----
time->Thu Mar 19 17:51:50 2026
type=PROCTITLE msg=audit(1773957110.321:12225): proctitle="/opt/mssql/bin/sqlservr"
type=SYSCALL msg=audit(1773957110.321:12225): arch=c000003e syscall=262 success=no exit=-2 a0=ffffff9c a1=7f90121a4060 a2=7f901207e0c0 a3=0 items=0 ppid=69148 pid=69174 auid=4294967295 uid=993 gid=993 euid=993 suid=993 fsuid=993 egid=993 sgid=993 fsgid=993 tty=(none) ses=4294967295 comm="sqlservr" exe="/opt/mssql/bin/sqlservr" subj=system_u:object_r:unlabeled_t:s0 key=(null)
type=AVC msg=audit(1773957110.321:12225): avc:  denied  { search } for  pid=69174 comm="sqlservr" name="mssql" dev="xvda1" ino=465567937 scontext=system_u:object_r:unlabeled_t:s0 tcontext=unconfined_u:object_r:var_t:s0 tclass=dir permissive=1 srawcon="system_u:system_r:mssql_server_t:s0"
type=AVC msg=audit(1773957110.321:12225): avc:  denied  { search } for  pid=69174 comm="sqlservr" name="var" dev="xvda1" ino=133 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:var_t:s0 tclass=dir permissive=1 srawcon="system_u:system_r:mssql_server_t:s0"
----
time->Thu Mar 19 17:51:50 2026
type=AVC msg=audit(1773957110.749:12234): avc:  denied  { signal } for  pid=1 comm="systemd" scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=process permissive=1 trawcon="system_u:system_r:mssql_server_t:s0"
----
time->Thu Mar 19 17:51:50 2026
type=AVC msg=audit(1773957110.753:12241): avc:  denied  { read } for  pid=536 comm="systemd-journal" name="status" dev="proc" ino=243394 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1 trawcon="system_u:system_r:mssql_server_t:s0"
----
time->Thu Mar 19 17:51:50 2026
type=AVC msg=audit(1773957110.753:12242): avc:  denied  { open } for  pid=536 comm="systemd-journal" path="/proc/69174/status" dev="proc" ino=243394 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1 trawcon="system_u:system_r:mssql_server_t:s0"
----
time->Thu Mar 19 17:51:50 2026
type=AVC msg=audit(1773957110.753:12243): avc:  denied  { getattr } for  pid=536 comm="systemd-journal" path="/proc/69174/status" dev="proc" ino=243394 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1 trawcon="system_u:system_r:mssql_server_t:s0"
----
time->Thu Mar 19 17:51:50 2026
type=AVC msg=audit(1773957110.753:12244): avc:  denied  { ioctl } for  pid=536 comm="systemd-journal" path="/proc/69174/status" dev="proc" ino=243394 ioctlcmd=0x5401 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file permissive=1 trawcon="system_u:system_r:mssql_server_t:s0"
----
time->Thu Mar 19 17:51:50 2026
type=AVC msg=audit(1773957110.753:12245): avc:  denied  { read } for  pid=536 comm="systemd-journal" name="exe" dev="proc" ino=244487 scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=lnk_file permissive=1 trawcon="system_u:system_r:mssql_server_t:s0"
----
time->Thu Mar 19 17:51:50 2026
type=AVC msg=audit(1773957110.753:12246): avc:  denied  { getattr } for  pid=536 comm="systemd-journal" scontext=system_u:system_r:syslogd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=process permissive=1 trawcon="system_u:system_r:mssql_server_t:s0"
----
time->Thu Mar 19 17:51:50 2026
type=PROCTITLE msg=audit(1773957110.755:12247): proctitle="/opt/mssql/bin/sqlservr"
type=SYSCALL msg=audit(1773957110.755:12247): arch=c000003e syscall=262 success=no exit=-2 a0=ffffff9c a1=7f9010538640 a2=7f900ba4f880 a3=0 items=0 ppid=69148 pid=69174 auid=4294967295 uid=993 gid=993 euid=993 suid=993 fsuid=993 egid=993 sgid=993 fsgid=993 tty=(none) ses=4294967295 comm="Wt-644" exe=2F6F70742F6D7373716C2F62696E2F73716C7365727672202864656C6574656429 subj=system_u:object_r:unlabeled_t:s0 key=(null)
type=AVC msg=audit(1773957110.755:12247): avc:  denied  { search } for  pid=69174 comm="Wt-644" name="mssql" dev="xvda1" ino=465567937 scontext=system_u:object_r:unlabeled_t:s0 tcontext=unconfined_u:object_r:var_t:s0 tclass=dir permissive=1 srawcon="system_u:system_r:mssql_server_t:s0"
type=AVC msg=audit(1773957110.755:12247): avc:  denied  { search } for  pid=69174 comm="Wt-644" name="var" dev="xvda1" ino=133 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:var_t:s0 tclass=dir permissive=1 srawcon="system_u:system_r:mssql_server_t:s0"
----
time->Thu Mar 19 17:51:50 2026
type=PROCTITLE msg=audit(1773957110.755:12254): proctitle="/opt/mssql/bin/sqlservr"
type=PATH msg=audit(1773957110.755:12254): item=0 name="/usr/bin" inode=139 dev=ca:01 mode=040555 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:bin_t:s0 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=CWD msg=audit(1773957110.755:12254): cwd="/var/opt/mssql"
type=SYSCALL msg=audit(1773957110.755:12254): arch=c000003e syscall=89 success=no exit=-22 a0=7f900ba4dce0 a1=7f900ba4d880 a2=3ff a3=ffffffffffff items=1 ppid=69148 pid=69174 auid=4294967295 uid=993 gid=993 euid=993 suid=993 fsuid=993 egid=993 sgid=993 fsgid=993 tty=(none) ses=4294967295 comm="Wt-644" exe=2F6F70742F6D7373716C2F62696E2F73716C7365727672202864656C6574656429 subj=system_u:object_r:unlabeled_t:s0 key=(null)
type=AVC msg=audit(1773957110.755:12254): avc:  denied  { search } for  pid=69174 comm="Wt-644" name="usr" dev="xvda1" ino=13064922 scontext=system_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:usr_t:s0 tclass=dir permissive=1 srawcon="system_u:system_r:mssql_server_t:s0"