[CentOS] audit freeing multiple contexts (when running certbot)

Tue Sep 17 10:45:03 UTC 2019
Tony Mountifield <tony at softins.co.uk>

Apologies if it's considered off-topic, but I'm not sure in what part
of the system the issue lies. So I am giving as much info as possible,
not knowing which is most relevant.

I have two VMs hosted on ESX, running CentOS 6.10
One has kernel 2.6.32-754.11.1.el6.i686 and the other has 2.6.32-754.18.2.el6.i686
Both have selinux, currently in permissive mode.

On both machines we have noticed messages like the following appear in /var/log/messages
from time to time:

Sep 17 10:32:28 merlin kernel: audit(:0): major=252 name_count=0: freeing multiple contexts (1)
Sep 17 10:32:28 merlin kernel: audit(:0): major=355 name_count=0: freeing multiple contexts (2)
Sep 17 10:32:29 merlin kernel: audit(:0): major=252 name_count=0: freeing multiple contexts (1)
Sep 17 10:32:29 merlin kernel: audit(:0): major=355 name_count=0: freeing multiple contexts (2)

On further investigation, this only happens when certbot-auto runs (under python 3.4),
whether or not it renews the certificate.

The above instance was created by running the following command:

[root at merlin ~]# date ; cd /opt/letsencrypt && ./certbot-auto renew ; date
Tue Sep 17 10:32:24 BST 2019
/opt/eff.org/certbot/venv/lib/python3.4/site-packages/cryptography/hazmat/bindings/openssl/binding.py:163: CryptographyDeprecationWarning: OpenSSL version 1.0.1 is no longer supported by the OpenSSL project, please upgrade. A future version of cryptography will drop support for it.
  utils.CryptographyDeprecationWarning
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/xxxx.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not yet due for renewal

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

The following certs are not due for renewal yet:
  /etc/letsencrypt/live/xxxx/fullchain.pem expires on 2019-11-15 (skipped)
No renewals were attempted.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Tue Sep 17 10:32:30 BST 2019
[root at merlin letsencrypt]#

Has anyone else seen anything similar? Is it something that can be fixed,
or should be ignored?

Cheers
Tony
-- 
Tony Mountifield
Work: tony at softins.co.uk - http://www.softins.co.uk
Play: tony at mountifield.org - http://tony.mountifield.org