=== getenforce ===
sh: getenforce: command not found (ret:127)

=== sestatus ===
sh: sestatus: command not found (ret:127)

=== ls /etc/security/limits.d/ ===
total 8
drwxr-xr-x. 2 root root   31 Feb 24 14:50 .
drwxr-xr-x. 7 root root 4096 Feb 24 14:03 ..
-rw-r--r--. 1 root root  502 Feb 24 14:50 99-optimizer.conf (ret:0)

=== cat limits.d files ===
# cpanel_optimizer.sh
*               soft    nofile          4194304
*               hard    nofile          4194304
*               soft    nproc           2097152
*               hard    nproc           2097152
root            soft    nofile          4194304
root            hard    nofile          4194304
nobody          soft    nofile          4194304
nobody          hard    nofile          4194304
mysql           soft    nofile          4194304
mysql           hard    nofile          4194304 (ret:0)

=== stat /etc/pam.d/ ===
  File: /etc/pam.d/
  Size: 4096      	Blocks: 8          IO Block: 4096   directory
Device: fd00h/64768d	Inode: 55786       Links: 2
Access: (0755/drwxr-xr-x)  Uid: (    0/    root)   Gid: (    0/    root)
Context: system_u:object_r:etc_t:s0
Access: 2026-03-11 14:45:59.743783898 -0400
Modify: 2026-02-24 14:05:51.095515622 -0500
Change: 2026-02-24 15:02:47.834695767 -0500
 Birth: 2026-02-23 17:20:21.953354657 -0500 (ret:0)

=== stat /etc/pam.d/sudo ===
  File: /etc/pam.d/sudo
  Size: 154       	Blocks: 8          IO Block: 4096   regular file
Device: fd00h/64768d	Inode: 425777      Links: 1
Access: (0644/-rw-r--r--)  Uid: (    0/    root)   Gid: (    0/    root)
Context: system_u:object_r:etc_t:s0
Access: 2026-03-11 04:23:30.566251355 -0400
Modify: 2026-02-24 14:03:04.725004020 -0500
Change: 2026-02-24 14:03:04.725004020 -0500
 Birth: 2026-02-23 17:20:44.723372347 -0500 (ret:0)

=== ls -laZ /etc/pam.d/ ===
total 132
drwxr-xr-x.   2 root root system_u:object_r:etc_t:s0      4096 Feb 24 14:05 .
drwxr-xr-x. 121 root root system_u:object_r:etc_t:s0     12288 Mar 11 18:17 ..
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       272 Feb 24 14:03 atd
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       342 Feb 24 14:05 chfn
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       342 Feb 24 14:05 chsh
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       232 Feb 24 14:03 config-util
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       322 Feb 24 14:03 crond
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       157 Feb  3 14:31 dovecot
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       116 Feb  3 13:25 exim
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       701 Feb 24 14:03 fingerprint-auth
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       715 Feb 24 14:03 login
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       154 Feb 24 14:03 other
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       168 Feb 24 14:03 passwd
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       786 Feb 24 14:03 password-auth
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       155 Feb 24 14:03 polkit-1
-rw-r--r--.   1 root root unconfined_u:object_r:etc_t:s0    70 Feb 24 14:03 postgresql_cpses
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       398 Feb 24 14:03 postlogin
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       640 Feb 24 14:03 remote
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       143 Feb 24 14:03 runuser
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       138 Feb 24 14:03 runuser-l
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       153 Feb 24 14:03 smartcard-auth
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       766 Feb 24 14:05 sshd
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       240 Feb 24 14:03 sssd-shadowutils
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       566 Feb 24 14:03 su
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       137 Feb 24 14:03 su-l
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       154 Feb 24 14:03 sudo
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       178 Feb 24 14:03 sudo-i
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       786 Feb 24 14:03 system-auth
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0       368 Feb 24 14:03 systemd-user
-rw-r--r--.   1 root root system_u:object_r:etc_t:s0        84 Feb 24 14:03 vlock (ret:0)

=== stat /etc/shadow ===
  File: /etc/shadow
  Size: 53610     	Blocks: 112        IO Block: 4096   regular file
Device: fd00h/64768d	Inode: 142243854   Links: 1
Access: (0600/-rw-------)  Uid: (    0/    root)   Gid: (    0/    root)
Context: system_u:object_r:etc_t:s0
Access: 2026-03-11 16:39:16.860975275 -0400
Modify: 2026-03-11 16:39:16.857975277 -0400
Change: 2026-03-11 16:39:16.857975277 -0400
 Birth: 2026-03-11 16:39:16.857975277 -0400 (ret:0)

=== ls -laZ /etc/shadow ===
-rw-r--r--. 1 root root system_u:object_r:etc_t:s0 32891 Mar 11 16:39 /etc/passwd
-rw-------. 1 root root system_u:object_r:etc_t:s0 53610 Mar 11 16:39 /etc/shadow (ret:0)

=== journalctl sudo ===
Hint: You are currently not seeing messages from other users and the system.
      Users in the 'systemd-journal' group can see all messages. Pass -q to
      turn off this notice.
No journal files were opened due to insufficient permissions. (ret:1)

=== journalctl pam ===
Hint: You are currently not seeing messages from other users and the system.
      Users in the 'systemd-journal' group can see all messages. Pass -q to
      turn off this notice.
No journal files were opened due to insufficient permissions. (ret:1)

=== last secure log via journalctl ===
Hint: You are currently not seeing messages from other users and the system.
      Users in the 'systemd-journal' group can see all messages. Pass -q to
      turn off this notice.
No journal files were opened due to insufficient permissions. (ret:1)

=== dmesg | grep -i pam ===
[    2.215883] systemd[1]: systemd 239 (239-82.el8) running in system mode. (+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=legacy)
[    3.560094] systemd[1]: systemd 239 (239-82.el8) running in system mode. (+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=legacy)
[73100.381379] systemd[1]: systemd 239 (239-82.el8_10.13) running in system mode. (+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=legacy) (ret:0)

=== dmesg | grep -i selinux ===
[73098.639733] SELinux:  policy capability cgroup_seclabel=1
[73098.639734] SELinux:  policy capability nnp_nosuid_transition=1
[73100.381379] systemd[1]: systemd 239 (239-82.el8_10.13) running in system mode. (+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=legacy)
[73376.068074] SELinux:  Converting 521 SID table entries...
[73376.074760] SELinux:  policy capability network_peer_controls=1
[73376.074762] SELinux:  policy capability open_perms=1
[73376.074763] SELinux:  policy capability extended_socket_class=1
[73376.074763] SELinux:  policy capability always_check_network=0
[73376.074764] SELinux:  policy capability cgroup_seclabel=1
[73376.074765] SELinux:  policy capability nnp_nosuid_transition=1 (ret:0)

=== dmesg | grep -i denied ===
 (ret:0)

=== ausearch ===
sh: ausearch: command not found (ret:127)

=== sudo -V ===
Sudo version 1.9.5p2
Sudoers policy plugin version 1.9.5p2
Sudoers file grammar version 48
Sudoers I/O plugin version 1.9.5p2
Sudoers audit plugin version 1.9.5p2 (ret:0)

=== rpm -q sudo pam ===
sudo-1.9.5p2-1.el8_10.3.x86_64
pam-1.3.1-39.el8_10.x86_64
pam-devel-1.3.1-39.el8_10.x86_64
libselinux-2.9-11.el8_10.x86_64 (ret:0)