----
time->Fri Nov  7 20:30:13 2025
type=PROCTITLE msg=audit(1762565413.877:11709): proctitle=707974686F6E33002F6F70742F6D7373716C2F62696E2F2E2E2F6C69622F6D7373716C2D636F6E662F6D7373716C2D636F6E662E707900736574006E6574776F726B2E746370706F72740031343335
type=SYSCALL msg=audit(1762565413.877:11709): arch=c000003e syscall=42 success=no exit=-111 a0=4 a1=7ffea93b4e60 a2=10 a3=7fc8ff5779f1 items=0 ppid=69822 pid=69824 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=8 comm="python3" exe="/usr/bin/python3.9" subj=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1762565413.877:11709): avc:  denied  { name_connect } for  pid=69824 comm="python3" dest=1435 scontext=unconfined_u:unconfined_r:mssql_conf_t:s0-s0:c0.c1023 tcontext=system_u:object_r:mssql_port_t:s0 tclass=tcp_socket permissive=1
----
time->Fri Nov  7 20:30:54 2025
type=PROCTITLE msg=audit(1762565454.781:12357): proctitle="/opt/mssql/bin/sqlservr"
type=SYSCALL msg=audit(1762565454.781:12357): arch=c000003e syscall=262 success=no exit=-2 a0=ffffff9c a1=7f933ddf5460 a2=7f933dc7e0c0 a3=0 items=0 ppid=70732 pid=70758 auid=4294967295 uid=993 gid=993 euid=993 suid=993 fsuid=993 egid=993 sgid=993 fsgid=993 tty=(none) ses=4294967295 comm="sqlservr" exe="/opt/mssql/bin/sqlservr" subj=system_u:object_r:unlabeled_t:s0 key=(null)
type=AVC msg=audit(1762565454.781:12357): avc:  denied  { search } for  pid=70758 comm="sqlservr" name="mssql" dev="xvda1" ino=658505934 scontext=system_u:object_r:unlabeled_t:s0 tcontext=unconfined_u:object_r:var_t:s0 tclass=dir permissive=1 srawcon="system_u:system_r:mssql_server_t:s0"
type=AVC msg=audit(1762565454.781:12357): avc:  denied  { search } for  pid=70758 comm="sqlservr" name="var" dev="xvda1" ino=133 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:var_t:s0 tclass=dir permissive=1 srawcon="system_u:system_r:mssql_server_t:s0"
type=AVC msg=audit(1762565454.781:12357): avc:  denied  { search } for  pid=70758 comm="sqlservr" name="/" dev="xvda1" ino=128 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir permissive=1 srawcon="system_u:system_r:mssql_server_t:s0"
----
time->Fri Nov  7 20:30:56 2025
type=AVC msg=audit(1762565456.280:12372): avc:  denied  { signal } for  pid=1 comm="systemd" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=process permissive=1 trawcon="system_u:system_r:mssql_server_t:s0"
----
time->Fri Nov  7 20:30:56 2025
type=AVC msg=audit(1762565456.283:12378): avc:  denied  { read } for  pid=519 comm="systemd-journal" name="status" dev="proc" ino=256332 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1 trawcon="system_u:system_r:mssql_server_t:s0"
----
time->Fri Nov  7 20:30:56 2025
type=AVC msg=audit(1762565456.283:12380): avc:  denied  { open } for  pid=519 comm="systemd-journal" path="/proc/70758/status" dev="proc" ino=256332 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1 trawcon="system_u:system_r:mssql_server_t:s0"
----
time->Fri Nov  7 20:30:56 2025
type=AVC msg=audit(1762565456.283:12381): avc:  denied  { getattr } for  pid=519 comm="systemd-journal" path="/proc/70758/status" dev="proc" ino=256332 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1 trawcon="system_u:system_r:mssql_server_t:s0"
----
time->Fri Nov  7 20:30:56 2025
type=AVC msg=audit(1762565456.283:12382): avc:  denied  { ioctl } for  pid=519 comm="systemd-journal" path="/proc/70758/status" dev="proc" ino=256332 ioctlcmd=0x5401 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1 trawcon="system_u:system_r:mssql_server_t:s0"
----
time->Fri Nov  7 20:30:56 2025
type=AVC msg=audit(1762565456.283:12383): avc:  denied  { read } for  pid=519 comm="systemd-journal" name="exe" dev="proc" ino=257262 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=lnk_file permissive=1 trawcon="system_u:system_r:mssql_server_t:s0"
----
time->Fri Nov  7 20:30:56 2025
type=AVC msg=audit(1762565456.283:12384): avc:  denied  { getattr } for  pid=519 comm="systemd-journal" scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=process permissive=1 trawcon="system_u:system_r:mssql_server_t:s0"
----
time->Fri Nov  7 20:30:56 2025
type=PROCTITLE msg=audit(1762565456.286:12385): proctitle="/opt/mssql/bin/sqlservr"
type=SYSCALL msg=audit(1762565456.286:12385): arch=c000003e syscall=262 success=no exit=-2 a0=ffffff9c a1=7f933a0d7c90 a2=7f9336eb7880 a3=0 items=0 ppid=70732 pid=70758 auid=4294967295 uid=993 gid=993 euid=993 suid=993 fsuid=993 egid=993 sgid=993 fsgid=993 tty=(none) ses=4294967295 comm="Wt-656" exe=2F6F70742F6D7373716C2F62696E2F73716C7365727672202864656C6574656429 subj=system_u:object_r:unlabeled_t:s0 key=(null)
type=AVC msg=audit(1762565456.286:12385): avc:  denied  { search } for  pid=70758 comm="Wt-656" name="mssql" dev="xvda1" ino=658505934 scontext=system_u:object_r:unlabeled_t:s0 tcontext=unconfined_u:object_r:var_t:s0 tclass=dir permissive=1 srawcon="system_u:system_r:mssql_server_t:s0"
type=AVC msg=audit(1762565456.286:12385): avc:  denied  { search } for  pid=70758 comm="Wt-656" name="var" dev="xvda1" ino=133 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:var_t:s0 tclass=dir permissive=1 srawcon="system_u:system_r:mssql_server_t:s0"
type=AVC msg=audit(1762565456.286:12385): avc:  denied  { search } for  pid=70758 comm="Wt-656" name="/" dev="xvda1" ino=128 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:root_t:s0 tclass=dir permissive=1 srawcon="system_u:system_r:mssql_server_t:s0"
----
time->Fri Nov  7 20:30:56 2025
type=PROCTITLE msg=audit(1762565456.287:12392): proctitle="/opt/mssql/bin/sqlservr"
type=PATH msg=audit(1762565456.287:12392): item=0 name="/usr/bin" inode=139 dev=ca:01 mode=040555 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:bin_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=CWD msg=audit(1762565456.287:12392): cwd="/var/opt/mssql"
type=SYSCALL msg=audit(1762565456.287:12392): arch=c000003e syscall=89 success=no exit=-22 a0=7f9336eb5ce0 a1=7f9336eb5880 a2=3ff a3=3f items=1 ppid=70732 pid=70758 auid=4294967295 uid=993 gid=993 euid=993 suid=993 fsuid=993 egid=993 sgid=993 fsgid=993 tty=(none) ses=4294967295 comm="Wt-656" exe=2F6F70742F6D7373716C2F62696E2F73716C7365727672202864656C6574656429 subj=system_u:object_r:unlabeled_t:s0 key=(null)
type=AVC msg=audit(1762565456.287:12392): avc:  denied  { search } for  pid=70758 comm="Wt-656" name="usr" dev="xvda1" ino=12984929 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:usr_t:s0 tclass=dir permissive=1 srawcon="system_u:system_r:mssql_server_t:s0"