscd su[1467]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 11:47:34 mscd su[1466]: pam_unix(su:session): session closed for user root
- Nov 29 11:47:34 mscd su[1468]: pam_unix(su:session): session closed for user root
- Nov 29 11:47:34 mscd su[1467]: pam_unix(su:session): session closed for user root
- Nov 29 11:47:34 mscd su[1476]: Successful su for root by root
- Nov 29 11:47:34 mscd su[1476]: + ??? root:root
- Nov 29 11:47:34 mscd su[1476]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 11:47:34 mscd su[1479]: Successful su for root by root
- Nov 29 11:47:34 mscd su[1479]: + ??? root:root
- Nov 29 11:47:34 mscd su[1477]: Successful su for root by root
- Nov 29 11:47:34 mscd su[1477]: + ??? root:root
- Nov 29 11:47:34 mscd su[1479]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 11:47:34 mscd su[1477]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 11:47:34 mscd su[1476]: pam_unix(su:session): session closed for user root
- Nov 29 11:47:34 mscd su[1479]: pam_unix(su:session): session closed for user root
- Nov 29 11:47:34 mscd su[1477]: pam_unix(su:session): session closed for user root
- Nov 29 11:47:34 mscd su[1526]: Successful su for root by root
- Nov 29 11:47:34 mscd su[1526]: + ??? root:root
- Nov 29 11:47:34 mscd su[1526]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 11:47:34 mscd su[1529]: Successful su for root by root
- Nov 29 11:47:34 mscd su[1529]: + ??? root:root
- Nov 29 11:47:34 mscd su[1529]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 11:47:34 mscd su[1526]: pam_unix(su:session): session closed for user root
- Nov 29 11:47:34 mscd su[1529]: pam_unix(su:session): session closed for user root
- Nov 29 11:47:34 mscd sshd[1753]: Server listening on 0.0.0.0 port 22.
- Nov 29 11:47:34 mscd sshd[1753]: Server listening on :: port 22.
- Nov 29 11:47:35 mscd su[2032]: Successful su for root by root
- Nov 29 11:47:35 mscd su[2032]: + ??? root:root
- Nov 29 11:47:35 mscd su[2032]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 11:47:35 mscd su[2032]: pam_unix(su:session): session closed for user root
- Nov 29 11:47:35 mscd lightdm: PAM unable to dlopen(pam_kwallet.so): /lib/security/pam_kwallet.so: cannot open shared object file: No such file or directory
- Nov 29 11:47:35 mscd lightdm: PAM adding faulty module: pam_kwallet.so
- Nov 29 11:47:35 mscd lightdm: pam_unix(lightdm-greeter:session): session opened for user lightdm by (uid=0)
- Nov 29 11:47:35 mscd lightdm: PAM unable to dlopen(pam_kwallet.so): /lib/security/pam_kwallet.so: cannot open shared object file: No such file or directory
- Nov 29 11:47:35 mscd lightdm: PAM adding faulty module: pam_kwallet.so
- Nov 29 11:47:35 mscd lightdm: pam_succeed_if(lightdm:auth): requirement "user ingroup nopasswdlogin" not met by user "mscd"
- Nov 29 11:47:42 mscd lightdm: pam_unix(lightdm-greeter:session): session closed for user lightdm
- Nov 29 11:47:42 mscd lightdm: pam_unix(lightdm:session): session opened for user mscd by (uid=0)
- Nov 29 11:47:42 mscd polkitd(authority=local): Registered Authentication Agent for unix-session:c17 (system bus name :1.96 [/usr/lib/policykit-1-gnome/polkit-gnome-authentication-agent-1], object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
- Nov 29 11:48:07 mscd dbus[945]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.105" (uid=0 pid=3298 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.33" (uid=0 pid=1566 comm="NetworkManager ")
- Nov 29 11:48:45 mscd pkexec: pam_unix(polkit-1:session): session opened for user root by (uid=1001)
- Nov 29 11:48:45 mscd pkexec[3731]: mscd: Executing command [USER=root] [TTY=unknown] [CWD=/home/mscd] [COMMAND=/usr/lib/update-notifier/package-system-locked]
- Nov 29 12:11:46 mscd dbus[945]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.105" (uid=0 pid=3298 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.33" (uid=0 pid=1566 comm="NetworkManager ")
- Nov 29 12:12:23 mscd gnome-keyring-daemon[2627]: keyring alias directory: /home/mscd/.local/share/keyrings
- Nov 29 12:12:36 mscd dbus[945]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.105" (uid=0 pid=3298 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.33" (uid=0 pid=1566 comm="NetworkManager ")
- Nov 29 12:14:52 mscd polkitd(authority=local): Unregistered Authentication Agent for unix-session:c17 (system bus name :1.96, object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
- Nov 29 12:14:57 mscd lightdm: pam_unix(lightdm:session): session closed for user mscd
- Nov 29 12:14:57 mscd lightdm: PAM unable to dlopen(pam_kwallet.so): /lib/security/pam_kwallet.so: cannot open shared object file: No such file or directory
- Nov 29 12:14:57 mscd lightdm: PAM adding faulty module: pam_kwallet.so
- Nov 29 12:14:57 mscd lightdm: pam_unix(lightdm-greeter:session): session opened for user lightdm by (uid=0)
- Nov 29 12:14:57 mscd lightdm: PAM unable to dlopen(pam_kwallet.so): /lib/security/pam_kwallet.so: cannot open shared object file: No such file or directory
- Nov 29 12:14:57 mscd lightdm: PAM adding faulty module: pam_kwallet.so
- Nov 29 12:14:57 mscd lightdm: pam_succeed_if(lightdm:auth): requirement "user ingroup nopasswdlogin" not met by user "mscd"
- Nov 29 12:15:02 mscd lightdm: pam_unix(lightdm-greeter:session): session closed for user lightdm
- Nov 29 12:15:02 mscd lightdm: pam_unix(lightdm:session): session opened for user mscd by (uid=0)
- Nov 29 12:15:02 mscd polkitd(authority=local): Registered Authentication Agent for unix-session:c19 (system bus name :1.175 [/usr/lib/policykit-1-gnome/polkit-gnome-authentication-agent-1], object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
- Nov 29 12:16:05 mscd pkexec: pam_unix(polkit-1:session): session opened for user root by (uid=1001)
- Nov 29 12:16:05 mscd pkexec[10976]: mscd: Executing command [USER=root] [TTY=unknown] [CWD=/home/mscd] [COMMAND=/usr/lib/update-notifier/package-system-locked]
- Nov 29 12:17:01 mscd CRON[11348]: pam_unix(cron:session): session opened for user root by (uid=0)
- Nov 29 12:17:01 mscd CRON[11348]: pam_unix(cron:session): session closed for user root
- Nov 29 12:19:11 mscd gnome-keyring-daemon[10082]: keyring alias directory: /home/mscd/.local/share/keyrings
- Nov 29 12:28:10 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get install iperf
- Nov 29 12:28:10 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 12:28:29 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 12:31:04 mscd pkexec: pam_unix(polkit-1:session): session opened for user root by (uid=1001)
- Nov 29 12:31:04 mscd pkexec[14558]: mscd: Executing command [USER=root] [TTY=unknown] [CWD=/home/mscd] [COMMAND=/usr/lib/update-notifier/package-system-locked]
- Nov 29 12:31:05 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/gedit /etc/hosts
- Nov 29 12:31:05 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 12:31:35 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 12:45:03 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get install iftop
- Nov 29 12:45:03 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 12:45:26 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 12:45:34 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/sbin/iftop
- Nov 29 12:45:34 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 12:45:53 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 12:45:58 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/sbin/iftop
- Nov 29 12:45:58 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 12:46:02 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 12:46:04 mscd pkexec: pam_unix(polkit-1:session): session opened for user root by (uid=1001)
- Nov 29 12:46:04 mscd pkexec[17942]: mscd: Executing command [USER=root] [TTY=unknown] [CWD=/home/mscd] [COMMAND=/usr/lib/update-notifier/package-system-locked]
- Nov 29 12:46:05 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/sbin/iftop
- Nov 29 12:46:05 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 12:46:08 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 12:46:09 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/sbin/iftop
- Nov 29 12:46:09 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 12:47:59 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 12:50:12 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/gedit /etc/hosts
- Nov 29 12:50:12 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 12:50:18 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 12:52:14 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/sbin/iftop
- Nov 29 12:52:14 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 12:52:15 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:08:19 mscd gnome-keyring-daemon[10082]: exponent1 exponent1: no decoded value
- Nov 29 13:09:05 mscd sudo: mscd : TTY=pts/14 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get install openssh-server
- Nov 29 13:09:05 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:09:06 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:10:36 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get install firewall
- Nov 29 13:10:36 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:10:36 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:10:42 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get install service firewall
- Nov 29 13:10:42 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:10:42 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:15:09 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/sbin/iptables
- Nov 29 13:15:09 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:15:09 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:17:01 mscd CRON[24110]: pam_unix(cron:session): session opened for user root by (uid=0)
- Nov 29 13:17:01 mscd CRON[24110]: pam_unix(cron:session): session closed for user root
- Nov 29 13:18:59 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/sbin/iptables
- Nov 29 13:18:59 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:18:59 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:19:06 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/sbin/iptables -L
- Nov 29 13:19:06 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:19:06 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:19:09 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/sbin/iptables -L
- Nov 29 13:19:09 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:19:09 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:22:51 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/sbin/iptables -L
- Nov 29 13:22:51 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:22:51 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:22:53 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/sbin/iptables -L
- Nov 29 13:22:53 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:22:53 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:23:58 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get install nmap
- Nov 29 13:23:58 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:24:38 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:25:04 mscd pkexec: pam_unix(polkit-1:session): session opened for user root by (uid=1001)
- Nov 29 13:25:04 mscd pkexec[26226]: mscd: Executing command [USER=root] [TTY=unknown] [CWD=/home/mscd] [COMMAND=/usr/lib/update-notifier/package-system-locked]
- Nov 29 13:27:44 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/sbin/iptables -L
- Nov 29 13:27:44 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:27:44 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:27:59 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/sbin/ufw status
- Nov 29 13:27:59 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:27:59 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:31:36 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/sbin/adduser mpiuser
- Nov 29 13:31:36 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:31:36 mscd groupadd[27500]: group added to /etc/group: name=mpiuser, GID=1000
- Nov 29 13:31:36 mscd groupadd[27500]: group added to /etc/gshadow: name=mpiuser
- Nov 29 13:31:36 mscd groupadd[27500]: new group: name=mpiuser, GID=1000
- Nov 29 13:31:36 mscd useradd[27504]: new user: name=mpiuser, UID=1000, GID=1000, home=/home/mpiuser, shell=/bin/bash
- Nov 29 13:31:36 mscd passwd[27511]: pam_ecryptfs: PAM passphrase change module retrieved a NULL passphrase; nothing to do
- Nov 29 13:31:39 mscd passwd[27511]: pam_unix(passwd:chauthtok): password changed for mpiuser
- Nov 29 13:31:39 mscd passwd[27511]: gkr-pam: couldn't update the login keyring password: no old password was entered
- Nov 29 13:31:39 mscd passwd[27511]: pam_ecryptfs: Passphrase file wrapped
- Nov 29 13:31:39 mscd passwd[27511]: pam_ecryptfs: PAM passphrase change module retrieved at least one NULL passphrase; nothing to do
- Nov 29 13:31:41 mscd chfn[27590]: changed user 'mpiuser' information
- Nov 29 13:31:43 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:31:52 mscd su[27720]: Successful su for mpiuser by mscd
- Nov 29 13:31:52 mscd su[27720]: + /dev/pts/10 mscd:mpiuser
- Nov 29 13:31:52 mscd su[27720]: pam_unix(su:session): session opened for user mpiuser by mscd(uid=1001)
- Nov 29 13:37:31 mscd sudo: mpiuser : user NOT in sudoers ; TTY=pts/10 ; PWD=/home/mpiuser ; USER=root ; COMMAND=/usr/bin/nmap -p22 node2
- Nov 29 13:37:36 mscd su[27720]: pam_unix(su:session): session closed for user mpiuser
- Nov 29 13:37:53 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/nmap -p22 node2
- Nov 29 13:37:53 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:37:54 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:38:36 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/nmap -p0 node2
- Nov 29 13:38:36 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:38:36 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:38:41 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/nmap -p0 node0
- Nov 29 13:38:41 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:38:41 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:39:02 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/nmap -P0 node0
- Nov 29 13:39:02 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:39:02 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:39:08 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/nmap -P0 node2
- Nov 29 13:39:08 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:39:08 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:39:13 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/nmap -P0 node2
- Nov 29 13:39:13 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:39:13 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:39:28 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get update
- Nov 29 13:39:28 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:41:58 mscd sudo: mscd : TTY=pts/14 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/gedit /etc/hosts
- Nov 29 13:41:58 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:42:04 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:44:55 mscd sudo: mscd : TTY=pts/14 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/nano etc/NetworkManager/NetworkManager.conf
- Nov 29 13:44:55 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:45:17 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:45:25 mscd sudo: mscd : TTY=pts/14 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/gedit etc/NetworkManager/NetworkManager.conf
- Nov 29 13:45:25 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:46:06 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:49:43 mscd sudo: mscd : TTY=pts/14 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get install openssh-server
- Nov 29 13:49:43 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:49:45 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:54:55 mscd dbus[945]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.105" (uid=0 pid=3298 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.33" (uid=0 pid=1566 comm="NetworkManager ")
- Nov 29 13:55:10 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 13:55:51 mscd dbus[945]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.105" (uid=0 pid=3298 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.33" (uid=0 pid=1566 comm="NetworkManager ")
- Nov 29 13:55:55 mscd dbus[945]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.105" (uid=0 pid=3298 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.33" (uid=0 pid=1566 comm="NetworkManager ")
- Nov 29 13:57:07 mscd dbus[945]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.105" (uid=0 pid=3298 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.33" (uid=0 pid=1566 comm="NetworkManager ")
- Nov 29 13:57:40 mscd sudo: mscd : TTY=pts/10 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get update
- Nov 29 13:57:40 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 13:58:59 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 14:01:04 mscd pkexec: pam_unix(polkit-1:session): session opened for user root by (uid=1001)
- Nov 29 14:01:04 mscd pkexec[33736]: mscd: Executing command [USER=root] [TTY=unknown] [CWD=/home/mscd] [COMMAND=/usr/lib/update-notifier/package-system-locked]
- Nov 29 14:01:41 mscd sudo: mscd : TTY=pts/14 ; PWD=/home/mscd ; USER=root ; COMMAND=/bin/ss -lnp
- Nov 29 14:01:41 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 14:01:41 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 14:02:12 mscd sudo: mscd : TTY=pts/14 ; PWD=/home/mscd ; USER=root ; COMMAND=/bin/ss -lnp
- Nov 29 14:02:12 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 14:02:12 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 14:03:28 mscd sudo: mscd : TTY=pts/14 ; PWD=/home/mscd ; USER=root ; COMMAND=/bin/ss -lnp
- Nov 29 14:03:28 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 14:03:28 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 14:04:05 mscd sshd[34266]: Accepted password for mscd from 127.0.0.1 port 41003 ssh2
- Nov 29 14:04:05 mscd sshd[34266]: pam_unix(sshd:session): session opened for user mscd by (uid=0)
- Nov 29 14:04:51 mscd sshd[34464]: Received disconnect from 127.0.0.1: 11: disconnected by user
- Nov 29 14:04:51 mscd sshd[34266]: pam_unix(sshd:session): session closed for user mscd
- Nov 29 14:05:29 mscd sudo: mscd : TTY=pts/14 ; PWD=/home/mscd ; USER=root ; COMMAND=/bin/ss -lnp
- Nov 29 14:05:29 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 14:05:29 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 14:06:07 mscd sudo: mscd : TTY=pts/14 ; PWD=/home/mscd ; USER=root ; COMMAND=/bin/cp /etc/ssh/sshd_config /etc/ssh/sshd_config.factory-defaults
- Nov 29 14:06:07 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 14:06:07 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 14:06:22 mscd sudo: mscd : TTY=pts/14 ; PWD=/home/mscd ; USER=root ; COMMAND=/bin/chmod a-w /etc/ssh/sshd_config.factory-defaults
- Nov 29 14:06:22 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 14:06:22 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 14:06:37 mscd sudo: mscd : TTY=pts/14 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/gedit /etc/ssh/sshd_config
- Nov 29 14:06:37 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 14:08:09 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 14:08:19 mscd sudo: mscd : TTY=pts/14 ; PWD=/home/mscd ; USER=root ; COMMAND=/sbin/restart ssh
- Nov 29 14:08:19 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 14:08:19 mscd sshd[1753]: Received signal 15; terminating.
- Nov 29 14:08:19 mscd sshd[35356]: Server listening on 0.0.0.0 port 22.
- Nov 29 14:08:19 mscd sshd[35356]: Server listening on :: port 22.
- Nov 29 14:08:19 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 14:10:16 mscd sudo: mscd : TTY=pts/14 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/gedit /etc/ssh/sshd_config
- Nov 29 14:10:16 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 14:10:41 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 14:10:42 mscd sudo: mscd : TTY=pts/14 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/gedit /etc/ssh/sshd_config
- Nov 29 14:10:42 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 14:13:10 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 14:13:30 mscd sudo: mscd : TTY=pts/14 ; PWD=/home/mscd ; USER=root ; COMMAND=/sbin/restart sshd
- Nov 29 14:13:30 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 14:13:30 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 14:13:35 mscd sudo: mscd : TTY=pts/14 ; PWD=/home/mscd ; USER=root ; COMMAND=/sbin/restart ssh
- Nov 29 14:13:35 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 14:13:35 mscd sshd[35356]: Received signal 15; terminating.
- Nov 29 14:13:35 mscd sshd[36375]: Server listening on 0.0.0.0 port 22.
- Nov 29 14:13:35 mscd sshd[36375]: Server listening on :: port 22.
- Nov 29 14:13:35 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 14:14:18 mscd sudo: mscd : TTY=pts/14 ; PWD=/home/mscd ; USER=root ; COMMAND=/bin/ss -lnp
- Nov 29 14:14:18 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 14:14:19 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 14:15:25 mscd sshd[36711]: Accepted password for mscd from 127.0.0.1 port 41004 ssh2
- Nov 29 14:15:25 mscd sshd[36711]: pam_unix(sshd:session): session opened for user mscd by (uid=0)
- Nov 29 14:16:05 mscd sshd[36754]: Received disconnect from 127.0.0.1: 11: disconnected by user
- Nov 29 14:16:05 mscd sshd[36711]: pam_unix(sshd:session): session closed for user mscd
- Nov 29 14:16:12 mscd sudo: mscd : TTY=pts/14 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/gedit /etc/ssh/sshd_config
- Nov 29 14:16:12 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 14:17:01 mscd CRON[37173]: pam_unix(cron:session): session opened for user root by (uid=0)
- Nov 29 14:17:01 mscd CRON[37173]: pam_unix(cron:session): session closed for user root
- Nov 29 14:18:36 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 14:27:00 mscd sudo: mscd : TTY=pts/14 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/sbin/service ssh restart
- Nov 29 14:27:00 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 14:27:00 mscd sshd[36375]: Received signal 15; terminating.
- Nov 29 14:27:00 mscd sshd[39098]: Server listening on 0.0.0.0 port 22.
- Nov 29 14:27:00 mscd sshd[39098]: Server listening on :: port 22.
- Nov 29 14:27:00 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 14:34:45 mscd polkitd(authority=local): Unregistered Authentication Agent for unix-session:c19 (system bus name :1.175, object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bus)
- Nov 29 14:35:14 mscd su[1384]: Successful su for root by root
- Nov 29 14:35:14 mscd su[1384]: + ??? root:root
- Nov 29 14:35:14 mscd su[1384]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 14:35:14 mscd su[1386]: Successful su for root by root
- Nov 29 14:35:14 mscd su[1386]: + ??? root:root
- Nov 29 14:35:14 mscd su[1386]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 14:35:14 mscd su[1384]: pam_unix(su:session): session closed for user root
- Nov 29 14:35:14 mscd su[1386]: pam_unix(su:session): session closed for user root
- Nov 29 14:35:14 mscd su[1389]: Successful su for root by root
- Nov 29 14:35:14 mscd su[1389]: + ??? root:root
- Nov 29 14:35:14 mscd su[1389]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 14:35:14 mscd su[1390]: Successful su for root by root
- Nov 29 14:35:14 mscd su[1390]: + ??? root:root
- Nov 29 14:35:14 mscd su[1391]: Successful su for root by root
- Nov 29 14:35:14 mscd su[1391]: + ??? root:root
- Nov 29 14:35:14 mscd su[1390]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 14:35:14 mscd su[1391]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 14:35:14 mscd su[1389]: pam_unix(su:session): session closed for user root
- Nov 29 14:35:14 mscd su[1390]: pam_unix(su:session): session closed for user root
- Nov 29 14:35:14 mscd su[1391]: pam_unix(su:session): session closed for user root
- Nov 29 14:35:14 mscd su[1395]: Successful su for root by root
- Nov 29 14:35:14 mscd su[1395]: + ??? root:root
- Nov 29 14:35:14 mscd su[1395]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 14:35:14 mscd su[1398]: Successful su for root by root
- Nov 29 14:35:14 mscd su[1398]: + ??? root:root
- Nov 29 14:35:14 mscd su[1397]: Successful su for root by root
- Nov 29 14:35:14 mscd su[1397]: + ??? root:root
- Nov 29 14:35:14 mscd su[1398]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 14:35:14 mscd su[1397]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 14:35:14 mscd su[1395]: pam_unix(su:session): session closed for user root
- Nov 29 14:35:14 mscd su[1398]: pam_unix(su:session): session closed for user root
- Nov 29 14:35:14 mscd su[1397]: pam_unix(su:session): session closed for user root
- Nov 29 14:35:14 mscd su[1409]: Successful su for root by root
- Nov 29 14:35:14 mscd su[1409]: + ??? root:root
- Nov 29 14:35:14 mscd su[1409]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 14:35:14 mscd su[1416]: Successful su for root by root
- Nov 29 14:35:14 mscd su[1416]: + ??? root:root
- Nov 29 14:35:14 mscd su[1416]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 14:35:14 mscd su[1409]: pam_unix(su:session): session closed for user root
- Nov 29 14:35:14 mscd su[1416]: pam_unix(su:session): session closed for user root
- Nov 29 14:35:14 mscd su[1436]: Successful su for root by root
- Nov 29 14:35:14 mscd su[1438]: Successful su for root by root
- Nov 29 14:35:14 mscd su[1438]: + ??? root:root
- Nov 29 14:35:14 mscd su[1436]: + ??? root:root
- Nov 29 14:35:14 mscd su[1438]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 14:35:14 mscd su[1436]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 14:35:14 mscd su[1436]: pam_unix(su:session): session closed for user root
- Nov 29 14:35:14 mscd su[1449]: Successful su for root by root
- Nov 29 14:35:14 mscd su[1449]: + ??? root:root
- Nov 29 14:35:14 mscd su[1438]: pam_unix(su:session): session closed for user root
- Nov 29 14:35:14 mscd su[1449]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 14:35:14 mscd su[1449]: pam_unix(su:session): session closed for user root
- Nov 29 14:35:14 mscd su[1414]: Successful su for root by root
- Nov 29 14:35:14 mscd su[1414]: + ??? root:root
- Nov 29 14:35:14 mscd su[1414]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 14:35:14 mscd su[1414]: pam_unix(su:session): session closed for user root
- Nov 29 14:35:14 mscd sshd[1749]: Server listening on 0.0.0.0 port 22.
- Nov 29 14:35:14 mscd sshd[1749]: Server listening on :: port 22.
- Nov 29 14:35:15 mscd su[2029]: Successful su for root by root
- Nov 29 14:35:15 mscd su[2029]: + ??? root:root
- Nov 29 14:35:15 mscd su[2029]: pam_unix(su:session): session opened for user root by (uid=0)
- Nov 29 14:35:15 mscd su[2029]: pam_unix(su:session): session closed for user root
- Nov 29 14:35:15 mscd lightdm: PAM unable to dlopen(pam_kwallet.so): /lib/security/pam_kwallet.so: cannot open shared object file: No such file or directory
- Nov 29 14:35:15 mscd lightdm: PAM adding faulty module: pam_kwallet.so
- Nov 29 14:35:15 mscd lightdm: pam_unix(lightdm-greeter:session): session opened for user lightdm by (uid=0)
- Nov 29 14:35:15 mscd lightdm: PAM unable to dlopen(pam_kwallet.so): /lib/security/pam_kwallet.so: cannot open shared object file: No such file or directory
- Nov 29 14:35:15 mscd lightdm: PAM adding faulty module: pam_kwallet.so
- Nov 29 14:35:15 mscd lightdm: pam_succeed_if(lightdm:auth): requirement "user ingroup nopasswdlogin" not met by user "mscd"
- Nov 29 14:35:21 mscd lightdm: pam_unix(lightdm-greeter:session): session closed for user lightdm
- Nov 29 14:35:21 mscd lightdm: pam_unix(lightdm:session): session opened for user mscd by (uid=0)
- Nov 29 14:35:22 mscd polkitd(authority=local): Registered Authentication Agent for unix-session:c17 (system bus name :1.103 [/usr/lib/policykit-1-gnome/polkit-gnome-authentication-agent-1], object path /org/gnome/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8)
- Nov 29 14:35:30 mscd dbus[915]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.77" (uid=0 pid=2715 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1559 comm="NetworkManager ")
- Nov 29 14:36:26 mscd pkexec: pam_unix(polkit-1:session): session opened for user root by (uid=1001)
- Nov 29 14:36:26 mscd pkexec[3853]: mscd: Executing command [USER=root] [TTY=unknown] [CWD=/home/mscd] [COMMAND=/usr/lib/update-notifier/package-system-locked]
- Nov 29 14:37:04 mscd dbus[915]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.77" (uid=0 pid=2715 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1559 comm="NetworkManager ")
- Nov 29 14:37:10 mscd dbus[915]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.77" (uid=0 pid=2715 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1559 comm="NetworkManager ")
- Nov 29 14:37:33 mscd sudo: mscd : TTY=pts/2 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/gedit /etc/hosts
- Nov 29 14:37:33 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 14:37:44 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 14:38:29 mscd sudo: mscd : TTY=pts/2 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/gedit /etc/hosts
- Nov 29 14:38:29 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 14:38:43 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 14:39:59 mscd sudo: mscd : TTY=pts/2 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/sbin/tcpdump -i any -vvv -s 1600 port 22
- Nov 29 14:39:59 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 14:40:08 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 14:40:11 mscd sudo: mscd : TTY=pts/2 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/sbin/tcpdump -i any -vvv -s 1600 port 22
- Nov 29 14:40:11 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 14:40:32 mscd gnome-keyring-daemon[2785]: exponent1 exponent1: no decoded value
- Nov 29 14:41:16 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 14:37:18 mscd dbus[915]: message repeated 2 times: [ [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.77" (uid=0 pid=2715 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1559 comm="NetworkManager ")]
- Nov 29 14:44:08 mscd dbus[915]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.77" (uid=0 pid=2715 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1559 comm="NetworkManager ")
- Nov 29 14:45:01 mscd dbus[915]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.77" (uid=0 pid=2715 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1559 comm="NetworkManager ")
- Nov 29 14:45:02 mscd dbus[915]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.77" (uid=0 pid=2715 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1559 comm="NetworkManager ")
- Nov 29 14:45:11 mscd dbus[915]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.77" (uid=0 pid=2715 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1559 comm="NetworkManager ")
- Nov 29 15:10:37 mscd dbus[915]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.77" (uid=0 pid=2715 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1559 comm="NetworkManager ")
- Nov 29 15:17:01 mscd CRON[12221]: pam_unix(cron:session): session opened for user root by (uid=0)
- Nov 29 15:17:01 mscd CRON[12221]: pam_unix(cron:session): session closed for user root
- Nov 29 15:21:01 mscd dbus[915]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.77" (uid=0 pid=2715 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1559 comm="NetworkManager ")
- Nov 29 15:50:27 mscd dbus[915]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.77" (uid=0 pid=2715 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1559 comm="NetworkManager ")
- Nov 29 15:52:30 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get purge openssh-server
- Nov 29 15:52:30 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 15:52:33 mscd sshd[1749]: Received signal 15; terminating.
- Nov 29 15:52:34 mscd userdel[19450]: delete user 'sshd'
- Nov 29 15:52:34 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 15:53:04 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get purge shh
- Nov 29 15:53:04 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 15:53:04 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 15:54:11 mscd dbus[915]: [system] Rejected send message, 7 matched rules; type="method_return", sender=":1.77" (uid=0 pid=2715 comm="/usr/sbin/dnsmasq --no-resolv --keep-in-foreground") interface="(unset)" member="(unset)" error name="(unset)" requested_reply="0" destination=":1.36" (uid=0 pid=1559 comm="NetworkManager ")
- Nov 29 15:54:25 mscd pkexec: pam_unix(polkit-1:session): session opened for user root by (uid=1001)
- Nov 29 15:54:25 mscd pkexec[20121]: mscd: Executing command [USER=root] [TTY=unknown] [CWD=/home/mscd] [COMMAND=/usr/lib/update-notifier/package-system-locked]
- Nov 29 15:54:45 mscd gnome-keyring-daemon[2785]: keyring alias directory: /home/mscd/.local/share/keyrings
- Nov 29 15:55:52 mscd sudo: mscd : TTY=pts/2 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/sbin/deluser mpiuser
- Nov 29 15:55:52 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 15:55:52 mscd userdel[20422]: delete user 'mpiuser'
- Nov 29 15:55:52 mscd userdel[20422]: removed group 'mpiuser' owned by 'mpiuser'
- Nov 29 15:55:52 mscd userdel[20422]: removed shadow group 'mpiuser' owned by 'mpiuser'
- Nov 29 15:55:52 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 15:57:24 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get remove --purge openssh-server
- Nov 29 15:57:24 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 15:57:25 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 15:57:53 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get autoremove
- Nov 29 15:57:53 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 15:58:10 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 15:59:57 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get remove ssh
- Nov 29 15:59:57 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 15:59:58 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 16:00:24 mscd pkexec: pam_unix(polkit-1:session): session opened for user root by (uid=1001)
- Nov 29 16:00:24 mscd pkexec[28830]: mscd: Executing command [USER=root] [TTY=unknown] [CWD=/home/mscd] [COMMAND=/usr/lib/update-notifier/package-system-locked]
- Nov 29 16:09:56 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get remove ssh
- Nov 29 16:09:56 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 16:09:57 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 16:10:03 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get remove ssh-keygen
- Nov 29 16:10:03 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 16:10:03 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 16:11:35 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get install openssh-sever
- Nov 29 16:11:35 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 16:11:35 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 16:11:42 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get install openssh-server
- Nov 29 16:11:42 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 16:11:47 mscd useradd[31658]: new user: name=sshd, UID=117, GID=65534, home=/var/run/sshd, shell=/usr/sbin/nologin
- Nov 29 16:11:47 mscd usermod[31663]: change user 'sshd' password
- Nov 29 16:11:47 mscd chage[31668]: changed password expiry for sshd
- Nov 29 16:11:48 mscd sshd[31723]: Server listening on 0.0.0.0 port 22.
- Nov 29 16:11:48 mscd sshd[31723]: Server listening on :: port 22.
- Nov 29 16:11:48 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 16:12:11 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get install openssh-server
- Nov 29 16:12:11 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 16:12:11 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 16:12:15 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get install openssh-server
- Nov 29 16:12:15 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 16:12:15 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 16:12:24 mscd pkexec: pam_unix(polkit-1:session): session opened for user root by (uid=1001)
- Nov 29 16:12:24 mscd pkexec[31934]: mscd: Executing command [USER=root] [TTY=unknown] [CWD=/home/mscd] [COMMAND=/usr/lib/update-notifier/package-system-locked]
- Nov 29 16:13:57 mscd gnome-keyring-daemon[2785]: exponent1 exponent1: no decoded value
- Nov 29 16:14:07 mscd sudo: mscd : TTY=pts/0 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/ssh-copy-id node1
- Nov 29 16:14:07 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 16:14:13 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 16:17:01 mscd CRON[32865]: pam_unix(cron:session): session opened for user root by (uid=0)
- Nov 29 16:17:01 mscd CRON[32865]: pam_unix(cron:session): session closed for user root
- Nov 29 16:24:54 mscd sudo: mscd : TTY=pts/2 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/apt-get install openssh-server
- Nov 29 16:24:54 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
- Nov 29 16:24:55 mscd sudo: pam_unix(sudo:session): session closed for user root
- Nov 29 16:28:46 mscd sudo: mscd : TTY=pts/2 ; PWD=/home/mscd ; USER=root ; COMMAND=/usr/bin/gedit /var/log/auth.log
- Nov 29 16:28:46 mscd sudo: pam_unix(sudo:session): session opened for user root by mscd(uid=0)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement