[2025-08-22 22:32:27] [INFO] Starting comprehensive system audit on surface [2025-08-22 22:32:27] [INFO] Output directory: /tmp/system_audit_surface_20250822_223227 [2025-08-22 22:32:27] [INFO] Script version: 2.0 [2025-08-22 22:32:27] [INFO] Validating environment and dependencies... [2025-08-22 22:32:27] [WARN] Optional tool not found: podman [2025-08-22 22:32:27] [WARN] Optional tool not found: vnstat [2025-08-22 22:32:27] [INFO] Environment validation completed [2025-08-22 22:32:27] [INFO] Running with root privileges [2025-08-22 22:32:27] [INFO] Running module: collect_system_info ==== SYSTEM INFORMATION ==== --- Basic System Details --- Hostname: surface FQDN: surface IP Addresses: 192.168.50.254 100.67.40.97 172.17.0.1 172.19.0.1 172.20.0.1 172.18.0.1 fd56:f1f9:1afc:8f71:b128:1450:b541:2a71 fd56:f1f9:1afc:8f71:e7d0:a11f:5d7d:7c1d fd7a:115c:a1e0::e334:2861 Date/Time: Fri Aug 22 10:32:27 PM EDT 2025 Uptime: 22:32:27 up 5:21, 3 users, load average: 1.38, 1.61, 1.61 Load Average: 1.38 1.61 1.61 1/1101 215459 Architecture: x86_64 Kernel: 6.15.1-surface-2 Distribution: Ubuntu 24.04.3 LTS Kernel Version: #2 SMP PREEMPT_DYNAMIC Tue Jun 24 21:02:07 UTC 2025 --- Hardware Information --- Architecture: x86_64 CPU op-mode(s): 32-bit, 64-bit Address sizes: 39 bits physical, 48 bits virtual Byte Order: Little Endian CPU(s): 4 On-line CPU(s) list: 0-3 Vendor ID: GenuineIntel BIOS Vendor ID: Intel(R) Corporation Model name: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz BIOS Model name: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz To Be Filled By O.E.M. CPU @ 2.3GHz BIOS CPU family: 205 CPU family: 6 Model: 78 Thread(s) per core: 2 Core(s) per socket: 2 Socket(s): 1 Stepping: 3 CPU(s) scaling MHz: 93% CPU max MHz: 3000.0000 CPU min MHz: 400.0000 BogoMIPS: 4999.90 Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb pti ssbd ibrs ibpb stibp tpr_shadow flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp vnmi md_clear flush_l1d arch_capabilities Virtualization: VT-x L1d cache: 64 KiB (2 instances) L1i cache: 64 KiB (2 instances) L2 cache: 512 KiB (2 instances) L3 cache: 3 MiB (1 instance) NUMA node(s): 1 NUMA node0 CPU(s): 0-3 Vulnerability Gather data sampling: Vulnerable: No microcode Vulnerability Ghostwrite: Not affected Vulnerability Indirect target selection: Not affected Vulnerability Itlb multihit: KVM: Mitigation: Split huge pages Vulnerability L1tf: Mitigation; PTE Inversion; VMX conditional cache flushes, SMT vulnerable Vulnerability Mds: Mitigation; Clear CPU buffers; SMT vulnerable Vulnerability Meltdown: Mitigation; PTI Vulnerability Mmio stale data: Mitigation; Clear CPU buffers; SMT vulnerable Vulnerability Reg file data sampling: Not affected Vulnerability Retbleed: Mitigation; IBRS Vulnerability Spec rstack overflow: Not affected Vulnerability Spec store bypass: Mitigation; Speculative Store Bypass disabled via prctl Vulnerability Spectre v1: Mitigation; usercopy/swapgs barriers and __user pointer sanitization Vulnerability Spectre v2: Mitigation; IBRS; IBPB conditional; STIBP conditional; RSB filling; PBRSB-eIBRS Not affected; BHI Not affected Vulnerability Srbds: Mitigation; Microcode Vulnerability Tsx async abort: Mitigation; TSX disabled total used free shared buff/cache available Mem: 7.7Gi 1.8Gi 479Mi 115Mi 5.9Gi 5.9Gi Swap: 4.0Gi 1.0Gi 3.0Gi Filesystem Size Used Avail Use% Mounted on tmpfs 788M 3.3M 784M 1% /run /dev/nvme0n1p2 233G 45G 176G 21% / tmpfs 3.9G 464K 3.9G 1% /dev/shm tmpfs 5.0M 8.0K 5.0M 1% /run/lock efivarfs 116K 55K 57K 50% /sys/firmware/efi/efivars /dev/nvme0n1p1 1.1G 6.2M 1.1G 1% /boot/efi 192.168.50.107:/export/surface_backup 7.3T 306G 7.0T 5% /mnt/omv-backup tmpfs 788M 120K 788M 1% /run/user/1000 NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS loop0 7:0 0 4K 1 loop /snap/bare/5 loop1 7:1 0 13.2M 1 loop /snap/canonical-livepatch/338 loop2 7:2 0 13.2M 1 loop /snap/canonical-livepatch/341 loop3 7:3 0 73.9M 1 loop /snap/core22/2082 loop4 7:4 0 73.9M 1 loop /snap/core22/2045 loop5 7:5 0 140.6M 1 loop /snap/docker/3265 loop6 7:6 0 66.8M 1 loop /snap/core24/1006 loop7 7:7 0 245.6M 1 loop /snap/firefox/6638 loop8 7:8 0 11.1M 1 loop /snap/firmware-updater/167 loop9 7:9 0 66.8M 1 loop /snap/core24/1055 loop10 7:10 0 91.7M 1 loop /snap/gtk-common-themes/1535 loop11 7:11 0 10.8M 1 loop /snap/snap-store/1248 loop12 7:12 0 516M 1 loop /snap/gnome-42-2204/202 loop13 7:13 0 245.5M 1 loop /snap/firefox/6626 loop14 7:14 0 49.3M 1 loop /snap/snapd/24792 loop15 7:15 0 50.9M 1 loop /snap/snapd/24718 loop16 7:16 0 28.4M 1 loop /snap/tailscale/108 loop17 7:17 0 10.8M 1 loop /snap/snap-store/1270 loop18 7:18 0 568K 1 loop /snap/snapd-desktop-integration/253 loop19 7:19 0 576K 1 loop /snap/snapd-desktop-integration/315 loop20 7:20 0 27.1M 1 loop /snap/tailscale/97 nvme0n1 259:0 0 238.5G 0 disk ├─nvme0n1p1 259:1 0 1G 0 part /boot/efi └─nvme0n1p2 259:2 0 237.4G 0 part / 00:00.0 Host bridge: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Host Bridge/DRAM Registers (rev 08) 00:02.0 VGA compatible controller: Intel Corporation Skylake GT2 [HD Graphics 520] (rev 07) 00:05.0 Multimedia controller: Intel Corporation Xeon E3-1200 v5/E3-1500 v5/6th Gen Core Processor Imaging Unit (rev 01) 00:08.0 System peripheral: Intel Corporation Xeon E3-1200 v5/v6 / E3-1500 v5 / 6th/7th/8th Gen Core Processor Gaussian Mixture Model 00:14.0 USB controller: Intel Corporation Sunrise Point-LP USB 3.0 xHCI Controller (rev 21) 00:14.2 Signal processing controller: Intel Corporation Sunrise Point-LP Thermal subsystem (rev 21) 00:14.3 Multimedia controller: Intel Corporation CSI-2 Host Controller (rev 01) 00:15.0 Signal processing controller: Intel Corporation Sunrise Point-LP Serial IO I2C Controller #0 (rev 21) 00:15.1 Signal processing controller: Intel Corporation Sunrise Point-LP Serial IO I2C Controller #1 (rev 21) 00:15.2 Signal processing controller: Intel Corporation Sunrise Point-LP Serial IO I2C Controller #2 (rev 21) 00:15.3 Signal processing controller: Intel Corporation Sunrise Point-LP Serial IO I2C Controller #3 (rev 21) 00:16.0 Communication controller: Intel Corporation Sunrise Point-LP CSME HECI #1 (rev 21) 00:16.4 Communication controller: Intel Corporation iTouch Controller (rev 21) 00:1c.0 PCI bridge: Intel Corporation Sunrise Point-LP PCI Express Root Port #5 (rev f1) 00:1d.0 PCI bridge: Intel Corporation Sunrise Point-LP PCI Express Root Port #9 (rev f1) 00:1f.0 ISA bridge: Intel Corporation Sunrise Point-LP LPC Controller (rev 21) 00:1f.2 Memory controller: Intel Corporation Sunrise Point-LP PMC (rev 21) 00:1f.3 Audio device: Intel Corporation Sunrise Point-LP HD Audio (rev 21) 01:00.0 Non-Volatile memory controller: Samsung Electronics Co Ltd NVMe SSD Controller SM951/PM951 (rev 01) 02:00.0 Ethernet controller: Marvell Technology Group Ltd. 88W8897 [AVASTAR] 802.11ac Wireless Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 001 Device 003: ID 1286:204c Marvell Semiconductor, Inc. Bluetooth and Wireless LAN Composite Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub [2025-08-22 22:32:27] [INFO] Running module: collect_network_info ==== NETWORK INFORMATION ==== --- Network Interfaces --- 1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host noprefixroute valid_lft forever preferred_lft forever 2: wlp2s0: mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 98:5f:d3:49:41:0b brd ff:ff:ff:ff:ff:ff inet 192.168.50.254/24 brd 192.168.50.255 scope global noprefixroute wlp2s0 valid_lft forever preferred_lft forever inet6 fd56:f1f9:1afc:8f71:b128:1450:b541:2a71/64 scope global temporary dynamic valid_lft 1128sec preferred_lft 1128sec inet6 fd56:f1f9:1afc:8f71:e7d0:a11f:5d7d:7c1d/64 scope global dynamic mngtmpaddr noprefixroute valid_lft 1128sec preferred_lft 1128sec inet6 fe80::a9aa:dcae:b8cd:4e4d/64 scope link noprefixroute valid_lft forever preferred_lft forever 3: tailscale0: mtu 1280 qdisc fq_codel state UNKNOWN group default qlen 500 link/none inet 100.67.40.97/32 scope global tailscale0 valid_lft forever preferred_lft forever inet6 fd7a:115c:a1e0::e334:2861/128 scope global valid_lft forever preferred_lft forever inet6 fe80::a309:58b0:9086:a560/64 scope link stable-privacy valid_lft forever preferred_lft forever 4: docker0: mtu 1500 qdisc noqueue state DOWN group default link/ether 0e:a7:62:0d:3d:f7 brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever inet6 fe80::ca7:62ff:fe0d:3df7/64 scope link valid_lft forever preferred_lft forever 5: docker_gwbridge: mtu 1500 qdisc noqueue state UP group default link/ether ee:20:bc:38:15:86 brd ff:ff:ff:ff:ff:ff inet 172.19.0.1/16 brd 172.19.255.255 scope global docker_gwbridge valid_lft forever preferred_lft forever inet6 fe80::ec20:bcff:fe38:1586/64 scope link valid_lft forever preferred_lft forever 6: br-97af1691b8d2: mtu 1500 qdisc noqueue state UP group default link/ether ea:16:1d:ea:8a:07 brd ff:ff:ff:ff:ff:ff inet 172.20.0.1/16 brd 172.20.255.255 scope global br-97af1691b8d2 valid_lft forever preferred_lft forever inet6 fe80::e816:1dff:feea:8a07/64 scope link valid_lft forever preferred_lft forever 7: br-af9461d3da79: mtu 1500 qdisc noqueue state DOWN group default link/ether f2:e8:82:0b:67:7d brd ff:ff:ff:ff:ff:ff inet 172.18.0.1/16 brd 172.18.255.255 scope global br-af9461d3da79 valid_lft forever preferred_lft forever 9: veth92c2adf@if2: mtu 1500 qdisc noqueue master br-97af1691b8d2 state UP group default link/ether 2a:6d:d2:b1:b9:f9 brd ff:ff:ff:ff:ff:ff link-netnsid 1 inet6 fe80::286d:d2ff:feb1:b9f9/64 scope link valid_lft forever preferred_lft forever 10: veth9aa1878@if2: mtu 1500 qdisc noqueue master br-97af1691b8d2 state UP group default link/ether 5e:43:8a:40:3c:76 brd ff:ff:ff:ff:ff:ff link-netnsid 2 inet6 fe80::5c43:8aff:fe40:3c76/64 scope link valid_lft forever preferred_lft forever 11: veth31494ca@if2: mtu 1500 qdisc noqueue master br-97af1691b8d2 state UP group default link/ether 9e:8e:89:22:e8:07 brd ff:ff:ff:ff:ff:ff link-netnsid 3 inet6 fe80::9c8e:89ff:fe22:e807/64 scope link valid_lft forever preferred_lft forever 12: vethc1135e0@if2: mtu 1500 qdisc noqueue master br-97af1691b8d2 state UP group default link/ether c6:77:a8:c4:d9:ad brd ff:ff:ff:ff:ff:ff link-netnsid 4 inet6 fe80::c477:a8ff:fec4:d9ad/64 scope link valid_lft forever preferred_lft forever 14: veth2e9ae3f@if2: mtu 1500 qdisc noqueue master br-97af1691b8d2 state UP group default link/ether 26:1c:89:7f:43:1a brd ff:ff:ff:ff:ff:ff link-netnsid 6 inet6 fe80::241c:89ff:fe7f:431a/64 scope link valid_lft forever preferred_lft forever 15: vethd80025c@if2: mtu 1500 qdisc noqueue master br-97af1691b8d2 state UP group default link/ether 76:cf:fc:03:28:aa brd ff:ff:ff:ff:ff:ff link-netnsid 7 inet6 fe80::74cf:fcff:fe03:28aa/64 scope link valid_lft forever preferred_lft forever 17: vethce15d63@if2: mtu 1500 qdisc noqueue master br-97af1691b8d2 state UP group default link/ether c6:0b:e6:f4:47:51 brd ff:ff:ff:ff:ff:ff link-netnsid 9 inet6 fe80::c40b:e6ff:fef4:4751/64 scope link valid_lft forever preferred_lft forever 30: veth459af35@if29: mtu 1500 qdisc noqueue master docker_gwbridge state UP group default link/ether 12:ad:da:c3:29:d5 brd ff:ff:ff:ff:ff:ff link-netnsid 5 inet6 fe80::10ad:daff:fec3:29d5/64 scope link valid_lft forever preferred_lft forever 39: veth92225a4@if2: mtu 1500 qdisc noqueue master br-97af1691b8d2 state UP group default link/ether 72:3c:04:9a:5e:66 brd ff:ff:ff:ff:ff:ff link-netnsid 10 inet6 fe80::703c:4ff:fe9a:5e66/64 scope link valid_lft forever preferred_lft forever 45: vethb901cb3@if2: mtu 1500 qdisc noqueue master br-97af1691b8d2 state UP group default link/ether da:f2:c1:3a:c0:13 brd ff:ff:ff:ff:ff:ff link-netnsid 8 inet6 fe80::d8f2:c1ff:fe3a:c013/64 scope link valid_lft forever preferred_lft forever default via 192.168.50.1 dev wlp2s0 proto static metric 600 172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown 172.18.0.0/16 dev br-af9461d3da79 proto kernel scope link src 172.18.0.1 linkdown 172.19.0.0/16 dev docker_gwbridge proto kernel scope link src 172.19.0.1 172.20.0.0/16 dev br-97af1691b8d2 proto kernel scope link src 172.20.0.1 192.168.50.0/24 dev wlp2s0 proto kernel scope link src 192.168.50.254 metric 600 # This is /run/systemd/resolve/resolv.conf managed by man:systemd-resolved(8). # Do not edit. # # This file might be symlinked as /etc/resolv.conf. If you're looking at # /etc/resolv.conf and seeing this text, you have followed the symlink. # # This is a dynamic resolv.conf file for connecting local clients directly to # all known uplink DNS servers. This file lists all configured search domains. # # Third party programs should typically not access this file directly, but only # through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a # different way, replace this symlink by a static file or a different symlink. # # See man:systemd-resolved.service(8) for details about the supported modes of # operation for /etc/resolv.conf. nameserver 1.1.1.1 nameserver 192.168.50.229 search . Netid State Recv-Q Send-Q Local Address:Port Peer Address:PortProcess udp UNCONN 0 0 127.0.0.1:8125 0.0.0.0:* udp UNCONN 0 0 0.0.0.0:111 0.0.0.0:* udp UNCONN 0 0 0.0.0.0:45735 0.0.0.0:* udp UNCONN 0 0 0.0.0.0:4789 0.0.0.0:* udp UNCONN 0 0 127.0.0.1:932 0.0.0.0:* udp UNCONN 0 0 0.0.0.0:5353 0.0.0.0:* udp UNCONN 0 0 0.0.0.0:51071 0.0.0.0:* udp UNCONN 0 0 0.0.0.0:55205 0.0.0.0:* udp UNCONN 0 0 0.0.0.0:34990 0.0.0.0:* udp UNCONN 0 0 [::]:60407 [::]:* udp UNCONN 0 0 [::]:48612 [::]:* udp UNCONN 0 0 *:7946 *:* udp UNCONN 0 0 [::]:36975 [::]:* udp UNCONN 0 0 [::]:111 [::]:* udp UNCONN 0 0 [::]:33184 [::]:* udp UNCONN 0 0 *:443 *:* udp UNCONN 0 0 [::]:5353 [::]:* tcp LISTEN 0 4096 127.0.0.1:19999 0.0.0.0:* tcp LISTEN 0 4096 100.67.40.97:38383 0.0.0.0:* tcp LISTEN 0 4096 127.0.0.1:8125 0.0.0.0:* tcp LISTEN 0 4096 127.0.0.1:11434 0.0.0.0:* tcp LISTEN 0 80 127.0.0.1:3306 0.0.0.0:* tcp LISTEN 0 4096 0.0.0.0:8443 0.0.0.0:* tcp LISTEN 0 4096 0.0.0.0:111 0.0.0.0:* tcp LISTEN 0 4096 0.0.0.0:22 0.0.0.0:* tcp LISTEN 0 4096 0.0.0.0:55873 0.0.0.0:* tcp LISTEN 0 4096 127.0.0.1:2019 0.0.0.0:* tcp LISTEN 0 64 0.0.0.0:35213 0.0.0.0:* tcp LISTEN 0 4096 127.0.0.1:631 0.0.0.0:* tcp LISTEN 0 5 0.0.0.0:8090 0.0.0.0:* tcp LISTEN 0 4096 0.0.0.0:8080 0.0.0.0:* tcp LISTEN 0 64 [::]:45885 [::]:* tcp LISTEN 0 4096 [::1]:631 [::]:* tcp LISTEN 0 511 *:8888 *:* tcp LISTEN 0 4096 *:443 *:* tcp LISTEN 0 4096 [::]:8443 [::]:* tcp LISTEN 0 4096 [::]:111 [::]:* tcp LISTEN 0 4096 *:80 *:* tcp LISTEN 0 4096 [::]:22 [::]:* tcp LISTEN 0 4096 [fd7a:115c:a1e0::e334:2861]:60218 [::]:* tcp LISTEN 0 4096 [::]:8080 [::]:* tcp LISTEN 0 4096 [::]:49045 [::]:* tcp LISTEN 0 4096 *:7946 *:* Netid State Recv-Q Send-Q Local Address:Port Peer Address:PortProcess udp UNCONN 0 0 127.0.0.1:8125 0.0.0.0:* users:(("netdata",pid=1997,fd=31)) udp UNCONN 0 0 0.0.0.0:111 0.0.0.0:* users:(("rpcbind",pid=779,fd=5),("systemd",pid=1,fd=286)) udp UNCONN 0 0 0.0.0.0:45735 0.0.0.0:* udp UNCONN 0 0 0.0.0.0:4789 0.0.0.0:* udp UNCONN 0 0 127.0.0.1:932 0.0.0.0:* users:(("rpc.statd",pid=2452,fd=5)) udp UNCONN 0 0 0.0.0.0:5353 0.0.0.0:* users:(("avahi-daemon",pid=1077,fd=12)) udp UNCONN 0 0 0.0.0.0:51071 0.0.0.0:* users:(("rpc.statd",pid=2452,fd=8)) udp UNCONN 0 0 0.0.0.0:55205 0.0.0.0:* users:(("tailscaled",pid=1510,fd=16)) udp UNCONN 0 0 0.0.0.0:34990 0.0.0.0:* users:(("avahi-daemon",pid=1077,fd=14)) udp UNCONN 0 0 [::]:60407 [::]:* users:(("avahi-daemon",pid=1077,fd=15)) udp UNCONN 0 0 [::]:48612 [::]:* udp UNCONN 0 0 *:7946 *:* users:(("dockerd",pid=1862,fd=39)) udp UNCONN 0 0 [::]:36975 [::]:* users:(("rpc.statd",pid=2452,fd=10)) udp UNCONN 0 0 [::]:111 [::]:* users:(("rpcbind",pid=779,fd=7),("systemd",pid=1,fd=288)) udp UNCONN 0 0 [::]:33184 [::]:* users:(("tailscaled",pid=1510,fd=17)) udp UNCONN 0 0 *:443 *:* users:(("caddy",pid=1994,fd=7)) udp UNCONN 0 0 [::]:5353 [::]:* users:(("avahi-daemon",pid=1077,fd=13)) tcp LISTEN 0 4096 127.0.0.1:19999 0.0.0.0:* users:(("netdata",pid=1997,fd=6)) tcp LISTEN 0 4096 100.67.40.97:38383 0.0.0.0:* users:(("tailscaled",pid=1510,fd=21)) tcp LISTEN 0 4096 127.0.0.1:8125 0.0.0.0:* users:(("netdata",pid=1997,fd=32)) tcp LISTEN 0 4096 127.0.0.1:11434 0.0.0.0:* users:(("ollama",pid=177654,fd=3)) tcp LISTEN 0 80 127.0.0.1:3306 0.0.0.0:* users:(("mariadbd",pid=1649,fd=24)) tcp LISTEN 0 4096 0.0.0.0:8443 0.0.0.0:* users:(("docker-proxy",pid=4359,fd=7)) tcp LISTEN 0 4096 0.0.0.0:111 0.0.0.0:* users:(("rpcbind",pid=779,fd=4),("systemd",pid=1,fd=285)) tcp LISTEN 0 4096 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=1568,fd=3),("systemd",pid=1,fd=320)) tcp LISTEN 0 4096 0.0.0.0:55873 0.0.0.0:* users:(("rpc.statd",pid=2452,fd=9)) tcp LISTEN 0 4096 127.0.0.1:2019 0.0.0.0:* users:(("caddy",pid=1994,fd=3)) tcp LISTEN 0 64 0.0.0.0:35213 0.0.0.0:* tcp LISTEN 0 4096 127.0.0.1:631 0.0.0.0:* users:(("cupsd",pid=1496,fd=7)) tcp LISTEN 0 5 0.0.0.0:8090 0.0.0.0:* users:(("python3",pid=1498,fd=3)) tcp LISTEN 0 4096 0.0.0.0:8080 0.0.0.0:* users:(("docker-proxy",pid=4333,fd=7)) tcp LISTEN 0 64 [::]:45885 [::]:* tcp LISTEN 0 4096 [::1]:631 [::]:* users:(("cupsd",pid=1496,fd=6)) tcp LISTEN 0 511 *:8888 *:* users:(("apache2",pid=2644,fd=4),("apache2",pid=2643,fd=4),("apache2",pid=2641,fd=4)) tcp LISTEN 0 4096 *:443 *:* users:(("caddy",pid=1994,fd=6)) tcp LISTEN 0 4096 [::]:8443 [::]:* users:(("docker-proxy",pid=4367,fd=7)) tcp LISTEN 0 4096 [::]:111 [::]:* users:(("rpcbind",pid=779,fd=6),("systemd",pid=1,fd=287)) tcp LISTEN 0 4096 *:80 *:* users:(("caddy",pid=1994,fd=8)) tcp LISTEN 0 4096 [::]:22 [::]:* users:(("sshd",pid=1568,fd=4),("systemd",pid=1,fd=321)) tcp LISTEN 0 4096 [fd7a:115c:a1e0::e334:2861]:60218 [::]:* users:(("tailscaled",pid=1510,fd=22)) tcp LISTEN 0 4096 [::]:8080 [::]:* users:(("docker-proxy",pid=4341,fd=7)) tcp LISTEN 0 4096 [::]:49045 [::]:* users:(("rpc.statd",pid=2452,fd=11)) tcp LISTEN 0 4096 *:7946 *:* users:(("dockerd",pid=1862,fd=38)) Inter-| Receive | Transmit face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed lo: 27702262 69274 0 0 0 0 0 0 27702262 69274 0 0 0 0 0 0 wlp2s0: 5802465077 4143101 0 102116 0 0 0 0 226239024 1599431 0 0 0 0 0 0 tailscale0: 2368011 22259 0 0 0 0 0 0 59618217 35632 0 0 0 0 0 0 docker0: 84 3 0 0 0 0 0 0 456 4 0 77 0 0 0 0 docker_gwbridge: 84 3 0 0 0 0 0 0 9138 69 0 20 0 0 0 0 br-97af1691b8d2: 17765972 4327 0 0 0 0 0 0 902582 3889 0 15 0 0 0 0 br-af9461d3da79: 0 0 0 0 0 0 0 0 0 0 0 43 0 0 0 0 veth92c2adf: 62785 173 0 0 0 0 0 0 115304 649 0 0 0 0 0 0 veth9aa1878: 16996077 976 0 0 0 0 0 0 255277 1395 0 0 0 0 0 0 veth31494ca: 18659042 6927 0 0 0 0 0 0 18580829 7115 0 0 0 0 0 0 vethc1135e0: 1031501 7408 0 0 0 0 0 0 1329428 10112 0 0 0 0 0 0 veth2e9ae3f: 309507 1908 0 0 0 0 0 0 366195 3010 0 0 0 0 0 0 vethd80025c: 1668267 9514 0 0 0 0 0 0 1790146 9295 0 0 0 0 0 0 vethce15d63: 633887 4064 0 0 0 0 0 0 180079 2528 0 0 0 0 0 0 veth459af35: 126 3 0 0 0 0 0 0 15341 121 0 0 0 0 0 0 veth92225a4: 70483 471 0 0 0 0 0 0 133332 853 0 0 0 0 0 0 vethb901cb3: 11427 222 0 0 0 0 0 0 36096 619 0 0 0 0 0 0 Interface: wlp2s0 Interface: tailscale0 Speed: Unknown! Duplex: Full Link detected: yes Interface: docker0 Speed: Unknown! Duplex: Unknown! (255) Link detected: no Interface: docker_gwbridge Speed: 10000Mb/s Duplex: Unknown! (255) Link detected: yes Interface: br-97af1691b8d2 Speed: 10000Mb/s Duplex: Unknown! (255) Link detected: yes Interface: br-af9461d3da79 Speed: Unknown! Duplex: Unknown! (255) Link detected: no Interface: veth92c2adf@if2 Interface: veth9aa1878@if2 Interface: veth31494ca@if2 Interface: vethc1135e0@if2 Interface: veth2e9ae3f@if2 Interface: vethd80025c@if2 Interface: vethce15d63@if2 Interface: veth459af35@if29 Interface: veth92225a4@if2 Interface: vethb901cb3@if2 vnstat not installed --- Firewall Status --- Status: inactive Chain INPUT (policy ACCEPT) target prot opt source destination ts-input 0 -- 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy DROP) target prot opt source destination DOCKER-USER 0 -- 0.0.0.0/0 0.0.0.0/0 DOCKER-FORWARD 0 -- 0.0.0.0/0 0.0.0.0/0 ts-forward 0 -- 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain DOCKER (4 references) target prot opt source destination ACCEPT 6 -- 0.0.0.0/0 172.20.0.5 tcp dpt:443 ACCEPT 6 -- 0.0.0.0/0 172.20.0.5 tcp dpt:80 DROP 0 -- 0.0.0.0/0 0.0.0.0/0 DROP 0 -- 0.0.0.0/0 0.0.0.0/0 DROP 0 -- 0.0.0.0/0 0.0.0.0/0 DROP 0 -- 0.0.0.0/0 0.0.0.0/0 Chain DOCKER-BRIDGE (1 references) target prot opt source destination DOCKER 0 -- 0.0.0.0/0 0.0.0.0/0 DOCKER 0 -- 0.0.0.0/0 0.0.0.0/0 DOCKER 0 -- 0.0.0.0/0 0.0.0.0/0 DOCKER 0 -- 0.0.0.0/0 0.0.0.0/0 Chain DOCKER-CT (1 references) target prot opt source destination ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED Chain DOCKER-FORWARD (1 references) target prot opt source destination DOCKER-CT 0 -- 0.0.0.0/0 0.0.0.0/0 DOCKER-ISOLATION-STAGE-1 0 -- 0.0.0.0/0 0.0.0.0/0 DOCKER-BRIDGE 0 -- 0.0.0.0/0 0.0.0.0/0 DROP 0 -- 0.0.0.0/0 0.0.0.0/0 ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0 ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0 ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0 ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0 Chain DOCKER-ISOLATION-STAGE-1 (1 references) target prot opt source destination DOCKER-ISOLATION-STAGE-2 0 -- 0.0.0.0/0 0.0.0.0/0 DOCKER-ISOLATION-STAGE-2 0 -- 0.0.0.0/0 0.0.0.0/0 DOCKER-ISOLATION-STAGE-2 0 -- 0.0.0.0/0 0.0.0.0/0 DOCKER-ISOLATION-STAGE-2 0 -- 0.0.0.0/0 0.0.0.0/0 Chain DOCKER-ISOLATION-STAGE-2 (4 references) target prot opt source destination DROP 0 -- 0.0.0.0/0 0.0.0.0/0 DROP 0 -- 0.0.0.0/0 0.0.0.0/0 DROP 0 -- 0.0.0.0/0 0.0.0.0/0 DROP 0 -- 0.0.0.0/0 0.0.0.0/0 Chain DOCKER-USER (1 references) target prot opt source destination RETURN 0 -- 0.0.0.0/0 0.0.0.0/0 Chain ts-forward (1 references) target prot opt source destination MARK 0 -- 0.0.0.0/0 0.0.0.0/0 MARK xset 0x40000/0xff0000 ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0 mark match 0x40000/0xff0000 DROP 0 -- 100.64.0.0/10 0.0.0.0/0 ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0 Chain ts-input (1 references) target prot opt source destination ACCEPT 0 -- 100.67.40.97 0.0.0.0/0 RETURN 0 -- 100.115.92.0/23 0.0.0.0/0 DROP 0 -- 100.64.0.0/10 0.0.0.0/0 ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0 ACCEPT 17 -- 0.0.0.0/0 0.0.0.0/0 udp dpt:55205 [2025-08-22 22:32:28] [INFO] Running module: collect_container_info ==== CONTAINER INFORMATION ==== --- Docker Information --- Docker version 28.1.1+1, build 068a01e Client: Version: 28.1.1+1 Context: default Debug Mode: false Plugins: buildx: Docker Buildx (Docker Inc.) Version: v0.20.1 Path: /usr/libexec/docker/cli-plugins/docker-buildx compose: Docker Compose (Docker Inc.) Version: v2.33.1 Path: /usr/libexec/docker/cli-plugins/docker-compose Server: Containers: 13 Running: 9 Paused: 0 Stopped: 4 Images: 22 Server Version: 28.1.1+1 Storage Driver: overlay2 Backing Filesystem: extfs Supports d_type: true Using metacopy: false Native Overlay Diff: true userxattr: false Logging Driver: json-file Cgroup Driver: systemd Cgroup Version: 2 Plugins: Volume: local Network: bridge host ipvlan macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog Swarm: active NodeID: hr0xh5hl9xelg301p11zw5pxl Is Manager: false Node Address: 192.168.50.254 Manager Addresses: 192.168.50.181:2377 Runtimes: runc io.containerd.runc.v2 Default Runtime: runc Init Binary: docker-init containerd version: 05044ec0a9a75232cad458027ca83437aae3f4da runc version: init version: de40ad0 Security Options: apparmor seccomp Profile: builtin cgroupns Kernel Version: 6.15.1-surface-2 Operating System: Ubuntu Core 22 OSType: linux Architecture: x86_64 CPUs: 4 Total Memory: 7.687GiB Name: surface ID: be8537de-84d5-46aa-b6ac-12cdd2f3edd5 Docker Root Dir: /var/snap/docker/common/var-lib-docker Debug Mode: false Experimental: false Insecure Registries: ::1/128 127.0.0.0/8 Live Restore Enabled: false CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 4b56e0175e91 appflowyinc/appflowy_ai:latest "appflowy-ai" About an hour ago Exited (101) About an hour ago appflowy-cloud-ai-1 583f3ad123c4 appflowyinc/appflowy_cloud:latest "appflowy_cloud" 2 days ago Up 5 hours 8000/tcp appflowy-cloud-appflowy_cloud-1 a88fe8e82d82 appflowyinc/appflowy_web:latest "/docker-entrypoint.…" 3 days ago Up 5 hours 80/tcp appflowy-cloud-appflowy_web-1 f53ebe855678 appflowyinc/gotrue:latest "./start.sh" 3 days ago Up 5 hours (healthy) appflowy-cloud-gotrue-1 eaf6e00f87eb pgvector/pgvector:pg16 "docker-entrypoint.s…" 3 days ago Up 5 hours (healthy) 5432/tcp appflowy-cloud-postgres-1 945e7a7870e6 redis "docker-entrypoint.s…" 3 days ago Up 5 hours 6379/tcp appflowy-cloud-redis-1 fbb230028036 appflowyinc/admin_frontend:latest "admin_frontend" 4 days ago Up 5 hours 3000/tcp appflowy-cloud-admin_frontend-1 9b8bd25bf6ab appflowyinc/appflowy_worker:latest "appflowy_worker" 4 days ago Up 5 hours appflowy-cloud-appflowy_worker-1 a510d304028a nginx "/docker-entrypoint.…" 4 days ago Up 5 hours 0.0.0.0:8080->80/tcp, [::]:8080->80/tcp, 0.0.0.0:8443->443/tcp, [::]:8443->443/tcp appflowy-cloud-nginx-1 94e3faba6f61 minio/minio "/usr/bin/docker-ent…" 4 days ago Up 5 hours 9000/tcp appflowy-cloud-minio-1 959b459e66e0 adminer "entrypoint.sh docke…" 5 weeks ago Exited (255) 3 weeks ago 0.0.0.0:8080->8080/tcp, [::]:8080->8080/tcp instrumentation-adminer-1 c6f5bba04d35 postgres "docker-entrypoint.s…" 5 weeks ago Exited (255) 3 weeks ago 0.0.0.0:5432->5432/tcp, [::]:5432->5432/tcp instrumentation-postgres-1 204a98f3b637 jaegertracing/all-in-one:latest "/go/bin/all-in-one-…" 5 weeks ago Exited (255) 3 weeks ago 0.0.0.0:4317-4318->4317-4318/tcp, [::]:4317-4318->4317-4318/tcp, 14250/tcp, 0.0.0.0:9411->9411/tcp, [::]:9411->9411/tcp, 0.0.0.0:16686->16686/tcp, [::]:16686->16686/tcp, 14268/tcp instrumentation-jaeger-1 REPOSITORY TAG IMAGE ID CREATED SIZE appflowyinc/appflowy_ai latest f03d85aea37f 3 days ago 128MB redis latest 9d1fe3a9a889 4 days ago 137MB appflowyinc/appflowy_ai eab2774b0e39 4 days ago 128MB appflowyinc/appflowy_web latest bde5c053a8e0 4 days ago 75.9MB appflowyinc/appflowy_cloud latest 1cb46cf2e7e9 6 days ago 143MB pgvector/pgvector pg16 56a5b20c7a15 7 days ago 439MB appflowyinc/appflowy_worker latest 5b04758e9a71 7 days ago 116MB appflowyinc/gotrue latest bf732ca3af01 7 days ago 50.8MB nginx latest ad5708199ec7 9 days ago 192MB redis 06c3286e0b9e 2 weeks ago 157MB pgvector/pgvector ab54bc5c61c6 3 weeks ago 439MB minio/minio latest a98a9d647e70 4 weeks ago 175MB jaegertracing/all-in-one latest c8ed6966abb7 7 weeks ago 86MB appflowyinc/appflowy_web a23c5c8f408b 7 weeks ago 75.6MB appflowyinc/appflowy_cloud b067c682e0e7 7 weeks ago 140MB appflowyinc/appflowy_worker b3efdf7ef30d 7 weeks ago 114MB appflowyinc/admin_frontend latest 126b0d036d5a 7 weeks ago 145MB appflowyinc/gotrue d9b2ca52342d 7 weeks ago 51.5MB portainer/agent latest 9f786420f676 7 weeks ago 171MB postgres latest 445ed93b882f 2 months ago 438MB adminer latest 309d89eeddd1 3 months ago 128MB appflowyinc/appflowy_ai f8d9cd1f7c5d 9 months ago 1.03GB NETWORK ID NAME DRIVER SCOPE 97af1691b8d2 appflowy-cloud_default bridge local 42415ae7af37 bridge bridge local 8b59499211e2 docker_gwbridge bridge local b54d5261d947 host host local pqwsqhytoycf ingress overlay swarm af9461d3da79 instrumentation_default bridge local 1dc0ce5832f6 none null local DRIVER VOLUME NAME local 58de1013fc2b26b8c232b476003a644536f046689934d050751e84143bc1dcac local 69e0a0fa40952877d5a108115edcd031cd4078e859b8eee84caa644903cc3f11 local 386d5700c967e2a015d9d864cc31814f547fdc45fd005d8809727ecee46f7446 local 3460b7856fefe1eee0f7c6cba62e98a06ec58bb8fb10c689502d32177ca40185 local appflowy-cloud_minio_data local appflowy-cloud_postgres_data local be6e00f4baf3495bfacfe8ac833ec50f4b26b5dbcaddb25a6be3234bf4ee5e6b local instrumentation_pgdata /home/jon/go/pkg/mod/github.com/smallstep/certificates@v0.26.1/examples/docker/docker-compose.yml /home/jon/go/pkg/mod/github.com/google/certificate-transparency-go@v1.1.8-0.20240110162603-74a5dd331745/internal/witness/omniwitness/docker-compose.yaml /home/jon/go/pkg/mod/github.com/google/certificate-transparency-go@v1.1.8-0.20240110162603-74a5dd331745/trillian/examples/deployment/docker/ctfe/docker-compose.yaml /home/jon/go/pkg/mod/github.com/quic-go/quic-go@v0.50.1/metrics/dashboards/docker-compose.yml /home/jon/node_modules/langsmith/dist/cli/docker-compose.yaml /home/jon/AppFlowy-Cloud/docker-compose.yml CONTAINER CPU % MEM USAGE / LIMIT NET I/O 583f3ad123c4 0.17% 38MiB / 7.687GiB 1.79MB / 1.67MB a88fe8e82d82 0.00% 3.617MiB / 7.687GiB 255kB / 17MB f53ebe855678 0.00% 8.723MiB / 7.687GiB 133kB / 70.5kB eaf6e00f87eb 0.00% 29.55MiB / 7.687GiB 366kB / 310kB 945e7a7870e6 1.19% 7.051MiB / 7.687GiB 1.33MB / 1.03MB fbb230028036 0.00% 668KiB / 7.687GiB 36.1kB / 11.4kB 9b8bd25bf6ab 0.00% 2.441MiB / 7.687GiB 180kB / 634kB a510d304028a 0.00% 3.27MiB / 7.687GiB 18.6MB / 18.7MB 94e3faba6f61 0.19% 222MiB / 7.687GiB 115kB / 62.8kB Docker Socket Permissions: srw-rw---- 1 root docker 0 Aug 22 17:11 /var/run/docker.sock [2025-08-22 22:32:41] [INFO] Running module: collect_software_info ==== SOFTWARE INFORMATION ==== --- Installed Packages --- Installed Debian/Ubuntu packages: Package list saved to packages_dpkg.txt (2167 packages) Available Security Updates: --- Running Services --- UNIT LOAD ACTIVE SUB DESCRIPTION accounts-daemon.service loaded active running Accounts Service apache2.service loaded active running The Apache HTTP Server avahi-daemon.service loaded active running Avahi mDNS/DNS-SD Stack bluetooth.service loaded active running Bluetooth service caddy.service loaded active running Caddy colord.service loaded active running Manage, Install and Generate Color Profiles cron.service loaded active running Regular background program processing daemon cups-browsed.service loaded active running Make remote CUPS printers available locally cups.service loaded active running CUPS Scheduler dbus.service loaded active running D-Bus System Message Bus fail2ban.service loaded active running Fail2Ban Service fwupd.service loaded active running Firmware update daemon gdm.service loaded active running GNOME Display Manager gnome-remote-desktop.service loaded active running GNOME Remote Desktop homepage.service loaded active running Self-Hosted Services Homepage iio-sensor-proxy.service loaded active running IIO Sensor Proxy service iptsd@dev-hidraw2.service loaded active running Intel Precise Touch & Stylus Daemon kerneloops.service loaded active running Tool to automatically collect and submit kernel crash signatures mariadb.service loaded active running MariaDB 10.11.13 database server ModemManager.service loaded active running Modem Manager netdata.service loaded active running netdata - Real-time performance monitoring NetworkManager.service loaded active running Network Manager php8.2-fpm.service loaded active running The PHP 8.2 FastCGI Process Manager polkit.service loaded active running Authorization Manager rpc-statd.service loaded active running NFS status monitor for NFSv2/3 locking. rpcbind.service loaded active running RPC bind portmap service rsyslog.service loaded active running System Logging Service rtkit-daemon.service loaded active running RealtimeKit Scheduling Policy Service snap.canonical-livepatch.canonical-livepatchd.service loaded active running Service for snap application canonical-livepatch.canonical-livepatchd snap.docker.dockerd.service loaded active running Service for snap application docker.dockerd snap.tailscale.tailscaled.service loaded active running Service for snap application tailscale.tailscaled snapd.service loaded active running Snap Daemon ssh.service loaded active running OpenBSD Secure Shell server switcheroo-control.service loaded active running Switcheroo Control Proxy service systemd-journald.service loaded active running Journal Service systemd-logind.service loaded active running User Login Management systemd-oomd.service loaded active running Userspace Out-Of-Memory (OOM) Killer systemd-resolved.service loaded active running Network Name Resolution systemd-timesyncd.service loaded active running Network Time Synchronization systemd-udevd.service loaded active running Rule-based Manager for Device Events and Files thermald.service loaded active running Thermal Daemon Service udisks2.service loaded active running Disk Manager unattended-upgrades.service loaded active running Unattended Upgrades Shutdown upower.service loaded active running Daemon for power management user@1000.service loaded active running User Manager for UID 1000 wpa_supplicant.service loaded active running WPA supplicant Legend: LOAD → Reflects whether the unit definition was properly loaded. ACTIVE → The high-level unit activation state, i.e. generalization of SUB. SUB → The low-level unit activation state, values depend on unit type. 46 loaded units listed. UNIT FILE STATE PRESET accounts-daemon.service enabled enabled anacron.service enabled enabled apache2.service enabled enabled apparmor.service enabled enabled apport.service enabled enabled avahi-daemon.service enabled enabled bluetooth.service enabled enabled caddy.service enabled enabled console-setup.service enabled enabled cron.service enabled enabled cups-browsed.service enabled enabled cups.service enabled enabled dmesg.service enabled enabled e2scrub_reap.service enabled enabled fail2ban.service enabled enabled getty@.service enabled enabled gnome-remote-desktop.service enabled enabled gpu-manager.service enabled enabled grub-common.service enabled enabled grub-initrd-fallback.service enabled enabled homepage.service enabled enabled kerneloops.service enabled enabled keyboard-setup.service enabled enabled mariadb.service enabled enabled ModemManager.service enabled enabled netdata.service enabled enabled networkd-dispatcher.service enabled enabled NetworkManager-dispatcher.service enabled enabled NetworkManager-wait-online.service enabled enabled NetworkManager.service enabled enabled openvpn.service enabled enabled php8.2-fpm.service enabled enabled rpcbind.service enabled enabled rsyslog.service enabled enabled secureboot-db.service enabled enabled setvtrgb.service enabled enabled snap.canonical-livepatch.canonical-livepatchd.service enabled enabled snap.docker.dockerd.service enabled enabled snap.docker.nvidia-container-toolkit.service enabled enabled snap.tailscale.tailscaled.service enabled enabled snapd.apparmor.service enabled enabled snapd.autoimport.service enabled enabled snapd.core-fixup.service enabled enabled snapd.recovery-chooser-trigger.service enabled enabled snapd.seeded.service enabled enabled snapd.service enabled enabled snapd.system-shutdown.service enabled enabled ssh.service enabled enabled ssl-cert.service enabled enabled switcheroo-control.service enabled enabled sysstat.service enabled enabled systemd-oomd.service enabled enabled systemd-pstore.service enabled enabled systemd-resolved.service enabled enabled systemd-timesyncd.service enabled enabled thermald.service enabled enabled tlp.service enabled enabled ua-reboot-cmds.service enabled enabled ubuntu-advantage.service enabled enabled udisks2.service enabled enabled ufw.service enabled enabled unattended-upgrades.service enabled enabled wpa_supplicant.service enabled enabled 63 unit files listed. --- Running Processes --- USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND jon 162368 7.5 1.6 32538780 134432 pts/0 Sl+ 21:13 5:57 claude jon 177654 5.2 0.3 2740532 28584 ? Sl 21:27 3:26 ollama serve netdata 2298 3.9 0.0 140012 6940 ? SNl 17:11 12:42 /usr/lib/netdata/plugins.d/apps.plugin 1 netdata 1997 2.8 0.2 513376 24024 ? SNsl 17:11 9:04 /usr/sbin/netdata -D root 174415 1.7 0.0 0 0 ? I< 21:24 1:09 [kworker/u17:3-MWIFIEX_WORK_QUEUE] root 1862 1.5 0.7 3400020 56576 ? Ssl 17:11 5:05 dockerd --group docker --exec-root=/run/snap.docker --data-root=/var/snap/docker/common/var-lib-docker --pidfile=/run/snap.docker/docker.pid --config-file=/var/snap/docker/3265/config/daemon.json root 57 1.3 0.0 0 0 ? S 17:11 4:23 [irq/9-acpi] root 215411 1.3 0.3 41444 26776 ? S 22:32 0:00 /usr/bin/python3 /home/jon/.ansible/tmp/ansible-tmp-1755916346.83252-1099234-6500454931048/AnsiballZ_command.py message+ 1078 1.0 0.0 12352 5600 ? Ss 17:11 3:23 @dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only root 185752 0.9 0.0 0 0 ? I< 21:40 0:30 [kworker/u17:1-MWIFIEX_RX_WORK_QUEUE] root 1510 0.9 0.4 2134256 34212 ? Ssl 17:11 2:59 /snap/tailscale/108/bin/tailscaled --socket /var/snap/tailscale/common/socket/tailscaled.sock --statedir /var/snap/tailscale/common --verbose 10 dnsmasq 4100 0.8 0.0 156824 6816 ? Ssl 17:11 2:42 redis-server *:6379 root 1119 0.7 0.0 18224 7664 ? Ss 17:11 2:32 /usr/lib/systemd/systemd-logind avahi 1077 0.7 0.0 9128 4148 ? Ss 17:11 2:15 avahi-daemon: running [surface.local] netdata 2293 0.6 0.8 412796 65152 ? SNl 17:11 2:08 /usr/bin/python3 /usr/lib/netdata/plugins.d/python.d.plugin 1 netdata 2302 0.6 0.0 17508 6120 ? SN 17:11 2:01 /usr/lib/netdata/plugins.d/cups.plugin 1 jon 214825 0.6 0.1 16156 8356 ? S 22:32 0:00 sshd: jon@notty root 181 0.5 0.0 0 0 ? D 17:11 1:47 [irq/86-MSHW0030:00] root 2550 0.5 0.3 2467888 26092 ? Ssl 17:11 1:43 containerd --config /run/snap.docker/containerd/containerd.toml systemd-+-ModemManager---3*[{ModemManager}] |-NetworkManager---3*[{NetworkManager}] |-accounts-daemon---3*[{accounts-daemon}] |-apache2---2*[apache2---26*[{apache2}]] |-avahi-daemon---avahi-daemon |-bluetoothd |-caddy---17*[{caddy}] |-canonical-livep---9*[{canonical-livep}] |-colord---3*[{colord}] |-containerd-shim-+-appflowy_cloud---73*[{appflowy_cloud}] | `-11*[{containerd-shim}] |-containerd-shim-+-postgres---8*[postgres] | `-12*[{containerd-shim}] |-containerd-shim-+-nginx---4*[nginx] | `-11*[{containerd-shim}] |-containerd-shim-+-minio---10*[{minio}] | `-11*[{containerd-shim}] |-containerd-shim-+-appflowy_worker---4*[{appflowy_worker}] | `-11*[{containerd-shim}] |-containerd-shim-+-redis-server---5*[{redis-server}] | `-11*[{containerd-shim}] |-containerd-shim-+-nginx---nginx | `-11*[{containerd-shim}] |-containerd-shim-+-sh---auth---9*[{auth}] | `-11*[{containerd-shim}] |-containerd-shim-+-admin_frontend---4*[{admin_frontend}] | `-12*[{containerd-shim}] |-cron |-cups-browsed---3*[{cups-browsed}] |-cupsd---dbus |-dbus-daemon |-dockerd-+-containerd---16*[{containerd}] | |-docker-proxy---10*[{docker-proxy}] | |-2*[docker-proxy---7*[{docker-proxy}]] | |-docker-proxy---5*[{docker-proxy}] | `-19*[{dockerd}] |-fail2ban-server---4*[{fail2ban-server}] |-fwupd---5*[{fwupd}] |-gdm3-+-gdm-session-wor-+-gdm-wayland-ses-+-gnome-session-b---3*[{gnome-session-b}] | | | `-3*[{gdm-wayland-ses}] | | `-3*[{gdm-session-wor}] | `-3*[{gdm3}] |-gnome-remote-de---3*[{gnome-remote-de}] |-iio-sensor-prox---3*[{iio-sensor-prox}] |-iptsd |-2*[kerneloops] |-mariadbd---8*[{mariadbd}] |-netdata-+-apps.plugin---2*[{apps.plugin}] | |-bash | |-cups.plugin | |-netdata---2*[{netdata}] | |-nfacct.plugin | |-python.d.plugin---6*[{python.d.plugin}] | `-58*[{netdata}] |-ollama---20*[{ollama}] |-php-fpm8.2---2*[php-fpm8.2] |-polkitd---3*[{polkitd}] |-python3---python3---python3---bash-+-pstree | `-tee |-python3 |-rpc.statd |-rpcbind |-rsyslogd---3*[{rsyslogd}] |-rtkit-daemon---2*[{rtkit-daemon}] |-snapd---10*[{snapd}] |-sshd-+-sshd---sshd---bash---claude---14*[{claude}] | `-sshd---sshd |-switcheroo-cont---3*[{switcheroo-cont}] |-systemd-+-(sd-pam) | |-at-spi2-registr---3*[{at-spi2-registr}] | |-dbus-daemon | |-dconf-service---3*[{dconf-service}] | |-evolution-addre---6*[{evolution-addre}] | |-evolution-calen---9*[{evolution-calen}] | |-evolution-sourc---4*[{evolution-sourc}] | |-gcr-ssh-agent---2*[{gcr-ssh-agent}] | |-2*[gjs---7*[{gjs}]] | |-gnome-keyring-d---4*[{gnome-keyring-d}] | |-gnome-session-b-+-at-spi-bus-laun-+-dbus-daemon | | | `-4*[{at-spi-bus-laun}] | | |-evolution-alarm---7*[{evolution-alarm}] | | |-gsd-disk-utilit---3*[{gsd-disk-utilit}] | | |-update-notifier---4*[{update-notifier}] | | `-4*[{gnome-session-b}] | |-gnome-session-c---{gnome-session-c} | |-gnome-shell---18*[{gnome-shell}] | |-gnome-shell-cal---6*[{gnome-shell-cal}] | |-goa-daemon---4*[{goa-daemon}] | |-goa-identity-se---3*[{goa-identity-se}] | |-gsd-a11y-settin---4*[{gsd-a11y-settin}] | |-gsd-color---4*[{gsd-color}] | |-gsd-datetime---4*[{gsd-datetime}] | |-gsd-housekeepin---4*[{gsd-housekeepin}] | |-gsd-keyboard---4*[{gsd-keyboard}] | |-gsd-media-keys---4*[{gsd-media-keys}] | |-gsd-power---5*[{gsd-power}] | |-gsd-print-notif---3*[{gsd-print-notif}] | |-gsd-printer---3*[{gsd-printer}] | |-gsd-rfkill---3*[{gsd-rfkill}] | |-gsd-screensaver---3*[{gsd-screensaver}] | |-gsd-sharing---4*[{gsd-sharing}] | |-gsd-smartcard---4*[{gsd-smartcard}] | |-gsd-sound---4*[{gsd-sound}] | |-gsd-wacom---4*[{gsd-wacom}] | |-gvfs-afc-volume---4*[{gvfs-afc-volume}] | |-gvfs-goa-volume---3*[{gvfs-goa-volume}] | |-gvfs-gphoto2-vo---3*[{gvfs-gphoto2-vo}] | |-gvfs-mtp-volume---3*[{gvfs-mtp-volume}] | |-gvfs-udisks2-vo---4*[{gvfs-udisks2-vo}] | |-gvfsd-+-gvfsd-trash---4*[{gvfsd-trash}] | | `-3*[{gvfsd}] | |-gvfsd-fuse---7*[{gvfsd-fuse}] | |-gvfsd-metadata---3*[{gvfsd-metadata}] | |-ibus-daemon-+-ibus-dconf---4*[{ibus-dconf}] | | |-ibus-engine-sim---3*[{ibus-engine-sim}] | | |-ibus-extension----4*[{ibus-extension-}] | | `-3*[{ibus-daemon}] | |-ibus-portal---3*[{ibus-portal}] | |-2*[pipewire---2*[{pipewire}]] | |-pipewire-pulse---2*[{pipewire-pulse}] | |-snapd-desktop-i---snapd-desktop-i---4*[{snapd-desktop-i}] | |-tracker-miner-f---7*[{tracker-miner-f}] | |-update-notifier---apport-gtk---5*[{apport-gtk}] | |-wireplumber---5*[{wireplumber}] | |-xdg-desktop-por---6*[{xdg-desktop-por}] | |-xdg-desktop-por---5*[{xdg-desktop-por}] | |-xdg-desktop-por---4*[{xdg-desktop-por}] | |-xdg-document-po-+-fusermount3 | | `-6*[{xdg-document-po}] | `-xdg-permission----3*[{xdg-permission-}] |-systemd-journal |-systemd-logind |-systemd-oomd |-systemd-resolve |-systemd-timesyn---{systemd-timesyn} |-systemd-udevd |-tailscaled---11*[{tailscaled}] |-thermald---4*[{thermald}] |-udisksd---5*[{udisksd}] |-unattended-upgr---{unattended-upgr} |-upowerd---3*[{upowerd}] `-wpa_supplicant [2025-08-22 22:32:42] [INFO] Running module: collect_security_info ==== SECURITY ASSESSMENT ==== --- User Accounts --- root:x:0:0:root:/root:/bin/bash jon:x:1000:1000:jon:/home/jon:/bin/bash netdata:x:995:983::/var/lib/netdata:/bin/sh root sudo:x:27:jon jon seat0 2025-08-22 17:11 (login screen) jon tty2 2025-08-22 17:11 (tty2) jon pts/0 2025-08-22 21:12 (100.96.2.115) jon pts/1 100.81.202.21 Fri Aug 22 22:32 - 22:32 (00:00) jon pts/1 100.81.202.21 Fri Aug 22 22:32 - 22:32 (00:00) jon pts/1 100.81.202.21 Fri Aug 22 22:32 - 22:32 (00:00) jon pts/1 100.81.202.21 Fri Aug 22 22:32 - 22:32 (00:00) jon pts/1 100.81.202.21 Fri Aug 22 22:32 - 22:32 (00:00) jon pts/1 100.81.202.21 Fri Aug 22 22:32 - 22:32 (00:00) jon pts/1 100.81.202.21 Fri Aug 22 22:32 - 22:32 (00:00) jon pts/1 100.81.202.21 Fri Aug 22 22:32 - 22:32 (00:00) jon pts/1 100.81.202.21 Fri Aug 22 22:32 - 22:32 (00:00) jon pts/1 100.81.202.21 Fri Aug 22 22:32 - 22:32 (00:00) wtmp begins Sat Jun 14 15:33:32 2025 --- SSH Configuration --- PubkeyAuthentication yes PasswordAuthentication yes 2025-08-17T21:56:52.816957-04:00 surface sshd[1872561]: Failed password for invalid user jonathan from 192.168.50.225 port 49936 ssh2 2025-08-17T21:56:52.837208-04:00 surface sshd[1872561]: Failed password for invalid user jonathan from 192.168.50.225 port 49936 ssh2 2025-08-17T22:01:06.841536-04:00 surface sshd[1876026]: Failed password for jon from 192.168.50.225 port 33708 ssh2 2025-08-17T22:01:06.971513-04:00 surface sshd[1876026]: Failed password for jon from 192.168.50.225 port 33708 ssh2 --- File Permissions and SUID --- /home/jon/notebookllama/.venv/.lock /home/jon/.local/share/uv/python/.lock /home/jon/.cache/uv/sdists-v9/pypi/ffprobe/0.5/.lock /var/snap/docker/common/var-lib-docker/overlay2/0602052e8c249de59809cc8d2a3d85ada6768d7d98fdd9a13c9667c7e7e83bc9/diff/usr/bin/fg /var/snap/docker/common/var-lib-docker/overlay2/0602052e8c249de59809cc8d2a3d85ada6768d7d98fdd9a13c9667c7e7e83bc9/diff/usr/bin/pinky /var/snap/docker/common/var-lib-docker/overlay2/0602052e8c249de59809cc8d2a3d85ada6768d7d98fdd9a13c9667c7e7e83bc9/diff/usr/bin/sleep /var/snap/docker/common/var-lib-docker/overlay2/0602052e8c249de59809cc8d2a3d85ada6768d7d98fdd9a13c9667c7e7e83bc9/diff/usr/bin/gencat /var/snap/docker/common/var-lib-docker/overlay2/0602052e8c249de59809cc8d2a3d85ada6768d7d98fdd9a13c9667c7e7e83bc9/diff/usr/bin/stat /var/snap/docker/common/var-lib-docker/overlay2/0602052e8c249de59809cc8d2a3d85ada6768d7d98fdd9a13c9667c7e7e83bc9/diff/usr/bin/who /var/snap/docker/common/var-lib-docker/overlay2/0602052e8c249de59809cc8d2a3d85ada6768d7d98fdd9a13c9667c7e7e83bc9/diff/usr/bin/read /var/snap/docker/common/var-lib-docker/overlay2/0602052e8c249de59809cc8d2a3d85ada6768d7d98fdd9a13c9667c7e7e83bc9/diff/usr/bin/b2sum /var/snap/docker/common/var-lib-docker/overlay2/0602052e8c249de59809cc8d2a3d85ada6768d7d98fdd9a13c9667c7e7e83bc9/diff/usr/bin/[ /var/snap/docker/common/var-lib-docker/overlay2/0602052e8c249de59809cc8d2a3d85ada6768d7d98fdd9a13c9667c7e7e83bc9/diff/usr/bin/uname /var/snap/docker/common/var-lib-docker/overlay2/0602052e8c249de59809cc8d2a3d85ada6768d7d98fdd9a13c9667c7e7e83bc9/diff/usr/bin/numfmt /var/snap/docker/common/var-lib-docker/overlay2/0602052e8c249de59809cc8d2a3d85ada6768d7d98fdd9a13c9667c7e7e83bc9/diff/usr/bin/nohup /var/snap/docker/common/var-lib-docker/overlay2/0602052e8c249de59809cc8d2a3d85ada6768d7d98fdd9a13c9667c7e7e83bc9/diff/usr/bin/command /var/snap/docker/common/var-lib-docker/overlay2/0602052e8c249de59809cc8d2a3d85ada6768d7d98fdd9a13c9667c7e7e83bc9/diff/usr/bin/bash /var/snap/docker/common/var-lib-docker/overlay2/0602052e8c249de59809cc8d2a3d85ada6768d7d98fdd9a13c9667c7e7e83bc9/diff/usr/bin/sprof /var/snap/docker/common/var-lib-docker/overlay2/0602052e8c249de59809cc8d2a3d85ada6768d7d98fdd9a13c9667c7e7e83bc9/diff/usr/bin/ln /var/snap/docker/common/var-lib-docker/overlay2/0602052e8c249de59809cc8d2a3d85ada6768d7d98fdd9a13c9667c7e7e83bc9/diff/usr/bin/zdump /usr/lib/openssh/ssh-keysign /usr/lib/mysql/plugin/auth_pam_tool_dir/auth_pam_tool /usr/lib/polkit-1/polkit-agent-helper-1 /usr/lib/dbus-1.0/dbus-daemon-launch-helper /usr/lib/xorg/Xorg.wrap /usr/lib/snapd/snap-confine /usr/bin/passwd /usr/bin/mount /usr/bin/sudo /usr/bin/newgrp /usr/bin/ssh-agent /usr/bin/fusermount3 /usr/bin/pkexec /usr/bin/expiry /usr/bin/chage /usr/bin/chfn /usr/bin/umount /usr/bin/chsh /usr/bin/crontab /usr/bin/su /usr/bin/gpasswd /usr/sbin/pam_extrausers_chkpwd /usr/sbin/unix_chkpwd /usr/sbin/pppd /usr/sbin/mount.nfs /usr/libexec/camel-lock-helper-1.2 /snap/core24/1055/usr/bin/chage /snap/core24/1055/usr/bin/chfn /snap/core24/1055/usr/bin/chsh /snap/core24/1055/usr/bin/expiry WARNING: Potentially dangerous SUID binary found: /bin/su WARNING: Potentially dangerous SUID binary found: /usr/bin/sudo WARNING: Potentially dangerous SUID binary found: /usr/bin/passwd WARNING: Potentially dangerous SUID binary found: /usr/bin/chfn WARNING: Potentially dangerous SUID binary found: /usr/bin/chsh WARNING: Potentially dangerous SUID binary found: /usr/bin/gpasswd WARNING: Potentially dangerous SUID binary found: /usr/bin/newgrp WARNING: Potentially dangerous SUID binary found: /usr/bin/mount WARNING: Potentially dangerous SUID binary found: /usr/bin/umount /tmp /run/lock /snap/core24/1055/run/lock /snap/core24/1055/tmp /snap/core24/1055/var/tmp /snap/core24/1006/run/lock /snap/core24/1006/tmp /snap/core24/1006/var/tmp /snap/core22/2082/run/lock /snap/core22/2082/tmp --- Cron Jobs --- total 36 drwxr-xr-x 2 root root 4096 Jul 18 13:52 . drwxr-xr-x 154 root root 12288 Aug 22 17:11 .. -rw-r--r-- 1 root root 219 Nov 17 2023 anacron -rw-r--r-- 1 root root 201 Apr 8 2024 e2scrub_all -rw-r--r-- 1 root root 712 Dec 4 2024 php -rw-r--r-- 1 root root 102 Mar 30 2024 .placeholder -rw-r--r-- 1 root root 396 Jan 9 2024 sysstat # /etc/crontab: system-wide crontab # Unlike any other crontab you don't have to run the `crontab' # command to install the new version when you edit this file # and files in /etc/cron.d. These files also have username fields, # that none of the other crontabs do. SHELL=/bin/sh # You can also override PATH, but by default, newer versions inherit it from the environment #PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin # Example of job definition: # .---------------- minute (0 - 59) # | .------------- hour (0 - 23) # | | .---------- day of month (1 - 31) # | | | .------- month (1 - 12) OR jan,feb,mar,apr ... # | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat # | | | | | # * * * * * user-name command to be executed 17 * * * * root cd / && run-parts --report /etc/cron.hourly 25 6 * * * root test -x /usr/sbin/anacron || { cd / && run-parts --report /etc/cron.daily; } 47 6 * * 7 root test -x /usr/sbin/anacron || { cd / && run-parts --report /etc/cron.weekly; } 52 6 1 * * root test -x /usr/sbin/anacron || { cd / && run-parts --report /etc/cron.monthly; } # --- Shell History --- Analyzing: /home/jon/.bash_history WARNING: Pattern 'passwd' found in /home/jon/.bash_history WARNING: Pattern 'token' found in /home/jon/.bash_history WARNING: Pattern 'key' found in /home/jon/.bash_history WARNING: Pattern 'api_key' found in /home/jon/.bash_history --- Tailscale Configuration --- 100.67.40.97 surface jonpressnell@ linux - 100.118.220.45 audrey jonpressnell@ linux - 100.104.185.11 bpcp-b3722383fb jonpressnell@ windows offline 100.126.196.100 bpcp-s7g23273fb jonpressnell@ windows offline 100.81.202.21 fedora jonpressnell@ linux idle, tx 102508 rx 1233412 100.96.2.115 google-pixel-9-pro jonpressnell@ android idle, tx 62714816 rx 2131944 100.107.248.69 ipad-10th-gen-wificellular jonpressnell@ iOS offline 100.123.118.16 jon-ser jonpressnell@ linux - 100.67.250.42 jonathan jonpressnell@ linux offline 100.99.235.80 lenovo jonpressnell@ linux - 100.98.144.95 lenovo420 jonpressnell@ linux - 100.78.26.112 omv800 jonpressnell@ linux - 100.65.76.70 qualcomm-go103 jonpressnell@ android offline 100.72.166.115 samsung-sm-g781u1 jonpressnell@ android offline 100.69.142.126 xreal-x4000 jonpressnell@ android offline # Health check: # - Tailscale failed to set the DNS configuration of your device: writing to "/etc/resolv.pre-tailscale-backup.conf" in rename of "/etc/resolv.conf": open /etc/resolv.pre-tailscale-backup.conf: permission denied # - writing to "/etc/resolv.pre-tailscale-backup.conf" in rename of "/etc/resolv.conf": open /etc/resolv.pre-tailscale-backup.conf: permission denied 100.67.40.97 [2025-08-22 22:33:13] [INFO] Running module: run_vulnerability_scan ==== VULNERABILITY ASSESSMENT ==== --- Kernel Vulnerabilities --- 6.15.1-surface-2 Current kernel: 6.15.1-surface-2 Kernel major version: 6 Kernel minor version: 15 Risk Level: LOW Assessment: Kernel version is recent and likely secure Kernel Security Features: ASLR (Address Space Layout Randomization): ENABLED Dmesg restriction: ENABLED --- Open Ports Security Check --- Port 80 (HTTP) - Consider HTTPS [2025-08-22 22:33:13] [INFO] Running module: collect_env_info ==== ENVIRONMENT AND CONFIGURATION ==== --- Environment Variables --- SHELL=/bin/bash HOME=/root LANG=en_US.UTF-8 USER=root PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin --- Mount Points --- sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime) proc on /proc type proc (rw,nosuid,nodev,noexec,relatime) udev on /dev type devtmpfs (rw,nosuid,relatime,size=3990540k,nr_inodes=997635,mode=755,inode64) devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000) tmpfs on /run type tmpfs (rw,nosuid,nodev,noexec,relatime,size=806084k,mode=755,inode64) /dev/nvme0n1p2 on / type ext4 (rw,relatime) securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime) tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev,inode64) tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k,inode64) cgroup2 on /sys/fs/cgroup type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate,memory_recursiveprot) none on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime) efivarfs on /sys/firmware/efi/efivars type efivarfs (rw,nosuid,nodev,noexec,relatime) bpf on /sys/fs/bpf type bpf (rw,nosuid,nodev,noexec,relatime,mode=700) systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=32,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=2989) mqueue on /dev/mqueue type mqueue (rw,nosuid,nodev,noexec,relatime) debugfs on /sys/kernel/debug type debugfs (rw,nosuid,nodev,noexec,relatime) hugetlbfs on /dev/hugepages type hugetlbfs (rw,nosuid,nodev,relatime,pagesize=2M) tracefs on /sys/kernel/tracing type tracefs (rw,nosuid,nodev,noexec,relatime) configfs on /sys/kernel/config type configfs (rw,nosuid,nodev,noexec,relatime) fusectl on /sys/fs/fuse/connections type fusectl (rw,nosuid,nodev,noexec,relatime) /var/lib/snapd/snaps/bare_5.snap on /snap/bare/5 type squashfs (ro,nodev,relatime,errors=continue,threads=single,x-gdu.hide,x-gvfs-hide) /var/lib/snapd/snaps/canonical-livepatch_338.snap on /snap/canonical-livepatch/338 type squashfs (ro,nodev,relatime,errors=continue,threads=single,x-gdu.hide,x-gvfs-hide) /var/lib/snapd/snaps/canonical-livepatch_341.snap on /snap/canonical-livepatch/341 type squashfs (ro,nodev,relatime,errors=continue,threads=single,x-gdu.hide,x-gvfs-hide) /var/lib/snapd/snaps/core22_2082.snap on /snap/core22/2082 type squashfs (ro,nodev,relatime,errors=continue,threads=single,x-gdu.hide,x-gvfs-hide) /var/lib/snapd/snaps/core22_2045.snap on /snap/core22/2045 type squashfs (ro,nodev,relatime,errors=continue,threads=single,x-gdu.hide,x-gvfs-hide) /var/lib/snapd/snaps/docker_3265.snap on /snap/docker/3265 type squashfs (ro,nodev,relatime,errors=continue,threads=single,x-gdu.hide,x-gvfs-hide) /var/lib/snapd/snaps/core24_1006.snap on /snap/core24/1006 type squashfs (ro,nodev,relatime,errors=continue,threads=single,x-gdu.hide,x-gvfs-hide) /var/lib/snapd/snaps/firefox_6638.snap on /snap/firefox/6638 type squashfs (ro,nodev,relatime,errors=continue,threads=single,x-gdu.hide,x-gvfs-hide) /var/lib/snapd/snaps/firmware-updater_167.snap on /snap/firmware-updater/167 type squashfs (ro,nodev,relatime,errors=continue,threads=single,x-gdu.hide,x-gvfs-hide) /var/lib/snapd/snaps/core24_1055.snap on /snap/core24/1055 type squashfs (ro,nodev,relatime,errors=continue,threads=single,x-gdu.hide,x-gvfs-hide) /var/lib/snapd/snaps/gtk-common-themes_1535.snap on /snap/gtk-common-themes/1535 type squashfs (ro,nodev,relatime,errors=continue,threads=single,x-gdu.hide,x-gvfs-hide) /var/lib/snapd/snaps/snap-store_1248.snap on /snap/snap-store/1248 type squashfs (ro,nodev,relatime,errors=continue,threads=single,x-gdu.hide,x-gvfs-hide) /var/lib/snapd/snaps/firefox_6626.snap on /snap/firefox/6626 type squashfs (ro,nodev,relatime,errors=continue,threads=single,x-gdu.hide,x-gvfs-hide) /var/lib/snapd/snaps/tailscale_108.snap on /snap/tailscale/108 type squashfs (ro,nodev,relatime,errors=continue,threads=single,x-gdu.hide,x-gvfs-hide) /var/lib/snapd/snaps/snapd_24792.snap on /snap/snapd/24792 type squashfs (ro,nodev,relatime,errors=continue,threads=single,x-gdu.hide,x-gvfs-hide) /var/lib/snapd/snaps/gnome-42-2204_202.snap on /snap/gnome-42-2204/202 type squashfs (ro,nodev,relatime,errors=continue,threads=single,x-gdu.hide,x-gvfs-hide) /var/lib/snapd/snaps/snapd_24718.snap on /snap/snapd/24718 type squashfs (ro,nodev,relatime,errors=continue,threads=single,x-gdu.hide,x-gvfs-hide) /var/lib/snapd/snaps/snapd-desktop-integration_315.snap on /snap/snapd-desktop-integration/315 type squashfs (ro,nodev,relatime,errors=continue,threads=single,x-gdu.hide,x-gvfs-hide) /var/lib/snapd/snaps/snap-store_1270.snap on /snap/snap-store/1270 type squashfs (ro,nodev,relatime,errors=continue,threads=single,x-gdu.hide,x-gvfs-hide) /var/lib/snapd/snaps/tailscale_97.snap on /snap/tailscale/97 type squashfs (ro,nodev,relatime,errors=continue,threads=single,x-gdu.hide,x-gvfs-hide) /var/lib/snapd/snaps/snapd-desktop-integration_253.snap on /snap/snapd-desktop-integration/253 type squashfs (ro,nodev,relatime,errors=continue,threads=single,x-gdu.hide,x-gvfs-hide) /dev/nvme0n1p1 on /boot/efi type vfat (rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro) binfmt_misc on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,nosuid,nodev,noexec,relatime) sunrpc on /run/rpc_pipefs type rpc_pipefs (rw,relatime) tmpfs on /run/snapd/ns type tmpfs (rw,nosuid,nodev,noexec,relatime,size=806084k,mode=755,inode64) nsfs on /run/snapd/ns/tailscale.mnt type nsfs (rw) nsfs on /run/snapd/ns/docker.mnt type nsfs (rw) nsfs on /run/snapd/ns/canonical-livepatch.mnt type nsfs (rw) 192.168.50.107:/export/surface_backup on /mnt/omv-backup type nfs (rw,relatime,vers=3,rsize=131072,wsize=131072,namlen=255,hard,fatal_neterrors=none,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=192.168.50.107,mountvers=3,mountport=56632,mountproto=udp,local_lock=none,addr=192.168.50.107) nsfs on /run/snapd/ns/snapd-desktop-integration.mnt type nsfs (rw) tmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=806080k,nr_inodes=201520,mode=700,uid=1000,gid=1000,inode64) portal on /run/user/1000/doc type fuse.portal (rw,nosuid,nodev,relatime,user_id=1000,group_id=1000) gvfsd-fuse on /run/user/1000/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1000,group_id=1000) nsfs on /run/snapd/ns/firmware-updater.mnt type nsfs (rw) tracefs on /sys/kernel/debug/tracing type tracefs (rw,nosuid,nodev,noexec,relatime) Filesystem Size Used Avail Use% Mounted on tmpfs 788M 3.3M 784M 1% /run /dev/nvme0n1p2 233G 45G 176G 21% / tmpfs 3.9G 464K 3.9G 1% /dev/shm tmpfs 5.0M 8.0K 5.0M 1% /run/lock efivarfs 116K 55K 57K 50% /sys/firmware/efi/efivars /dev/nvme0n1p1 1.1G 6.2M 1.1G 1% /boot/efi 192.168.50.107:/export/surface_backup 7.3T 306G 7.0T 5% /mnt/omv-backup tmpfs 788M 120K 788M 1% /run/user/1000 --- System Limits --- real-time non-blocking time (microseconds, -R) unlimited core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 30947 max locked memory (kbytes, -l) 1007600 max memory size (kbytes, -m) unlimited open files (-n) 1024 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 30947 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited [2025-08-22 22:33:13] [INFO] Generating JSON summary ==== GENERATING SUMMARY ==== [2025-08-22 22:33:13] [Generating JSON summary...] [2025-08-22 22:33:13] [INFO] JSON summary generated successfully: /tmp/system_audit_surface_20250822_223227/results.json ==== AUDIT COMPLETE ==== [2025-08-22 22:33:13] [INFO] Audit completed successfully in 46 seconds [2025-08-22 22:33:13] [INFO] Results available in: /tmp/system_audit_surface_20250822_223227 [2025-08-22 22:33:14] [INFO] Enhanced summary created: /tmp/system_audit_surface_20250822_223227/SUMMARY.txt [2025-08-22 22:33:14] [INFO] Compressing audit results...