Last active
August 23, 2022 19:37
-
-
Save Billy99/888b295cdd4ec63105bc8b3899497c90 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # NOTES: | |
| # Used `/usr/share/bcc/tools/capable` to view the capabilities being used while performing | |
| # the following bpfd actions: | |
| # sudo systemctl start bpfd.service | |
| # bpfctl list | |
| # bpfctl load | |
| # bpfctl unload | |
| # gocounter <-- Reads Maps | |
| # unload gocounter | |
| # sudo systemctl stop bpfd.service | |
| $ sudo /usr/share/bcc/tools/capable | |
| TIME UID PID COMM CAP NAME AUDIT | |
| # AmbientCapabilities=~ | |
| # CapabilityBoundingSet~ | |
| # | |
| # sudo systemctl start bpfd.service | |
| 12:56:04 1000 229700 bash 2 CAP_DAC_READ_SEARCH 1 | |
| 12:56:04 1000 229700 bash 1 CAP_DAC_OVERRIDE 1 | |
| 12:56:04 1000 229700 sudo 24 CAP_SYS_RESOURCE 1 | |
| 12:56:04 1000 229700 sudo 7 CAP_SETUID 1 | |
| 12:56:04 0 229700 sudo 6 CAP_SETGID 1 | |
| 12:56:04 0 229700 sudo 7 CAP_SETUID 1 | |
| 12:56:04 0 229700 sudo 7 CAP_SETUID 1 | |
| 12:56:04 0 229700 sudo 6 CAP_SETGID 1 | |
| 12:56:04 0 229700 sudo 7 CAP_SETUID 1 | |
| 12:56:04 0 229700 sudo 6 CAP_SETGID 1 | |
| 12:56:04 0 229700 sudo 7 CAP_SETUID 1 | |
| 12:56:04 1000 229700 sudo 6 CAP_SETGID 1 | |
| 12:56:04 1000 229700 sudo 6 CAP_SETGID 1 | |
| 12:56:04 1000 229700 sudo 6 CAP_SETGID 1 | |
| 12:56:04 1000 229700 sudo 6 CAP_SETGID 1 | |
| 12:56:04 1000 229700 sudo 7 CAP_SETUID 1 | |
| 12:56:04 1000 229700 sudo 6 CAP_SETGID 1 | |
| 12:56:04 1000 229700 sudo 6 CAP_SETGID 1 | |
| 12:56:04 1000 229700 sudo 6 CAP_SETGID 1 | |
| 12:56:04 1000 229700 sudo 6 CAP_SETGID 1 | |
| 12:56:04 1000 229700 sudo 7 CAP_SETUID 1 | |
| 12:56:04 1000 229700 sudo 2 CAP_DAC_READ_SEARCH 1 | |
| 12:56:04 1000 229700 sudo 29 CAP_AUDIT_WRITE 1 | |
| 12:56:04 1000 229700 sudo 29 CAP_AUDIT_WRITE 1 | |
| 12:56:04 1000 229700 sudo 24 CAP_SYS_RESOURCE 1 | |
| 12:56:04 1000 229700 sudo 6 CAP_SETGID 1 | |
| 12:56:04 0 615 systemd-journal 5 CAP_KILL 1 | |
| 12:56:04 0 615 systemd-journal 5 CAP_KILL 1 | |
| 12:56:04 0 615 systemd-journal 5 CAP_KILL 1 | |
| 12:56:04 0 615 systemd-journal 5 CAP_KILL 1 | |
| 12:56:04 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:56:04 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:56:04 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:56:04 1000 229700 sudo 6 CAP_SETGID 1 | |
| 12:56:04 1000 229700 sudo 29 CAP_AUDIT_WRITE 1 | |
| 12:56:04 0 229700 sudo 7 CAP_SETUID 1 | |
| 12:56:04 0 229700 sudo 7 CAP_SETUID 1 | |
| 12:56:04 0 229663 systemd-userwor 2 CAP_DAC_READ_SEARCH 1 | |
| 12:56:04 1000 229700 sudo 12 CAP_NET_ADMIN 1 | |
| 12:56:04 1000 229700 sudo 12 CAP_NET_ADMIN 1 | |
| 12:56:04 1000 229700 sudo 29 CAP_AUDIT_WRITE 1 | |
| 12:56:04 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:56:04 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:56:04 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:56:04 1000 229701 sudo 24 CAP_SYS_RESOURCE 1 | |
| 12:56:04 1000 229701 sudo 7 CAP_SETUID 1 | |
| 12:56:04 0 229702 (sd-askpwagent) 24 CAP_SYS_RESOURCE 1 | |
| 12:56:04 0 229702 (sd-askpwagent) 24 CAP_SYS_RESOURCE 1 | |
| 12:56:04 0 229701 systemctl 12 CAP_NET_ADMIN 1 | |
| 12:56:04 0 229701 systemctl 12 CAP_NET_ADMIN 1 | |
| 12:56:04 0 1 systemd 12 CAP_NET_ADMIN 1 | |
| 12:56:04 0 1 systemd 12 CAP_NET_ADMIN 1 | |
| 12:56:04 0 1 systemd 21 CAP_SYS_ADMIN 1 | |
| 12:56:04 0 1 systemd 21 CAP_SYS_ADMIN 1 | |
| 12:56:04 0 229703 (bpfd) 24 CAP_SYS_RESOURCE 1 | |
| 12:56:04 0 229703 (bpfd) 24 CAP_SYS_RESOURCE 1 | |
| 12:56:04 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:56:04 0 1 systemd 29 CAP_AUDIT_WRITE 1 | |
| 12:56:04 0 229703 (bpfd) 6 CAP_SETGID 1 | |
| 12:56:04 0 229703 (bpfd) 6 CAP_SETGID 1 | |
| 12:56:04 0 229703 (bpfd) 7 CAP_SETUID 1 | |
| 12:56:04 0 229703 (bpfd) 7 CAP_SETUID 1 | |
| 12:56:04 0 229703 (bpfd) 6 CAP_SETGID 1 | |
| 12:56:04 0 229703 (bpfd) 12 CAP_NET_ADMIN 1 | |
| 12:56:04 0 229703 (bpfd) 6 CAP_SETGID 1 | |
| 12:56:04 0 229703 (bpfd) 7 CAP_SETUID 1 | |
| 12:56:04 0 229703 (bpfd) 21 CAP_SYS_ADMIN 1 | |
| 12:56:04 0 229703 (bpfd) 6 CAP_SETGID 1 | |
| 12:56:04 0 229703 (bpfd) 7 CAP_SETUID 1 | |
| 12:56:04 979 229703 bpfd 24 CAP_SYS_RESOURCE 1 | |
| 12:56:04 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:56:04 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:56:04 1000 229700 sudo 29 CAP_AUDIT_WRITE 1 | |
| 12:56:04 1000 229700 sudo 29 CAP_AUDIT_WRITE 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 2 CAP_DAC_READ_SEARCH 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 12 CAP_NET_ADMIN 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 21 CAP_SYS_ADMIN 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 12 CAP_NET_ADMIN 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:04 979 229703 bpfd 39 CAP_BPF 1 | |
| # RUST_LOG=info bpfctl list --iface veth12fa8e3 | |
| 12:56:28 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:56:28 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| # RUST_LOG=info bpfctl load -i veth12fa8e3 -p xdp --priority 65 --proceed-on "pass" --proceed-on "dispatcher_return" -s "xdp" /home/bmcfall/src/xdp-tutorial/basic01-xdp-pass/xdp_pass_kern.o | |
| 12:56:47 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:56:47 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 2 CAP_DAC_READ_SEARCH 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 12 CAP_NET_ADMIN 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 21 CAP_SYS_ADMIN 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 12 CAP_NET_ADMIN 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 21 CAP_SYS_ADMIN 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:56:47 979 229703 bpfd 39 CAP_BPF 1 | |
| # RUST_LOG=info bpfctl load -i veth12fa8e3 -p xdp --priority 45 --proceed-on "pass" -s "xdp" /home/bmcfall/src/xdp-tutorial/basic01-xdp-pass/xdp_pass_kern.o | |
| 12:57:09 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:57:09 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:57:09 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:09 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:09 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:09 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:09 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:09 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:09 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:09 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:09 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:09 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:09 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:09 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:09 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:09 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:09 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:09 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:09 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:09 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:09 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:09 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:09 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:09 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:09 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:09 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:09 979 229703 bpfd 2 CAP_DAC_READ_SEARCH 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 12 CAP_NET_ADMIN 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 21 CAP_SYS_ADMIN 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 12 CAP_NET_ADMIN 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 21 CAP_SYS_ADMIN 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 21 CAP_SYS_ADMIN 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:57:10 979 229703 bpfd 39 CAP_BPF 1 | |
| # RUST_LOG=info bpfctl list --iface veth12fa8e3 | |
| 12:57:33 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:57:33 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| # RUST_LOG=info bpfctl unload --iface veth12fa8e3 c7884701-57eb-4530-992c-7147cdde0e16 | |
| 12:58:05 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:58:05 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:05 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:05 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:05 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:05 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 12 CAP_NET_ADMIN 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:05 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:05 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:05 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:05 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 21 CAP_SYS_ADMIN 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 21 CAP_SYS_ADMIN 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:05 979 229703 bpfd 39 CAP_BPF 1 | |
| # sudo ./gocounter veth12fa8e3 | |
| 12:58:27 1000 229743 bash 2 CAP_DAC_READ_SEARCH 1 | |
| 12:58:27 1000 229743 bash 1 CAP_DAC_OVERRIDE 1 | |
| 12:58:27 1000 229743 sudo 24 CAP_SYS_RESOURCE 1 | |
| 12:58:27 1000 229743 sudo 7 CAP_SETUID 1 | |
| 12:58:27 0 229743 sudo 6 CAP_SETGID 1 | |
| 12:58:27 0 229743 sudo 7 CAP_SETUID 1 | |
| 12:58:27 0 229743 sudo 7 CAP_SETUID 1 | |
| 12:58:27 0 229743 sudo 6 CAP_SETGID 1 | |
| 12:58:27 0 229743 sudo 7 CAP_SETUID 1 | |
| 12:58:27 0 229743 sudo 6 CAP_SETGID 1 | |
| 12:58:27 0 229743 sudo 7 CAP_SETUID 1 | |
| 12:58:27 1000 229743 sudo 6 CAP_SETGID 1 | |
| 12:58:27 1000 229743 sudo 6 CAP_SETGID 1 | |
| 12:58:27 1000 229743 sudo 6 CAP_SETGID 1 | |
| 12:58:27 1000 229743 sudo 6 CAP_SETGID 1 | |
| 12:58:27 1000 229743 sudo 7 CAP_SETUID 1 | |
| 12:58:27 1000 229743 sudo 6 CAP_SETGID 1 | |
| 12:58:27 1000 229743 sudo 6 CAP_SETGID 1 | |
| 12:58:27 1000 229743 sudo 6 CAP_SETGID 1 | |
| 12:58:27 1000 229743 sudo 6 CAP_SETGID 1 | |
| 12:58:27 1000 229743 sudo 7 CAP_SETUID 1 | |
| 12:58:27 1000 229743 sudo 2 CAP_DAC_READ_SEARCH 1 | |
| 12:58:27 1000 229743 sudo 29 CAP_AUDIT_WRITE 1 | |
| 12:58:27 1000 229743 sudo 29 CAP_AUDIT_WRITE 1 | |
| 12:58:27 1000 229743 sudo 24 CAP_SYS_RESOURCE 1 | |
| 12:58:27 1000 229743 sudo 6 CAP_SETGID 1 | |
| 12:58:27 0 615 systemd-journal 5 CAP_KILL 1 | |
| 12:58:27 0 615 systemd-journal 5 CAP_KILL 1 | |
| 12:58:27 0 615 systemd-journal 5 CAP_KILL 1 | |
| 12:58:27 0 615 systemd-journal 5 CAP_KILL 1 | |
| 12:58:27 0 615 systemd-journal 5 CAP_KILL 1 | |
| 12:58:27 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:58:27 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:58:27 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:58:27 1000 229743 sudo 6 CAP_SETGID 1 | |
| 12:58:27 1000 229743 sudo 29 CAP_AUDIT_WRITE 1 | |
| 12:58:27 0 229743 sudo 7 CAP_SETUID 1 | |
| 12:58:27 0 229743 sudo 7 CAP_SETUID 1 | |
| 12:58:27 0 229661 systemd-userwor 2 CAP_DAC_READ_SEARCH 1 | |
| 12:58:27 1000 229743 sudo 12 CAP_NET_ADMIN 1 | |
| 12:58:27 1000 229743 sudo 12 CAP_NET_ADMIN 1 | |
| 12:58:27 1000 229743 sudo 29 CAP_AUDIT_WRITE 1 | |
| 12:58:27 1000 229744 sudo 24 CAP_SYS_RESOURCE 1 | |
| 12:58:27 1000 229744 sudo 7 CAP_SETUID 1 | |
| 12:58:27 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:58:27 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:58:27 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:58:27 0 229744 gocounter 2 CAP_DAC_READ_SEARCH 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:58:27 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 2 CAP_DAC_READ_SEARCH 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 12 CAP_NET_ADMIN 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 21 CAP_SYS_ADMIN 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 21 CAP_SYS_ADMIN 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 12 CAP_NET_ADMIN 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 21 CAP_SYS_ADMIN 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:27 0 229748 gocounter 0 CAP_CHOWN 1 | |
| 12:58:27 0 229748 gocounter 3 CAP_FOWNER 1 | |
| 12:58:27 0 229748 gocounter 39 CAP_BPF 1 | |
| 12:58:30 0 229744 gocounter 39 CAP_BPF 1 | |
| 12:58:33 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:58:33 0 229746 gocounter 39 CAP_BPF 1 | |
| 12:58:36 0 229746 gocounter 39 CAP_BPF 1 | |
| 12:58:39 0 229746 gocounter 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:42 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:42 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:42 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:42 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:58:42 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 12 CAP_NET_ADMIN 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:42 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:42 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:42 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:42 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 38 CAP_PERFMON 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 21 CAP_SYS_ADMIN 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 21 CAP_SYS_ADMIN 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 979 229703 bpfd 39 CAP_BPF 1 | |
| 12:58:42 1000 229743 sudo 29 CAP_AUDIT_WRITE 1 | |
| 12:58:42 1000 229743 sudo 29 CAP_AUDIT_WRITE 1 | |
| 12:58:47 0 229753 (sd-worker) 24 CAP_SYS_RESOURCE 1 | |
| 12:58:47 0 229753 (sd-worker) 12 CAP_NET_ADMIN 1 | |
| 12:58:47 0 229753 systemd-userwor 12 CAP_NET_ADMIN 1 | |
| 12:58:47 0 229753 systemd-userwor 24 CAP_SYS_RESOURCE 1 | |
| # sudo systemctl stop bpfd.service | |
| 12:59:10 1000 229754 bash 2 CAP_DAC_READ_SEARCH 1 | |
| 12:59:10 1000 229754 bash 1 CAP_DAC_OVERRIDE 1 | |
| 12:59:10 1000 229754 sudo 24 CAP_SYS_RESOURCE 1 | |
| 12:59:10 1000 229754 sudo 7 CAP_SETUID 1 | |
| 12:59:10 0 229754 sudo 6 CAP_SETGID 1 | |
| 12:59:10 0 229754 sudo 7 CAP_SETUID 1 | |
| 12:59:10 0 229754 sudo 7 CAP_SETUID 1 | |
| 12:59:10 0 229754 sudo 6 CAP_SETGID 1 | |
| 12:59:10 0 229754 sudo 7 CAP_SETUID 1 | |
| 12:59:10 0 229754 sudo 6 CAP_SETGID 1 | |
| 12:59:10 0 229754 sudo 7 CAP_SETUID 1 | |
| 12:59:10 1000 229754 sudo 6 CAP_SETGID 1 | |
| 12:59:10 1000 229754 sudo 6 CAP_SETGID 1 | |
| 12:59:10 1000 229754 sudo 6 CAP_SETGID 1 | |
| 12:59:10 1000 229754 sudo 6 CAP_SETGID 1 | |
| 12:59:10 1000 229754 sudo 7 CAP_SETUID 1 | |
| 12:59:10 1000 229754 sudo 6 CAP_SETGID 1 | |
| 12:59:10 1000 229754 sudo 6 CAP_SETGID 1 | |
| 12:59:10 1000 229754 sudo 6 CAP_SETGID 1 | |
| 12:59:10 1000 229754 sudo 6 CAP_SETGID 1 | |
| 12:59:10 1000 229754 sudo 7 CAP_SETUID 1 | |
| 12:59:10 1000 229754 sudo 2 CAP_DAC_READ_SEARCH 1 | |
| 12:59:10 1000 229754 sudo 29 CAP_AUDIT_WRITE 1 | |
| 12:59:10 1000 229754 sudo 29 CAP_AUDIT_WRITE 1 | |
| 12:59:10 1000 229754 sudo 24 CAP_SYS_RESOURCE 1 | |
| 12:59:10 1000 229754 sudo 6 CAP_SETGID 1 | |
| 12:59:10 1000 229754 sudo 6 CAP_SETGID 1 | |
| 12:59:10 1000 229754 sudo 29 CAP_AUDIT_WRITE 1 | |
| 12:59:10 0 615 systemd-journal 5 CAP_KILL 1 | |
| 12:59:10 0 229754 sudo 7 CAP_SETUID 1 | |
| 12:59:10 0 229754 sudo 7 CAP_SETUID 1 | |
| 12:59:10 0 229753 systemd-userwor 2 CAP_DAC_READ_SEARCH 1 | |
| 12:59:10 1000 229754 sudo 12 CAP_NET_ADMIN 1 | |
| 12:59:10 1000 229754 sudo 12 CAP_NET_ADMIN 1 | |
| 12:59:10 1000 229754 sudo 29 CAP_AUDIT_WRITE 1 | |
| 12:59:10 1000 229755 sudo 24 CAP_SYS_RESOURCE 1 | |
| 12:59:10 1000 229755 sudo 7 CAP_SETUID 1 | |
| 12:59:10 0 229755 systemctl 12 CAP_NET_ADMIN 1 | |
| 12:59:10 0 229755 systemctl 12 CAP_NET_ADMIN 1 | |
| 12:59:10 0 1 systemd 12 CAP_NET_ADMIN 1 | |
| 12:59:10 0 1 systemd 12 CAP_NET_ADMIN 1 | |
| 12:59:10 0 229756 (sd-askpwagent) 24 CAP_SYS_RESOURCE 1 | |
| 12:59:10 0 229756 (sd-askpwagent) 24 CAP_SYS_RESOURCE 1 | |
| 12:59:10 0 615 systemd-journal 5 CAP_KILL 1 | |
| 12:59:10 0 615 systemd-journal 5 CAP_KILL 1 | |
| 12:59:10 0 615 systemd-journal 5 CAP_KILL 1 | |
| 12:59:10 0 615 systemd-journal 5 CAP_KILL 1 | |
| 12:59:10 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:59:10 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:59:10 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:59:10 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:59:10 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:59:10 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:59:10 0 1 systemd 5 CAP_KILL 1 | |
| 12:59:10 0 1 systemd 5 CAP_KILL 1 | |
| 12:59:10 0 615 systemd-journal 19 CAP_SYS_PTRACE 1 | |
| 12:59:10 0 1 systemd 39 CAP_BPF 1 | |
| 12:59:10 0 1 systemd 29 CAP_AUDIT_WRITE 1 | |
| 12:59:10 1000 229754 sudo 29 CAP_AUDIT_WRITE 1 | |
| 12:59:10 1000 229754 sudo 29 CAP_AUDIT_WRITE 1 | |
| 12:59:17 0 229759 (sd-worker) 24 CAP_SYS_RESOURCE 1 | |
| 12:59:17 0 229759 (sd-worker) 12 CAP_NET_ADMIN 1 | |
| 12:59:17 0 229759 systemd-userwor 12 CAP_NET_ADMIN 1 | |
| 12:59:17 0 229759 systemd-userwor 24 CAP_SYS_RESOURCE 1 | |
| $ grep Cap /proc/229703/status | |
| CapInh: 000001ffffffffff | |
| CapPrm: 000001ffffffffff | |
| CapEff: 000001ffffffffff | |
| CapBnd: 000001ffffffffff | |
| CapAmb: 000001ffffffffff | |
| ================================================================================== | |
| ================================================================================== | |
| 1000 229700 bash | |
| ----------------------------- | |
| CAP_DAC_OVERRIDE | |
| CAP_DAC_READ_SEARCH | |
| 0 229701 systemctl | |
| ----------------------------- | |
| CAP_NET_ADMIN | |
| 0 1 systemd | |
| ----------------------------- | |
| CAP_AUDIT_WRITE | |
| CAP_NET_ADMIN | |
| CAP_SYS_ADMIN | |
| 0 615 systemd-journal | |
| ----------------------------- | |
| CAP_KILL | |
| CAP_SYS_PTRACE | |
| 0 229759 systemd-userwor | |
| ----------------------------- | |
| CAP_DAC_READ_SEARCH | |
| CAP_NET_ADMIN | |
| CAP_SYS_RESOURCE | |
| 0 229700 sudo | |
| 1000 229700 sudo | |
| ----------------------------- | |
| CAP_AUDIT_WRITE | |
| CAP_DAC_READ_SEARCH | |
| CAP_NET_ADMIN | |
| CAP_SETGID | |
| CAP_SETUID | |
| CAP_SYS_RESOURCE | |
| 0 229702 (sd-askpwagent) | |
| ----------------------------- | |
| CAP_SYS_RESOURCE | |
| 0 229759 (sd-worker) | |
| ----------------------------- | |
| CAP_NET_ADMIN | |
| CAP_SYS_RESOURCE | |
| 0 224302 (bpfd) | |
| ----------------------------- | |
| CAP_NET_ADMIN | |
| CAP_SETGID <--- Not used by "229703 224302 bpfd" | |
| CAP_SETUID <--- Not used by "229703 224302 bpfd" | |
| CAP_SYS_ADMIN | |
| CAP_SYS_RESOURCE | |
| 979 229703 bpfd | |
| ----------------------------- | |
| CAP_BPF | |
| CAP_DAC_READ_SEARCH | |
| CAP_NET_ADMIN | |
| CAP_PERFMON | |
| CAP_SYS_ADMIN | |
| CAP_SYS_RESOURCE | |
| 0 224345 gocounter | |
| ----------------------------- | |
| CAP_BPF | |
| CAP_CHOWN | |
| CAP_DAC_READ_SEARCH | |
| CAP_FOWNER | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment