I’m not entirely clear what’s being audited in the Manjaro Linux boxes I’ve recently set up, nor what the difference between res=success and res=failed might mean for the x11vnc unit:
[ 98.632347] audit: type=1131 audit(1594859418.419:110): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=x11vnc comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
[ 98.632348] audit: audit_lost=46 audit_rate_limit=0 audit_backlog_limit=64
[ 98.632349] audit: kauditd hold queue overflow
[ 98.649743] audit: type=1130 audit(1594859418.433:111): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=x11vnc comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'
[ 98.649745] audit: audit_lost=47 audit_rate_limit=0 audit_backlog_limit=64
[ 98.649746] audit: kauditd hold queue overflow
[ 100.515527] audit: type=1101 audit(1594859420.299:112): pid=843 uid=1000 auid=1000 ses=2 msg='op=PAM:accounting grantors=pam_unix,pam_permit,pam_time acct="ed" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/0 res=success'That’s the better part of two seconds in the life of the box and, later on, the pace picks up. Casual searching suggests nobody else knows what’s going on, either, apart from the fact than that it obviously has something to do with systemd and, thus, is just the way things are these days.
Add audit=off to the default kernel command-line parameters by editing /etc/default/grub thusly:
GRUB_CMDLINE_LINUX_DEFAULT="quiet resume=UUID=whatever udev.log_priority=3 audit=off"Then update the bootloader:
sudo grub-mkconfig -o /boot/grub/grub.cfg Whereupon dmesg becomes all quiet and (mostly) meaningful to this civilian.
The Smell of Molten Projects in the Morning 