0s autopkgtest [15:17:53]: starting date: 2024-03-09 0s autopkgtest [15:17:53]: git checkout: d9c0295 adt_testbed.py: supress warnings from apt using a shell pipeline 0s autopkgtest [15:17:53]: host juju-7f2275-prod-proposed-migration-environment-3; command line: /home/ubuntu/autopkgtest/runner/autopkgtest --output-dir /tmp/autopkgtest-work.0q832fpv/out --timeout-copy=6000 --setup-commands /home/ubuntu/autopkgtest-cloud/worker-config-production/setup-canonical.sh --setup-commands /home/ubuntu/autopkgtest/setup-commands/setup-testbed --apt-pocket=proposed=src:dbus,src:glib2.0 --apt-upgrade sssd --timeout-short=300 --timeout-copy=20000 --timeout-build=20000 '--env=ADT_TEST_TRIGGERS=dbus/1.14.10-4ubuntu2 glib2.0/2.79.3-3ubuntu3' -- ssh -s /home/ubuntu/autopkgtest/ssh-setup/nova -- --flavor autopkgtest --security-groups autopkgtest-juju-7f2275-prod-proposed-migration-environment-3@bos03-arm64-12.secgroup --name adt-noble-arm64-sssd-20240309-151752-juju-7f2275-prod-proposed-migration-environment-3 --image adt/ubuntu-noble-arm64-server --keyname testbed-juju-7f2275-prod-proposed-migration-environment-3 --net-id=net_prod-proposed-migration -e TERM=linux -e ''"'"'http_proxy=http://squid.internal:3128'"'"'' -e ''"'"'https_proxy=http://squid.internal:3128'"'"'' -e ''"'"'no_proxy=127.0.0.1,127.0.1.1,login.ubuntu.com,localhost,localdomain,novalocal,internal,archive.ubuntu.com,ports.ubuntu.com,security.ubuntu.com,ddebs.ubuntu.com,changelogs.ubuntu.com,launchpadlibrarian.net,launchpadcontent.net,launchpad.net,10.24.0.0/24,keystone.ps5.canonical.com,objectstorage.prodstack5.canonical.com'"'"'' --mirror=http://ftpmaster.internal/ubuntu/ 83s autopkgtest [15:19:16]: @@@@@@@@@@@@@@@@@@@@ test bed setup 83s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 87s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [2631 kB] 88s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [429 kB] 88s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [3976 B] 88s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [37.3 kB] 88s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 Packages [573 kB] 88s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 c-n-f Metadata [3144 B] 88s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted arm64 Packages [20.3 kB] 88s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted arm64 c-n-f Metadata [116 B] 88s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe arm64 Packages [2876 kB] 88s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe arm64 c-n-f Metadata [8528 B] 88s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse arm64 Packages [39.2 kB] 88s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse arm64 c-n-f Metadata [116 B] 90s Fetched 6739 kB in 5s (1365 kB/s) 90s Reading package lists... 94s Reading package lists... 94s Building dependency tree... 94s Reading state information... 95s Calculating upgrade... 95s The following package was automatically installed and is no longer required: 95s ubuntu-advantage-tools 95s Use 'sudo apt autoremove' to remove it. 95s The following packages will be REMOVED: 95s libglib2.0-0 95s The following NEW packages will be installed: 95s libglib2.0-0t64 libnuma1 libsensors-config libsensors5 numactl sysstat 95s xdg-user-dirs 95s The following packages will be upgraded: 95s dbus dbus-bin dbus-daemon dbus-session-bus-common dbus-system-bus-common 95s dbus-user-session efibootmgr gir1.2-glib-2.0 libdbus-1-3 libglib2.0-data 95s ubuntu-minimal ubuntu-standard 96s 12 upgraded, 7 newly installed, 1 to remove and 0 not upgraded. 96s Need to get 2962 kB of archives. 96s After this operation, 2353 kB of additional disk space will be used. 96s Get:1 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 gir1.2-glib-2.0 arm64 2.79.3-3ubuntu3 [182 kB] 96s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libglib2.0-0t64 arm64 2.79.3-3ubuntu3 [1527 kB] 96s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 dbus-session-bus-common all 1.14.10-4ubuntu2 [80.3 kB] 96s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 dbus-user-session arm64 1.14.10-4ubuntu2 [9960 B] 96s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 dbus-daemon arm64 1.14.10-4ubuntu2 [115 kB] 96s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 dbus-bin arm64 1.14.10-4ubuntu2 [38.8 kB] 96s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 dbus-system-bus-common all 1.14.10-4ubuntu2 [81.5 kB] 96s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 dbus arm64 1.14.10-4ubuntu2 [23.9 kB] 96s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libdbus-1-3 arm64 1.14.10-4ubuntu2 [210 kB] 96s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libglib2.0-data all 2.79.3-3ubuntu3 [46.6 kB] 96s Get:11 http://ftpmaster.internal/ubuntu noble/main arm64 ubuntu-minimal arm64 1.535 [10.5 kB] 96s Get:12 http://ftpmaster.internal/ubuntu noble/main arm64 xdg-user-dirs arm64 0.18-1 [18.1 kB] 96s Get:13 http://ftpmaster.internal/ubuntu noble/main arm64 libnuma1 arm64 2.0.18-1 [23.5 kB] 96s Get:14 http://ftpmaster.internal/ubuntu noble/main arm64 ubuntu-standard arm64 1.535 [10.5 kB] 96s Get:15 http://ftpmaster.internal/ubuntu noble/main arm64 efibootmgr arm64 18-1build1 [31.5 kB] 96s Get:16 http://ftpmaster.internal/ubuntu noble/main arm64 libsensors-config all 1:3.6.0-9 [5458 B] 96s Get:17 http://ftpmaster.internal/ubuntu noble/main arm64 libsensors5 arm64 1:3.6.0-9 [26.9 kB] 96s Get:18 http://ftpmaster.internal/ubuntu noble/main arm64 numactl arm64 2.0.18-1 [39.5 kB] 96s Get:19 http://ftpmaster.internal/ubuntu noble/main arm64 sysstat arm64 12.6.1-1ubuntu1 [480 kB] 97s Preconfiguring packages ... 97s Fetched 2962 kB in 1s (2912 kB/s) 97s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74662 files and directories currently installed.) 97s Preparing to unpack .../gir1.2-glib-2.0_2.79.3-3ubuntu3_arm64.deb ... 97s Unpacking gir1.2-glib-2.0:arm64 (2.79.3-3ubuntu3) over (2.79.2-1~ubuntu1) ... 97s dpkg: libglib2.0-0:arm64: dependency problems, but removing anyway as you requested: 97s udisks2 depends on libglib2.0-0 (>= 2.77.0). 97s shared-mime-info depends on libglib2.0-0 (>= 2.75.3). 97s python3-gi depends on libglib2.0-0 (>= 2.77.0). 97s python3-dbus depends on libglib2.0-0 (>= 2.16.0). 97s netplan.io depends on libglib2.0-0 (>= 2.70.0). 97s netplan-generator depends on libglib2.0-0 (>= 2.70.0). 97s libxmlb2:arm64 depends on libglib2.0-0 (>= 2.54.0). 97s libvolume-key1:arm64 depends on libglib2.0-0 (>= 2.18.0). 97s libudisks2-0:arm64 depends on libglib2.0-0 (>= 2.75.3). 97s libqrtr-glib0:arm64 depends on libglib2.0-0 (>= 2.56). 97s libqmi-proxy depends on libglib2.0-0 (>= 2.30.0). 97s libqmi-glib5:arm64 depends on libglib2.0-0 (>= 2.54.0). 97s libpolkit-gobject-1-0:arm64 depends on libglib2.0-0 (>= 2.38.0). 97s libpolkit-agent-1-0:arm64 depends on libglib2.0-0 (>= 2.38.0). 97s libnetplan0:arm64 depends on libglib2.0-0 (>= 2.75.3). 97s libmm-glib0:arm64 depends on libglib2.0-0 (>= 2.62.0). 97s libmbim-proxy depends on libglib2.0-0 (>= 2.56). 97s libmbim-glib4:arm64 depends on libglib2.0-0 (>= 2.56). 97s libjson-glib-1.0-0:arm64 depends on libglib2.0-0 (>= 2.75.3). 97s libjcat1:arm64 depends on libglib2.0-0 (>= 2.75.3). 97s libgusb2:arm64 depends on libglib2.0-0 (>= 2.75.3). 97s libgudev-1.0-0:arm64 depends on libglib2.0-0 (>= 2.38.0). 97s libgirepository-1.0-1:arm64 depends on libglib2.0-0 (>= 2.79.0). 97s libfwupd2:arm64 depends on libglib2.0-0 (>= 2.79.0). 97s libblockdev3:arm64 depends on libglib2.0-0 (>= 2.42.2). 97s libblockdev-utils3:arm64 depends on libglib2.0-0 (>= 2.75.3). 97s libblockdev-swap3:arm64 depends on libglib2.0-0 (>= 2.42.2). 97s libblockdev-part3:arm64 depends on libglib2.0-0 (>= 2.42.2). 97s libblockdev-nvme3:arm64 depends on libglib2.0-0 (>= 2.42.2). 97s libblockdev-mdraid3:arm64 depends on libglib2.0-0 (>= 2.42.2). 97s libblockdev-loop3:arm64 depends on libglib2.0-0 (>= 2.42.2). 97s libblockdev-fs3:arm64 depends on libglib2.0-0 (>= 2.42.2). 97s libblockdev-crypto3:arm64 depends on libglib2.0-0 (>= 2.42.2). 97s fwupd depends on libglib2.0-0 (>= 2.79.0). 97s bolt depends on libglib2.0-0 (>= 2.56.0). 97s 97s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74662 files and directories currently installed.) 97s Removing libglib2.0-0:arm64 (2.79.2-1~ubuntu1) ... 98s Selecting previously unselected package libglib2.0-0t64:arm64. 98s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74637 files and directories currently installed.) 98s Preparing to unpack .../00-libglib2.0-0t64_2.79.3-3ubuntu3_arm64.deb ... 98s libglib2.0-0t64.preinst: Removing /var/lib/dpkg/info/libglib2.0-0:arm64.postrm to avoid loss of /usr/share/glib-2.0/schemas/gschemas.compiled... 98s removed '/var/lib/dpkg/info/libglib2.0-0:arm64.postrm' 98s Unpacking libglib2.0-0t64:arm64 (2.79.3-3ubuntu3) ... 98s Preparing to unpack .../01-dbus-session-bus-common_1.14.10-4ubuntu2_all.deb ... 98s Unpacking dbus-session-bus-common (1.14.10-4ubuntu2) over (1.14.10-4ubuntu1) ... 98s Preparing to unpack .../02-dbus-user-session_1.14.10-4ubuntu2_arm64.deb ... 98s Unpacking dbus-user-session (1.14.10-4ubuntu2) over (1.14.10-4ubuntu1) ... 98s Preparing to unpack .../03-dbus-daemon_1.14.10-4ubuntu2_arm64.deb ... 98s Unpacking dbus-daemon (1.14.10-4ubuntu2) over (1.14.10-4ubuntu1) ... 98s Preparing to unpack .../04-dbus-bin_1.14.10-4ubuntu2_arm64.deb ... 98s Unpacking dbus-bin (1.14.10-4ubuntu2) over (1.14.10-4ubuntu1) ... 98s Preparing to unpack .../05-dbus-system-bus-common_1.14.10-4ubuntu2_all.deb ... 98s Unpacking dbus-system-bus-common (1.14.10-4ubuntu2) over (1.14.10-4ubuntu1) ... 99s Preparing to unpack .../06-dbus_1.14.10-4ubuntu2_arm64.deb ... 99s Unpacking dbus (1.14.10-4ubuntu2) over (1.14.10-4ubuntu1) ... 99s Preparing to unpack .../07-libdbus-1-3_1.14.10-4ubuntu2_arm64.deb ... 99s Unpacking libdbus-1-3:arm64 (1.14.10-4ubuntu2) over (1.14.10-4ubuntu1) ... 99s Preparing to unpack .../08-libglib2.0-data_2.79.3-3ubuntu3_all.deb ... 99s Unpacking libglib2.0-data (2.79.3-3ubuntu3) over (2.79.2-1~ubuntu1) ... 99s Preparing to unpack .../09-ubuntu-minimal_1.535_arm64.deb ... 99s Unpacking ubuntu-minimal (1.535) over (1.534) ... 99s Selecting previously unselected package xdg-user-dirs. 99s Preparing to unpack .../10-xdg-user-dirs_0.18-1_arm64.deb ... 99s Unpacking xdg-user-dirs (0.18-1) ... 99s Selecting previously unselected package libnuma1:arm64. 99s Preparing to unpack .../11-libnuma1_2.0.18-1_arm64.deb ... 99s Unpacking libnuma1:arm64 (2.0.18-1) ... 99s Preparing to unpack .../12-ubuntu-standard_1.535_arm64.deb ... 99s Unpacking ubuntu-standard (1.535) over (1.534) ... 99s Preparing to unpack .../13-efibootmgr_18-1build1_arm64.deb ... 99s Unpacking efibootmgr (18-1build1) over (18-1) ... 99s Selecting previously unselected package libsensors-config. 100s Preparing to unpack .../14-libsensors-config_1%3a3.6.0-9_all.deb ... 100s Unpacking libsensors-config (1:3.6.0-9) ... 100s Selecting previously unselected package libsensors5:arm64. 100s Preparing to unpack .../15-libsensors5_1%3a3.6.0-9_arm64.deb ... 100s Unpacking libsensors5:arm64 (1:3.6.0-9) ... 100s Selecting previously unselected package numactl. 100s Preparing to unpack .../16-numactl_2.0.18-1_arm64.deb ... 100s Unpacking numactl (2.0.18-1) ... 100s Selecting previously unselected package sysstat. 100s Preparing to unpack .../17-sysstat_12.6.1-1ubuntu1_arm64.deb ... 100s Unpacking sysstat (12.6.1-1ubuntu1) ... 100s Setting up efibootmgr (18-1build1) ... 100s Setting up ubuntu-minimal (1.535) ... 100s Setting up xdg-user-dirs (0.18-1) ... 100s Setting up libsensors-config (1:3.6.0-9) ... 100s Setting up ubuntu-standard (1.535) ... 100s Setting up libglib2.0-0t64:arm64 (2.79.3-3ubuntu3) ... 101s No schema files found: doing nothing. 101s Setting up libglib2.0-data (2.79.3-3ubuntu3) ... 101s Setting up libdbus-1-3:arm64 (1.14.10-4ubuntu2) ... 101s Setting up gir1.2-glib-2.0:arm64 (2.79.3-3ubuntu3) ... 101s Setting up libsensors5:arm64 (1:3.6.0-9) ... 101s Setting up libnuma1:arm64 (2.0.18-1) ... 101s Setting up dbus-session-bus-common (1.14.10-4ubuntu2) ... 101s Setting up dbus-system-bus-common (1.14.10-4ubuntu2) ... 101s Setting up sysstat (12.6.1-1ubuntu1) ... 101s 101s Creating config file /etc/default/sysstat with new version 101s update-alternatives: using /usr/bin/sar.sysstat to provide /usr/bin/sar (sar) in auto mode 102s Created symlink /etc/systemd/system/sysstat.service.wants/sysstat-collect.timer → /usr/lib/systemd/system/sysstat-collect.timer. 103s Created symlink /etc/systemd/system/sysstat.service.wants/sysstat-summary.timer → /usr/lib/systemd/system/sysstat-summary.timer. 103s Created symlink /etc/systemd/system/multi-user.target.wants/sysstat.service → /usr/lib/systemd/system/sysstat.service. 105s Setting up dbus-bin (1.14.10-4ubuntu2) ... 105s Setting up numactl (2.0.18-1) ... 105s Setting up dbus-daemon (1.14.10-4ubuntu2) ... 105s Setting up dbus-user-session (1.14.10-4ubuntu2) ... 105s Setting up dbus (1.14.10-4ubuntu2) ... 105s A reboot is required to replace the running dbus-daemon. 105s Please reboot the system when convenient. 105s Processing triggers for man-db (2.12.0-3) ... 106s Processing triggers for libc-bin (2.39-0ubuntu2) ... 107s Reading package lists... 107s Building dependency tree... 107s Reading state information... 107s The following packages will be REMOVED: 107s ubuntu-advantage-tools* 108s 0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded. 108s After this operation, 71.7 kB disk space will be freed. 108s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74769 files and directories currently installed.) 108s Removing ubuntu-advantage-tools (31.1) ... 108s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74763 files and directories currently installed.) 108s Purging configuration files for ubuntu-advantage-tools (31.1) ... 109s sh: Attempting to set up Debian/Ubuntu apt sources automatically 109s sh: Distribution appears to be Ubuntu 109s Reading package lists... 110s Building dependency tree... 110s Reading state information... 110s eatmydata is already the newest version (131-1). 110s dbus is already the newest version (1.14.10-4ubuntu2). 110s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 110s Reading package lists... 111s Building dependency tree... 111s Reading state information... 111s rng-tools-debian is already the newest version (2.4). 111s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 111s Reading package lists... 112s Building dependency tree... 112s Reading state information... 112s haveged is already the newest version (1.9.14-1ubuntu1). 112s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 113s Reading package lists... 113s Building dependency tree... 113s Reading state information... 113s The following packages will be REMOVED: 113s cloud-init* python3-configobj* python3-debconf* 114s 0 upgraded, 0 newly installed, 3 to remove and 0 not upgraded. 114s After this operation, 3248 kB disk space will be freed. 114s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74762 files and directories currently installed.) 114s Removing cloud-init (24.1-0ubuntu1) ... 114s Removing python3-configobj (5.0.8-3) ... 114s Removing python3-debconf (1.5.86) ... 114s Processing triggers for man-db (2.12.0-3) ... 115s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74373 files and directories currently installed.) 115s Purging configuration files for cloud-init (24.1-0ubuntu1) ... 116s dpkg: warning: while removing cloud-init, directory '/etc/cloud/cloud.cfg.d' not empty so not removed 116s Processing triggers for rsyslog (8.2312.0-3ubuntu3) ... 117s Reading package lists... 117s Building dependency tree... 117s Reading state information... 118s linux-generic is already the newest version (6.8.0-11.11+1). 118s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 118s Hit:1 http://ftpmaster.internal/ubuntu noble InRelease 118s Hit:2 http://ftpmaster.internal/ubuntu noble-updates InRelease 118s Hit:3 http://ftpmaster.internal/ubuntu noble-security InRelease 118s Hit:4 http://ftpmaster.internal/ubuntu noble-proposed InRelease 120s Reading package lists... 120s Reading package lists... 121s Building dependency tree... 121s Reading state information... 121s Calculating upgrade... 121s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 122s Reading package lists... 122s Building dependency tree... 122s Reading state information... 122s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 123s autopkgtest [15:19:56]: rebooting testbed after setup commands that affected boot 332s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 338s autopkgtest [15:23:31]: testbed running kernel: Linux 6.8.0-11-generic #11-Ubuntu SMP PREEMPT_DYNAMIC Wed Feb 14 02:53:31 UTC 2024 338s autopkgtest [15:23:31]: testbed dpkg architecture: arm64 340s autopkgtest [15:23:33]: @@@@@@@@@@@@@@@@@@@@ apt-source sssd 351s Get:1 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (dsc) [5269 B] 351s Get:2 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (tar) [7983 kB] 351s Get:3 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (asc) [833 B] 351s Get:4 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (diff) [48.4 kB] 351s gpgv: Signature made Mon Feb 26 21:56:54 2024 UTC 351s gpgv: using RSA key E92FD0B36B14F1F4D8E0EB2F106DA1C8C3CBBF14 351s gpgv: Can't check signature: No public key 351s dpkg-source: warning: cannot verify inline signature for ./sssd_2.9.4-1ubuntu1.dsc: no acceptable signature found 352s autopkgtest [15:23:45]: testing package sssd version 2.9.4-1ubuntu1 352s autopkgtest [15:23:45]: build not needed 355s autopkgtest [15:23:48]: test ldap-user-group-ldap-auth: preparing testbed 359s Reading package lists... 359s Building dependency tree... 359s Reading state information... 360s Correcting dependencies...Starting pkgProblemResolver with broken count: 0 360s Starting 2 pkgProblemResolver with broken count: 0 360s Done 360s Done 360s Starting pkgProblemResolver with broken count: 0 360s Starting 2 pkgProblemResolver with broken count: 0 360s Done 361s The following additional packages will be installed: 361s expect ldap-utils libavahi-client3 libavahi-common-data libavahi-common3 361s libbasicobjects0 libc-ares2 libcollection4 libcrack2 libdhash1 361s libevent-2.1-7 libini-config5 libipa-hbac-dev libipa-hbac0 libjose0 libkrad0 361s libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo libodbc2 361s libpam-pwquality libpam-sss libpath-utils1 libpwquality-common libpwquality1 361s libref-array1 libsmbclient libsss-certmap-dev libsss-certmap0 361s libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev libsss-nss-idmap0 361s libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0 libverto-libevent1 361s libverto1 libwbclient0 python3-libipa-hbac python3-libsss-nss-idmap 361s python3-sss samba-libs slapd sssd sssd-ad sssd-ad-common sssd-common 361s sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 sssd-krb5-common sssd-ldap 361s sssd-passkey sssd-proxy sssd-tools tcl-expect tcl8.6 361s Suggested packages: 361s tk8.6 libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal 361s odbc-postgresql tdsodbc adcli libsasl2-modules-ldap tcl-tclreadline 361s Recommended packages: 361s cracklib-runtime libsasl2-modules-gssapi-mit 361s | libsasl2-modules-gssapi-heimdal 361s The following NEW packages will be installed: 361s expect ldap-utils libavahi-client3 libavahi-common-data libavahi-common3 361s libbasicobjects0 libc-ares2 libcollection4 libcrack2 libdhash1 361s libevent-2.1-7 libini-config5 libipa-hbac-dev libipa-hbac0 libjose0 libkrad0 361s libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo libodbc2 361s libpam-pwquality libpam-sss libpath-utils1 libpwquality-common libpwquality1 361s libref-array1 libsmbclient libsss-certmap-dev libsss-certmap0 361s libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev libsss-nss-idmap0 361s libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0 libverto-libevent1 361s libverto1 libwbclient0 python3-libipa-hbac python3-libsss-nss-idmap 361s python3-sss samba-libs slapd sssd sssd-ad sssd-ad-common sssd-common 361s sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 sssd-krb5-common sssd-ldap 361s sssd-passkey sssd-proxy sssd-tools tcl-expect tcl8.6 361s 0 upgraded, 64 newly installed, 0 to remove and 0 not upgraded. 361s 1 not fully installed or removed. 361s Need to get 12.6 MB of archives. 361s After this operation, 59.9 MB of additional disk space will be used. 361s Get:1 http://ftpmaster.internal/ubuntu noble/main arm64 libtalloc2 arm64 2.4.2-1 [26.6 kB] 361s Get:2 http://ftpmaster.internal/ubuntu noble/main arm64 libtdb1 arm64 1.4.10-1 [48.4 kB] 362s Get:3 http://ftpmaster.internal/ubuntu noble/main arm64 libtevent0 arm64 0.16.1-1 [41.8 kB] 362s Get:4 http://ftpmaster.internal/ubuntu noble/main arm64 libldb2 arm64 2:2.8.0+samba4.19.5+dfsg-1ubuntu1 [187 kB] 362s Get:5 http://ftpmaster.internal/ubuntu noble/main arm64 python3-sss arm64 2.9.4-1ubuntu1 [46.5 kB] 362s Get:6 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-idmap0 arm64 2.9.4-1ubuntu1 [21.8 kB] 362s Get:7 http://ftpmaster.internal/ubuntu noble/main arm64 libnss-sss arm64 2.9.4-1ubuntu1 [31.7 kB] 362s Get:8 http://ftpmaster.internal/ubuntu noble/main arm64 libcrack2 arm64 2.9.6-5.1 [28.7 kB] 362s Get:9 http://ftpmaster.internal/ubuntu noble/main arm64 libpwquality-common all 1.4.5-3 [7658 B] 362s Get:10 http://ftpmaster.internal/ubuntu noble/main arm64 libpwquality1 arm64 1.4.5-3 [13.2 kB] 362s Get:11 http://ftpmaster.internal/ubuntu noble/main arm64 libpam-pwquality arm64 1.4.5-3 [11.6 kB] 362s Get:12 http://ftpmaster.internal/ubuntu noble/main arm64 libpam-sss arm64 2.9.4-1ubuntu1 [48.8 kB] 362s Get:13 http://ftpmaster.internal/ubuntu noble/main arm64 libc-ares2 arm64 1.27.0-1 [74.1 kB] 362s Get:14 http://ftpmaster.internal/ubuntu noble/main arm64 libdhash1 arm64 0.6.2-2 [8540 B] 362s Get:15 http://ftpmaster.internal/ubuntu noble/main arm64 libbasicobjects0 arm64 0.6.2-2 [5586 B] 362s Get:16 http://ftpmaster.internal/ubuntu noble/main arm64 libcollection4 arm64 0.6.2-2 [23.0 kB] 362s Get:17 http://ftpmaster.internal/ubuntu noble/main arm64 libpath-utils1 arm64 0.6.2-2 [8722 B] 362s Get:18 http://ftpmaster.internal/ubuntu noble/main arm64 libref-array1 arm64 0.6.2-2 [7042 B] 362s Get:19 http://ftpmaster.internal/ubuntu noble/main arm64 libini-config5 arm64 0.6.2-2 [43.7 kB] 362s Get:20 http://ftpmaster.internal/ubuntu noble/main arm64 libnfsidmap1 arm64 1:2.6.3-3ubuntu1 [47.1 kB] 362s Get:21 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-certmap0 arm64 2.9.4-1ubuntu1 [45.8 kB] 362s Get:22 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-nss-idmap0 arm64 2.9.4-1ubuntu1 [30.3 kB] 362s Get:23 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-common arm64 2.9.4-1ubuntu1 [1147 kB] 362s Get:24 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-common-data arm64 0.8-13ubuntu2 [29.5 kB] 362s Get:25 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-common3 arm64 0.8-13ubuntu2 [23.2 kB] 362s Get:26 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-client3 arm64 0.8-13ubuntu2 [27.3 kB] 362s Get:27 http://ftpmaster.internal/ubuntu noble/main arm64 libwbclient0 arm64 2:4.19.5+dfsg-1ubuntu1 [70.6 kB] 362s Get:28 http://ftpmaster.internal/ubuntu noble/main arm64 samba-libs arm64 2:4.19.5+dfsg-1ubuntu1 [6061 kB] 362s Get:29 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ad-common arm64 2.9.4-1ubuntu1 [75.4 kB] 362s Get:30 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-krb5-common arm64 2.9.4-1ubuntu1 [87.9 kB] 362s Get:31 http://ftpmaster.internal/ubuntu noble/main arm64 libsmbclient arm64 2:4.19.5+dfsg-1ubuntu1 [62.2 kB] 362s Get:32 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ad arm64 2.9.4-1ubuntu1 [134 kB] 362s Get:33 http://ftpmaster.internal/ubuntu noble/main arm64 libipa-hbac0 arm64 2.9.4-1ubuntu1 [16.7 kB] 362s Get:34 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ipa arm64 2.9.4-1ubuntu1 [220 kB] 362s Get:35 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-krb5 arm64 2.9.4-1ubuntu1 [14.3 kB] 362s Get:36 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ldap arm64 2.9.4-1ubuntu1 [31.3 kB] 362s Get:37 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-proxy arm64 2.9.4-1ubuntu1 [44.6 kB] 362s Get:38 http://ftpmaster.internal/ubuntu noble/main arm64 sssd arm64 2.9.4-1ubuntu1 [4120 B] 362s Get:39 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-dbus arm64 2.9.4-1ubuntu1 [103 kB] 362s Get:40 http://ftpmaster.internal/ubuntu noble/universe arm64 libjose0 arm64 11-3 [44.1 kB] 362s Get:41 http://ftpmaster.internal/ubuntu noble/main arm64 libevent-2.1-7 arm64 2.1.12-stable-9 [138 kB] 362s Get:42 http://ftpmaster.internal/ubuntu noble/main arm64 libverto-libevent1 arm64 0.3.1-1ubuntu5 [5848 B] 362s Get:43 http://ftpmaster.internal/ubuntu noble/main arm64 libverto1 arm64 0.3.1-1ubuntu5 [10.2 kB] 362s Get:44 http://ftpmaster.internal/ubuntu noble/main arm64 libkrad0 arm64 1.20.1-5build1 [22.1 kB] 362s Get:45 http://ftpmaster.internal/ubuntu noble/universe arm64 sssd-idp arm64 2.9.4-1ubuntu1 [27.9 kB] 362s Get:46 http://ftpmaster.internal/ubuntu noble/universe arm64 sssd-kcm arm64 2.9.4-1ubuntu1 [139 kB] 362s Get:47 http://ftpmaster.internal/ubuntu noble/universe arm64 sssd-passkey arm64 2.9.4-1ubuntu1 [32.7 kB] 362s Get:48 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-tools arm64 2.9.4-1ubuntu1 [97.5 kB] 362s Get:49 http://ftpmaster.internal/ubuntu noble/main arm64 libipa-hbac-dev arm64 2.9.4-1ubuntu1 [6660 B] 362s Get:50 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-certmap-dev arm64 2.9.4-1ubuntu1 [5722 B] 362s Get:51 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-idmap-dev arm64 2.9.4-1ubuntu1 [8380 B] 362s Get:52 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-nss-idmap-dev arm64 2.9.4-1ubuntu1 [6714 B] 362s Get:53 http://ftpmaster.internal/ubuntu noble/universe arm64 libnss-sudo all 1.9.15p5-3ubuntu1 [14.9 kB] 362s Get:54 http://ftpmaster.internal/ubuntu noble/universe arm64 libsss-sudo arm64 2.9.4-1ubuntu1 [20.4 kB] 362s Get:55 http://ftpmaster.internal/ubuntu noble/universe arm64 python3-libipa-hbac arm64 2.9.4-1ubuntu1 [16.6 kB] 362s Get:56 http://ftpmaster.internal/ubuntu noble/universe arm64 python3-libsss-nss-idmap arm64 2.9.4-1ubuntu1 [9160 B] 362s Get:57 http://ftpmaster.internal/ubuntu noble/main arm64 libltdl7 arm64 2.4.7-7 [40.3 kB] 362s Get:58 http://ftpmaster.internal/ubuntu noble/main arm64 libodbc2 arm64 2.3.12-1 [144 kB] 362s Get:59 http://ftpmaster.internal/ubuntu noble/main arm64 slapd arm64 2.6.7+dfsg-1~exp1ubuntu1 [1515 kB] 362s Get:60 http://ftpmaster.internal/ubuntu noble/main arm64 ldap-utils arm64 2.6.7+dfsg-1~exp1ubuntu1 [149 kB] 362s Get:61 http://ftpmaster.internal/ubuntu noble/main arm64 libtcl8.6 arm64 8.6.13+dfsg-2 [980 kB] 362s Get:62 http://ftpmaster.internal/ubuntu noble/main arm64 tcl8.6 arm64 8.6.13+dfsg-2 [14.6 kB] 362s Get:63 http://ftpmaster.internal/ubuntu noble/universe arm64 tcl-expect arm64 5.45.4-2build1 [103 kB] 362s Get:64 http://ftpmaster.internal/ubuntu noble/universe arm64 expect arm64 5.45.4-2build1 [137 kB] 363s Preconfiguring packages ... 363s Fetched 12.6 MB in 1s (10.1 MB/s) 363s Selecting previously unselected package libtalloc2:arm64. 363s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74318 files and directories currently installed.) 363s Preparing to unpack .../00-libtalloc2_2.4.2-1_arm64.deb ... 363s Unpacking libtalloc2:arm64 (2.4.2-1) ... 363s Selecting previously unselected package libtdb1:arm64. 363s Preparing to unpack .../01-libtdb1_1.4.10-1_arm64.deb ... 363s Unpacking libtdb1:arm64 (1.4.10-1) ... 363s Selecting previously unselected package libtevent0:arm64. 363s Preparing to unpack .../02-libtevent0_0.16.1-1_arm64.deb ... 363s Unpacking libtevent0:arm64 (0.16.1-1) ... 363s Selecting previously unselected package libldb2:arm64. 363s Preparing to unpack .../03-libldb2_2%3a2.8.0+samba4.19.5+dfsg-1ubuntu1_arm64.deb ... 363s Unpacking libldb2:arm64 (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 363s Selecting previously unselected package python3-sss. 363s Preparing to unpack .../04-python3-sss_2.9.4-1ubuntu1_arm64.deb ... 363s Unpacking python3-sss (2.9.4-1ubuntu1) ... 363s Selecting previously unselected package libsss-idmap0. 363s Preparing to unpack .../05-libsss-idmap0_2.9.4-1ubuntu1_arm64.deb ... 363s Unpacking libsss-idmap0 (2.9.4-1ubuntu1) ... 363s Selecting previously unselected package libnss-sss:arm64. 364s Preparing to unpack .../06-libnss-sss_2.9.4-1ubuntu1_arm64.deb ... 364s Unpacking libnss-sss:arm64 (2.9.4-1ubuntu1) ... 364s Selecting previously unselected package libcrack2:arm64. 364s Preparing to unpack .../07-libcrack2_2.9.6-5.1_arm64.deb ... 364s Unpacking libcrack2:arm64 (2.9.6-5.1) ... 364s Selecting previously unselected package libpwquality-common. 364s Preparing to unpack .../08-libpwquality-common_1.4.5-3_all.deb ... 364s Unpacking libpwquality-common (1.4.5-3) ... 364s Selecting previously unselected package libpwquality1:arm64. 364s Preparing to unpack .../09-libpwquality1_1.4.5-3_arm64.deb ... 364s Unpacking libpwquality1:arm64 (1.4.5-3) ... 364s Selecting previously unselected package libpam-pwquality:arm64. 364s Preparing to unpack .../10-libpam-pwquality_1.4.5-3_arm64.deb ... 364s Unpacking libpam-pwquality:arm64 (1.4.5-3) ... 364s Selecting previously unselected package libpam-sss:arm64. 364s Preparing to unpack .../11-libpam-sss_2.9.4-1ubuntu1_arm64.deb ... 364s Unpacking libpam-sss:arm64 (2.9.4-1ubuntu1) ... 364s Selecting previously unselected package libc-ares2:arm64. 364s Preparing to unpack .../12-libc-ares2_1.27.0-1_arm64.deb ... 364s Unpacking libc-ares2:arm64 (1.27.0-1) ... 364s Selecting previously unselected package libdhash1:arm64. 364s Preparing to unpack .../13-libdhash1_0.6.2-2_arm64.deb ... 364s Unpacking libdhash1:arm64 (0.6.2-2) ... 364s Selecting previously unselected package libbasicobjects0:arm64. 364s Preparing to unpack .../14-libbasicobjects0_0.6.2-2_arm64.deb ... 364s Unpacking libbasicobjects0:arm64 (0.6.2-2) ... 364s Selecting previously unselected package libcollection4:arm64. 364s Preparing to unpack .../15-libcollection4_0.6.2-2_arm64.deb ... 364s Unpacking libcollection4:arm64 (0.6.2-2) ... 364s Selecting previously unselected package libpath-utils1:arm64. 364s Preparing to unpack .../16-libpath-utils1_0.6.2-2_arm64.deb ... 364s Unpacking libpath-utils1:arm64 (0.6.2-2) ... 364s Selecting previously unselected package libref-array1:arm64. 364s Preparing to unpack .../17-libref-array1_0.6.2-2_arm64.deb ... 364s Unpacking libref-array1:arm64 (0.6.2-2) ... 364s Selecting previously unselected package libini-config5:arm64. 364s Preparing to unpack .../18-libini-config5_0.6.2-2_arm64.deb ... 364s Unpacking libini-config5:arm64 (0.6.2-2) ... 364s Selecting previously unselected package libnfsidmap1:arm64. 364s Preparing to unpack .../19-libnfsidmap1_1%3a2.6.3-3ubuntu1_arm64.deb ... 364s Unpacking libnfsidmap1:arm64 (1:2.6.3-3ubuntu1) ... 364s Selecting previously unselected package libsss-certmap0. 364s Preparing to unpack .../20-libsss-certmap0_2.9.4-1ubuntu1_arm64.deb ... 364s Unpacking libsss-certmap0 (2.9.4-1ubuntu1) ... 364s Selecting previously unselected package libsss-nss-idmap0. 364s Preparing to unpack .../21-libsss-nss-idmap0_2.9.4-1ubuntu1_arm64.deb ... 364s Unpacking libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 364s Selecting previously unselected package sssd-common. 364s Preparing to unpack .../22-sssd-common_2.9.4-1ubuntu1_arm64.deb ... 365s Unpacking sssd-common (2.9.4-1ubuntu1) ... 365s Selecting previously unselected package libavahi-common-data:arm64. 365s Preparing to unpack .../23-libavahi-common-data_0.8-13ubuntu2_arm64.deb ... 365s Unpacking libavahi-common-data:arm64 (0.8-13ubuntu2) ... 365s Selecting previously unselected package libavahi-common3:arm64. 365s Preparing to unpack .../24-libavahi-common3_0.8-13ubuntu2_arm64.deb ... 365s Unpacking libavahi-common3:arm64 (0.8-13ubuntu2) ... 365s Selecting previously unselected package libavahi-client3:arm64. 365s Preparing to unpack .../25-libavahi-client3_0.8-13ubuntu2_arm64.deb ... 365s Unpacking libavahi-client3:arm64 (0.8-13ubuntu2) ... 365s Selecting previously unselected package libwbclient0:arm64. 365s Preparing to unpack .../26-libwbclient0_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 365s Unpacking libwbclient0:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 365s Selecting previously unselected package samba-libs:arm64. 365s Preparing to unpack .../27-samba-libs_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 365s Unpacking samba-libs:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 365s Selecting previously unselected package sssd-ad-common. 365s Preparing to unpack .../28-sssd-ad-common_2.9.4-1ubuntu1_arm64.deb ... 365s Unpacking sssd-ad-common (2.9.4-1ubuntu1) ... 365s Selecting previously unselected package sssd-krb5-common. 365s Preparing to unpack .../29-sssd-krb5-common_2.9.4-1ubuntu1_arm64.deb ... 365s Unpacking sssd-krb5-common (2.9.4-1ubuntu1) ... 365s Selecting previously unselected package libsmbclient:arm64. 365s Preparing to unpack .../30-libsmbclient_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 365s Unpacking libsmbclient:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 365s Selecting previously unselected package sssd-ad. 365s Preparing to unpack .../31-sssd-ad_2.9.4-1ubuntu1_arm64.deb ... 365s Unpacking sssd-ad (2.9.4-1ubuntu1) ... 365s Selecting previously unselected package libipa-hbac0. 365s Preparing to unpack .../32-libipa-hbac0_2.9.4-1ubuntu1_arm64.deb ... 365s Unpacking libipa-hbac0 (2.9.4-1ubuntu1) ... 365s Selecting previously unselected package sssd-ipa. 365s Preparing to unpack .../33-sssd-ipa_2.9.4-1ubuntu1_arm64.deb ... 365s Unpacking sssd-ipa (2.9.4-1ubuntu1) ... 366s Selecting previously unselected package sssd-krb5. 366s Preparing to unpack .../34-sssd-krb5_2.9.4-1ubuntu1_arm64.deb ... 366s Unpacking sssd-krb5 (2.9.4-1ubuntu1) ... 366s Selecting previously unselected package sssd-ldap. 366s Preparing to unpack .../35-sssd-ldap_2.9.4-1ubuntu1_arm64.deb ... 366s Unpacking sssd-ldap (2.9.4-1ubuntu1) ... 366s Selecting previously unselected package sssd-proxy. 366s Preparing to unpack .../36-sssd-proxy_2.9.4-1ubuntu1_arm64.deb ... 366s Unpacking sssd-proxy (2.9.4-1ubuntu1) ... 366s Selecting previously unselected package sssd. 366s Preparing to unpack .../37-sssd_2.9.4-1ubuntu1_arm64.deb ... 366s Unpacking sssd (2.9.4-1ubuntu1) ... 366s Selecting previously unselected package sssd-dbus. 366s Preparing to unpack .../38-sssd-dbus_2.9.4-1ubuntu1_arm64.deb ... 366s Unpacking sssd-dbus (2.9.4-1ubuntu1) ... 366s Selecting previously unselected package libjose0:arm64. 367s Preparing to unpack .../39-libjose0_11-3_arm64.deb ... 367s Unpacking libjose0:arm64 (11-3) ... 367s Selecting previously unselected package libevent-2.1-7:arm64. 367s Preparing to unpack .../40-libevent-2.1-7_2.1.12-stable-9_arm64.deb ... 367s Unpacking libevent-2.1-7:arm64 (2.1.12-stable-9) ... 367s Selecting previously unselected package libverto-libevent1:arm64. 367s Preparing to unpack .../41-libverto-libevent1_0.3.1-1ubuntu5_arm64.deb ... 367s Unpacking libverto-libevent1:arm64 (0.3.1-1ubuntu5) ... 367s Selecting previously unselected package libverto1:arm64. 367s Preparing to unpack .../42-libverto1_0.3.1-1ubuntu5_arm64.deb ... 367s Unpacking libverto1:arm64 (0.3.1-1ubuntu5) ... 367s Selecting previously unselected package libkrad0:arm64. 367s Preparing to unpack .../43-libkrad0_1.20.1-5build1_arm64.deb ... 367s Unpacking libkrad0:arm64 (1.20.1-5build1) ... 367s Selecting previously unselected package sssd-idp. 367s Preparing to unpack .../44-sssd-idp_2.9.4-1ubuntu1_arm64.deb ... 367s Unpacking sssd-idp (2.9.4-1ubuntu1) ... 367s Selecting previously unselected package sssd-kcm. 367s Preparing to unpack .../45-sssd-kcm_2.9.4-1ubuntu1_arm64.deb ... 367s Unpacking sssd-kcm (2.9.4-1ubuntu1) ... 367s Selecting previously unselected package sssd-passkey. 367s Preparing to unpack .../46-sssd-passkey_2.9.4-1ubuntu1_arm64.deb ... 367s Unpacking sssd-passkey (2.9.4-1ubuntu1) ... 367s Selecting previously unselected package sssd-tools. 367s Preparing to unpack .../47-sssd-tools_2.9.4-1ubuntu1_arm64.deb ... 367s Unpacking sssd-tools (2.9.4-1ubuntu1) ... 367s Selecting previously unselected package libipa-hbac-dev. 368s Preparing to unpack .../48-libipa-hbac-dev_2.9.4-1ubuntu1_arm64.deb ... 368s Unpacking libipa-hbac-dev (2.9.4-1ubuntu1) ... 368s Selecting previously unselected package libsss-certmap-dev. 368s Preparing to unpack .../49-libsss-certmap-dev_2.9.4-1ubuntu1_arm64.deb ... 368s Unpacking libsss-certmap-dev (2.9.4-1ubuntu1) ... 368s Selecting previously unselected package libsss-idmap-dev. 368s Preparing to unpack .../50-libsss-idmap-dev_2.9.4-1ubuntu1_arm64.deb ... 368s Unpacking libsss-idmap-dev (2.9.4-1ubuntu1) ... 368s Selecting previously unselected package libsss-nss-idmap-dev. 368s Preparing to unpack .../51-libsss-nss-idmap-dev_2.9.4-1ubuntu1_arm64.deb ... 368s Unpacking libsss-nss-idmap-dev (2.9.4-1ubuntu1) ... 368s Selecting previously unselected package libnss-sudo. 368s Preparing to unpack .../52-libnss-sudo_1.9.15p5-3ubuntu1_all.deb ... 368s Unpacking libnss-sudo (1.9.15p5-3ubuntu1) ... 368s Selecting previously unselected package libsss-sudo. 368s Preparing to unpack .../53-libsss-sudo_2.9.4-1ubuntu1_arm64.deb ... 368s Unpacking libsss-sudo (2.9.4-1ubuntu1) ... 368s Selecting previously unselected package python3-libipa-hbac. 368s Preparing to unpack .../54-python3-libipa-hbac_2.9.4-1ubuntu1_arm64.deb ... 368s Unpacking python3-libipa-hbac (2.9.4-1ubuntu1) ... 368s Selecting previously unselected package python3-libsss-nss-idmap. 368s Preparing to unpack .../55-python3-libsss-nss-idmap_2.9.4-1ubuntu1_arm64.deb ... 368s Unpacking python3-libsss-nss-idmap (2.9.4-1ubuntu1) ... 368s Selecting previously unselected package libltdl7:arm64. 368s Preparing to unpack .../56-libltdl7_2.4.7-7_arm64.deb ... 368s Unpacking libltdl7:arm64 (2.4.7-7) ... 368s Selecting previously unselected package libodbc2:arm64. 368s Preparing to unpack .../57-libodbc2_2.3.12-1_arm64.deb ... 368s Unpacking libodbc2:arm64 (2.3.12-1) ... 368s Selecting previously unselected package slapd. 368s Preparing to unpack .../58-slapd_2.6.7+dfsg-1~exp1ubuntu1_arm64.deb ... 369s Unpacking slapd (2.6.7+dfsg-1~exp1ubuntu1) ... 369s Selecting previously unselected package ldap-utils. 369s Preparing to unpack .../59-ldap-utils_2.6.7+dfsg-1~exp1ubuntu1_arm64.deb ... 369s Unpacking ldap-utils (2.6.7+dfsg-1~exp1ubuntu1) ... 369s Selecting previously unselected package libtcl8.6:arm64. 369s Preparing to unpack .../60-libtcl8.6_8.6.13+dfsg-2_arm64.deb ... 369s Unpacking libtcl8.6:arm64 (8.6.13+dfsg-2) ... 369s Selecting previously unselected package tcl8.6. 369s Preparing to unpack .../61-tcl8.6_8.6.13+dfsg-2_arm64.deb ... 369s Unpacking tcl8.6 (8.6.13+dfsg-2) ... 369s Selecting previously unselected package tcl-expect:arm64. 369s Preparing to unpack .../62-tcl-expect_5.45.4-2build1_arm64.deb ... 369s Unpacking tcl-expect:arm64 (5.45.4-2build1) ... 369s Selecting previously unselected package expect. 369s Preparing to unpack .../63-expect_5.45.4-2build1_arm64.deb ... 369s Unpacking expect (5.45.4-2build1) ... 369s Setting up libpwquality-common (1.4.5-3) ... 369s Setting up libpath-utils1:arm64 (0.6.2-2) ... 369s Setting up libnfsidmap1:arm64 (1:2.6.3-3ubuntu1) ... 369s Setting up libsss-idmap0 (2.9.4-1ubuntu1) ... 369s Setting up libbasicobjects0:arm64 (0.6.2-2) ... 369s Setting up libsss-idmap-dev (2.9.4-1ubuntu1) ... 369s Setting up libtdb1:arm64 (1.4.10-1) ... 369s Setting up libc-ares2:arm64 (1.27.0-1) ... 369s Setting up ldap-utils (2.6.7+dfsg-1~exp1ubuntu1) ... 369s Setting up libjose0:arm64 (11-3) ... 369s Setting up libwbclient0:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 369s Setting up libtalloc2:arm64 (2.4.2-1) ... 369s Setting up libdhash1:arm64 (0.6.2-2) ... 369s Setting up libtevent0:arm64 (0.16.1-1) ... 369s Setting up libavahi-common-data:arm64 (0.8-13ubuntu2) ... 369s Setting up libevent-2.1-7:arm64 (2.1.12-stable-9) ... 369s Setting up libtcl8.6:arm64 (8.6.13+dfsg-2) ... 369s Setting up libltdl7:arm64 (2.4.7-7) ... 369s Setting up libcrack2:arm64 (2.9.6-5.1) ... 369s Setting up libcollection4:arm64 (0.6.2-2) ... 369s Setting up libodbc2:arm64 (2.3.12-1) ... 369s Setting up libipa-hbac0 (2.9.4-1ubuntu1) ... 369s Setting up python3-libipa-hbac (2.9.4-1ubuntu1) ... 369s Setting up libref-array1:arm64 (0.6.2-2) ... 369s Setting up libnss-sudo (1.9.15p5-3ubuntu1) ... 369s Setting up libldb2:arm64 (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 369s Setting up libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 369s Setting up libnss-sss:arm64 (2.9.4-1ubuntu1) ... 369s Setting up slapd (2.6.7+dfsg-1~exp1ubuntu1) ... 370s Creating new user openldap... done. 370s Creating initial configuration... done. 370s Creating LDAP directory... done. 370s Setting up tcl8.6 (8.6.13+dfsg-2) ... 370s Setting up libsss-sudo (2.9.4-1ubuntu1) ... 370s Setting up libsss-nss-idmap-dev (2.9.4-1ubuntu1) ... 370s Setting up libipa-hbac-dev (2.9.4-1ubuntu1) ... 370s Setting up libini-config5:arm64 (0.6.2-2) ... 370s Setting up libavahi-common3:arm64 (0.8-13ubuntu2) ... 370s Setting up tcl-expect:arm64 (5.45.4-2build1) ... 370s Setting up python3-sss (2.9.4-1ubuntu1) ... 370s Setting up libsss-certmap0 (2.9.4-1ubuntu1) ... 370s Setting up libpwquality1:arm64 (1.4.5-3) ... 370s Setting up python3-libsss-nss-idmap (2.9.4-1ubuntu1) ... 370s Setting up libavahi-client3:arm64 (0.8-13ubuntu2) ... 370s Setting up expect (5.45.4-2build1) ... 371s Setting up libpam-pwquality:arm64 (1.4.5-3) ... 371s Setting up samba-libs:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 371s Setting up libsss-certmap-dev (2.9.4-1ubuntu1) ... 371s Setting up libsmbclient:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 371s Setting up libpam-sss:arm64 (2.9.4-1ubuntu1) ... 371s Setting up sssd-common (2.9.4-1ubuntu1) ... 371s Creating SSSD system user & group... 371s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 371s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 371s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 371s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 372s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 372s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 372s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 372s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 372s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 373s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 373s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 373s sssd-autofs.service is a disabled or a static unit, not starting it. 373s sssd-nss.service is a disabled or a static unit, not starting it. 373s sssd-pam.service is a disabled or a static unit, not starting it. 374s sssd-ssh.service is a disabled or a static unit, not starting it. 374s sssd-sudo.service is a disabled or a static unit, not starting it. 374s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 374s Setting up sssd-proxy (2.9.4-1ubuntu1) ... 374s Setting up sssd-kcm (2.9.4-1ubuntu1) ... 374s Created symlink /etc/systemd/system/sockets.target.wants/sssd-kcm.socket → /usr/lib/systemd/system/sssd-kcm.socket. 374s sssd-kcm.service is a disabled or a static unit, not starting it. 374s Setting up sssd-dbus (2.9.4-1ubuntu1) ... 374s sssd-ifp.service is a disabled or a static unit, not starting it. 374s Setting up sssd-ad-common (2.9.4-1ubuntu1) ... 375s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 375s sssd-pac.service is a disabled or a static unit, not starting it. 375s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 375s Setting up sssd-krb5-common (2.9.4-1ubuntu1) ... 375s Setting up sssd-krb5 (2.9.4-1ubuntu1) ... 375s Setting up sssd-ldap (2.9.4-1ubuntu1) ... 375s Setting up sssd-ad (2.9.4-1ubuntu1) ... 375s Setting up sssd-tools (2.9.4-1ubuntu1) ... 375s Setting up sssd-ipa (2.9.4-1ubuntu1) ... 375s Setting up sssd (2.9.4-1ubuntu1) ... 375s Setting up libverto-libevent1:arm64 (0.3.1-1ubuntu5) ... 375s Setting up libverto1:arm64 (0.3.1-1ubuntu5) ... 375s Setting up libkrad0:arm64 (1.20.1-5build1) ... 375s Setting up sssd-passkey (2.9.4-1ubuntu1) ... 375s Setting up sssd-idp (2.9.4-1ubuntu1) ... 375s Setting up autopkgtest-satdep (0) ... 375s Processing triggers for libc-bin (2.39-0ubuntu2) ... 375s Processing triggers for ufw (0.36.2-5) ... 375s Processing triggers for man-db (2.12.0-3) ... 377s Processing triggers for dbus (1.14.10-4ubuntu2) ... 386s (Reading database ... 75603 files and directories currently installed.) 386s Removing autopkgtest-satdep (0) ... 387s autopkgtest [15:24:20]: test ldap-user-group-ldap-auth: [----------------------- 388s + . debian/tests/util 388s + . debian/tests/common-tests 388s + mydomain=example.com 388s + myhostname=ldap.example.com 388s + mysuffix=dc=example,dc=com 388s + admin_dn=cn=admin,dc=example,dc=com 388s + admin_pw=secret 388s + ldap_user=testuser1 388s + ldap_user_pw=testuser1secret 388s + ldap_group=ldapusers 388s + adjust_hostname ldap.example.com 388s + local myhostname=ldap.example.com 388s + echo ldap.example.com 388s + hostname ldap.example.com 388s + grep -qE ldap.example.com /etc/hosts 388s + echo 127.0.1.10 ldap.example.com 388s + reconfigure_slapd 388s + debconf-set-selections 388s + rm -rf /var/backups/*slapd* /var/backups/unknown*ldapdb 388s + dpkg-reconfigure -fnoninteractive -pcritical slapd 389s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1... done. 389s Moving old database directory to /var/backups: 389s - directory unknown... done. 389s Creating initial configuration... done. 389s Creating LDAP directory... done. 389s + generate_certs ldap.example.com 389s + local cn=ldap.example.com 389s + local cert=/etc/ldap/server.pem 389s + local key=/etc/ldap/server.key 389s + local cnf=/etc/ldap/openssl.cnf 389s + cat 389s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 389s ............++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 389s ....++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 389s ----- 389s + chmod 0640 /etc/ldap/server.key 389s + chgrp openldap /etc/ldap/server.key 389s + [ ! -f /etc/ldap/server.pem ] 389s + [ ! -f /etc/ldap/server.key ] 389s + enable_ldap_ssl 389s + cat 389s + cat 389s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 389s modifying entry "cn=config" 389s 389s + populate_ldap_rfc2307 389s + cat 389s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 389s adding new entry "ou=People,dc=example,dc=com" 389s 389s adding new entry "ou=Group,dc=example,dc=com" 389s 389s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 389s 389s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 389s 389s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 389s 389s + configure_sssd_ldap_rfc2307 389s + cat 389s + chmod 0600 /etc/sssd/sssd.conf 389s + systemctl restart sssd 389s + enable_pam_mkhomedir 389s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 389s Assert local user databases do not have our LDAP test data 389s + echo session optional pam_mkhomedir.so 389s + run_common_tests 389s + echo Assert local user databases do not have our LDAP test data 389s + check_local_user testuser1 389s + local local_user=testuser1 389s + grep -q ^testuser1 /etc/passwd 389s + check_local_group testuser1 389s + local local_group=testuser1 389s + grep -q ^testuser1 /etc/group 389s + check_local_group ldapusers 389s + local local_group=ldapusers 389s + grep -q ^ldapusers /etc/group 389s The LDAP user is known to the system via getent 389s + echo The LDAP user is known to the system via getent 389s + check_getent_user testuser1 389s + local getent_user=testuser1 389s + local output 389s + getent passwd testuser1 389s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 389s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 389s + echo The LDAP user's private group is known to the system via getent 389s + check_getent_group testuser1 389s + local getent_group=testuser1 389s + local output 389s + getent group testuser1 389s The LDAP user's private group is known to the system via getent 389s + output=testuser1:*:10001:testuser1 389s + [ -z testuser1:*:10001:testuser1 ] 389s + echo The LDAP group ldapusers is known to the system via getent 389s + check_getent_group ldapusers 389s + local getent_group=ldapusers 389s + local output 389s + getent group ldapusers 389s The LDAP group ldapusers is known to the system via getent 389s + output=ldapusers:*:10100:testuser1 389s + [ -z ldapusers:*:10100:testuser1 ] 389s + echo The id(1) command can resolve the group membership of the LDAP user 389s The id(1) command can resolve the group membership of the LDAP user 389s + id -Gn testuser1 390s The LDAP user can login on a terminal 390s + output=testuser1 ldapusers 390s + [ testuser1 ldapusers != testuser1 ldapusers ] 390s + echo The LDAP user can login on a terminal 390s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1secret 390s spawn login 390s ldap.example.com login: testuser1 390s Password: 390s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-11-generic aarch64) 390s 390s * Documentation: https://help.ubuntu.com 390s * Management: https://landscape.canonical.com 390s * Support: https://ubuntu.com/pro 390s 390s 390s The programs included with the Ubuntu system are free software; 390s the exact distribution terms for each program are described in the 390s individual files in /usr/share/doc/*/copyright. 390s 390s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 390s applicable law. 390s 390s 390s The programs included with the Ubuntu system are free software; 390s the exact distribution terms for each program are described in the 390s individual files in /usr/share/doc/*/copyright. 390s 390s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 390s applicable law. 390s 390s Creating directory '/home/testuser1'. 390s [?2004htestuser1@ldap:~$ id -un 390s [?2004l testuser1 390s [?2004htestuser1@ldap:~$ autopkgtest [15:24:23]: test ldap-user-group-ldap-auth: -----------------------] 391s autopkgtest [15:24:24]: test ldap-user-group-ldap-auth: - - - - - - - - - - results - - - - - - - - - - 391s ldap-user-group-ldap-auth PASS 391s autopkgtest [15:24:24]: test ldap-user-group-krb5-auth: preparing testbed 396s Reading package lists... 396s Building dependency tree... 396s Reading state information... 396s Correcting dependencies...Starting pkgProblemResolver with broken count: 0 396s Starting 2 pkgProblemResolver with broken count: 0 396s Done 397s Done 397s Starting pkgProblemResolver with broken count: 0 397s Starting 2 pkgProblemResolver with broken count: 0 397s Done 398s The following additional packages will be installed: 398s krb5-admin-server krb5-config krb5-kdc krb5-user libgssrpc4 398s libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 398s Suggested packages: 398s krb5-kdc-ldap krb5-kpropd krb5-k5tls krb5-doc 398s The following NEW packages will be installed: 398s krb5-admin-server krb5-config krb5-kdc krb5-user libgssrpc4 398s libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 398s 0 upgraded, 8 newly installed, 0 to remove and 0 not upgraded. 398s 1 not fully installed or removed. 398s Need to get 594 kB of archives. 398s After this operation, 2907 kB of additional disk space will be used. 398s Get:1 http://ftpmaster.internal/ubuntu noble/main arm64 libgssrpc4 arm64 1.20.1-5build1 [57.4 kB] 398s Get:2 http://ftpmaster.internal/ubuntu noble/main arm64 libkadm5clnt-mit12 arm64 1.20.1-5build1 [39.9 kB] 398s Get:3 http://ftpmaster.internal/ubuntu noble/main arm64 libkdb5-10 arm64 1.20.1-5build1 [39.8 kB] 398s Get:4 http://ftpmaster.internal/ubuntu noble/main arm64 libkadm5srv-mit12 arm64 1.20.1-5build1 [53.2 kB] 398s Get:5 http://ftpmaster.internal/ubuntu noble/universe arm64 krb5-user arm64 1.20.1-5build1 [108 kB] 398s Get:6 http://ftpmaster.internal/ubuntu noble/main arm64 krb5-config all 2.7 [22.0 kB] 398s Get:7 http://ftpmaster.internal/ubuntu noble/universe arm64 krb5-kdc arm64 1.20.1-5build1 [180 kB] 398s Get:8 http://ftpmaster.internal/ubuntu noble/universe arm64 krb5-admin-server arm64 1.20.1-5build1 [94.6 kB] 399s Preconfiguring packages ... 400s Fetched 594 kB in 1s (1073 kB/s) 400s Selecting previously unselected package libgssrpc4:arm64. 400s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 75603 files and directories currently installed.) 400s Preparing to unpack .../0-libgssrpc4_1.20.1-5build1_arm64.deb ... 400s Unpacking libgssrpc4:arm64 (1.20.1-5build1) ... 400s Selecting previously unselected package libkadm5clnt-mit12:arm64. 400s Preparing to unpack .../1-libkadm5clnt-mit12_1.20.1-5build1_arm64.deb ... 400s Unpacking libkadm5clnt-mit12:arm64 (1.20.1-5build1) ... 400s Selecting previously unselected package libkdb5-10:arm64. 400s Preparing to unpack .../2-libkdb5-10_1.20.1-5build1_arm64.deb ... 400s Unpacking libkdb5-10:arm64 (1.20.1-5build1) ... 400s Selecting previously unselected package libkadm5srv-mit12:arm64. 401s Preparing to unpack .../3-libkadm5srv-mit12_1.20.1-5build1_arm64.deb ... 401s Unpacking libkadm5srv-mit12:arm64 (1.20.1-5build1) ... 401s Selecting previously unselected package krb5-user. 401s Preparing to unpack .../4-krb5-user_1.20.1-5build1_arm64.deb ... 401s Unpacking krb5-user (1.20.1-5build1) ... 401s Selecting previously unselected package krb5-config. 401s Preparing to unpack .../5-krb5-config_2.7_all.deb ... 401s Unpacking krb5-config (2.7) ... 401s Selecting previously unselected package krb5-kdc. 401s Preparing to unpack .../6-krb5-kdc_1.20.1-5build1_arm64.deb ... 401s Unpacking krb5-kdc (1.20.1-5build1) ... 401s Selecting previously unselected package krb5-admin-server. 401s Preparing to unpack .../7-krb5-admin-server_1.20.1-5build1_arm64.deb ... 401s Unpacking krb5-admin-server (1.20.1-5build1) ... 401s Setting up libgssrpc4:arm64 (1.20.1-5build1) ... 401s Setting up krb5-config (2.7) ... 401s Setting up libkadm5clnt-mit12:arm64 (1.20.1-5build1) ... 401s Setting up libkdb5-10:arm64 (1.20.1-5build1) ... 401s Setting up libkadm5srv-mit12:arm64 (1.20.1-5build1) ... 401s Setting up krb5-user (1.20.1-5build1) ... 401s update-alternatives: using /usr/bin/kinit.mit to provide /usr/bin/kinit (kinit) in auto mode 401s update-alternatives: using /usr/bin/klist.mit to provide /usr/bin/klist (klist) in auto mode 401s update-alternatives: using /usr/bin/kswitch.mit to provide /usr/bin/kswitch (kswitch) in auto mode 401s update-alternatives: using /usr/bin/ksu.mit to provide /usr/bin/ksu (ksu) in auto mode 401s update-alternatives: using /usr/bin/kpasswd.mit to provide /usr/bin/kpasswd (kpasswd) in auto mode 401s update-alternatives: using /usr/bin/kdestroy.mit to provide /usr/bin/kdestroy (kdestroy) in auto mode 401s update-alternatives: using /usr/bin/kadmin.mit to provide /usr/bin/kadmin (kadmin) in auto mode 401s update-alternatives: using /usr/bin/ktutil.mit to provide /usr/bin/ktutil (ktutil) in auto mode 401s Setting up krb5-kdc (1.20.1-5build1) ... 402s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-kdc.service → /usr/lib/systemd/system/krb5-kdc.service. 403s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 403s Setting up krb5-admin-server (1.20.1-5build1) ... 403s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-admin-server.service → /usr/lib/systemd/system/krb5-admin-server.service. 404s Setting up autopkgtest-satdep (0) ... 404s Processing triggers for man-db (2.12.0-3) ... 404s Processing triggers for libc-bin (2.39-0ubuntu2) ... 414s (Reading database ... 75696 files and directories currently installed.) 414s Removing autopkgtest-satdep (0) ... 415s autopkgtest [15:24:48]: test ldap-user-group-krb5-auth: [----------------------- 415s + . debian/tests/util 415s + . debian/tests/common-tests 415s + mydomain=example.com 415s + myhostname=ldap.example.com 415s + mysuffix=dc=example,dc=com 415s + myrealm=EXAMPLE.COM 415s + admin_dn=cn=admin,dc=example,dc=com 415s + admin_pw=secret 415s + ldap_user=testuser1 415s + ldap_user_pw=testuser1secret 415s + kerberos_principal_pw=testuser1kerberos 415s + ldap_group=ldapusers 415s + adjust_hostname ldap.example.com 415s + local myhostname=ldap.example.com 415s + echo ldap.example.com 415s + hostname ldap.example.com 415s + grep -qE ldap.example.com /etc/hosts 415s + reconfigure_slapd 415s + debconf-set-selections 415s + rm -rf /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1 /var/backups/unknown-2.6.7+dfsg-1~exp1ubuntu1-20240309-152421.ldapdb 415s + dpkg-reconfigure -fnoninteractive -pcritical slapd 416s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1... done. 416s Moving old database directory to /var/backups: 416s - directory unknown... done. 416s Creating initial configuration... done. 416s Creating LDAP directory... done. 416s + generate_certs ldap.example.com 416s + local cn=ldap.example.com 416s + local cert=/etc/ldap/server.pem 416s + local key=/etc/ldap/server.key 416s + local cnf=/etc/ldap/openssl.cnf 416s + cat 416s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 416s ...........................................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 416s ...........................................................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 416s ----- 416s + chmod 0640 /etc/ldap/server.key 416s + chgrp openldap /etc/ldap/server.key 416s + [ ! -f /etc/ldap/server.pem ] 416s + [ ! -f /etc/ldap/server.key ] 416s + enable_ldap_ssl 416s + cat 416s + cat 416s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 416s modifying entry "cn=config" 416s 416s + populate_ldap_rfc2307 416s + cat 416s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 416s adding new entry "ou=People,dc=example,dc=com" 416s 416s adding new entry "ou=Group,dc=example,dc=com" 416s 416s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 416s 416s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 416s 416s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 416s 416s + create_realm EXAMPLE.COM ldap.example.com 416s + local realm_name=EXAMPLE.COM 416s + local kerberos_server=ldap.example.com 416s + rm -rf /var/lib/krb5kdc/* 416s + rm -rf /etc/krb5kdc/kdc.conf 416s + rm -f /etc/krb5.keytab 416s + cat 416s + cat 416s + echo # */admin * 416s + kdb5_util create -s -P secretpassword 417s Initializing database '/var/lib/krb5kdc/principal' for realm 'EXAMPLE.COM', 417s master key name 'K/M@EXAMPLE.COM' 417s + systemctl restart krb5-kdc.service krb5-admin-server.service 417s + create_krb_principal testuser1 testuser1kerberos 417s + local principal=testuser1 417s + local password=testuser1kerberos 417s + kadmin.local -q addprinc -pw testuser1kerberos testuser1 417s No policy specified for testuser1@EXAMPLE.COM; defaulting to no policy 417s Authenticating as principal root/admin@EXAMPLE.COM with password. 417s Principal "testuser1@EXAMPLE.COM" created. 417s + configure_sssd_ldap_rfc2307_krb5_auth 417s + cat 417s + chmod 0600 /etc/sssd/sssd.conf 417s + systemctl restart sssd 417s + enable_pam_mkhomedir 417s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 417s Assert local user databases do not have our LDAP test data 417s + run_common_tests 417s + echo Assert local user databases do not have our LDAP test data 417s + check_local_user testuser1 417s + local local_user=testuser1 417s + grep -q ^testuser1 /etc/passwd 417s + check_local_group testuser1 417s + local local_group=testuser1 417s + grep -q ^testuser1 /etc/group 417s + check_local_group ldapusers 417s + local local_group=ldapusers 417s + grep -q ^ldapusers /etc/group 417s + echo The LDAP user is known to the system via getent 417s + check_getent_user testuser1 417s + local getent_user=testuser1 417s + local output 417s + getent passwd testuser1 417s The LDAP user is known to the system via getent 417s The LDAP user's private group is known to the system via getent 417s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 417s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 417s + echo The LDAP user's private group is known to the system via getent 417s + check_getent_group testuser1 417s + local getent_group=testuser1 417s + local output 417s + getent group testuser1 417s + output=testuser1:*:10001:testuser1 417s + [ -z testuser1:*:10001:testuser1 ] 417s + echo The LDAP group ldapusers is known to the system via getent 417s The LDAP group ldapusers is known to the system via getent 417s + check_getent_group ldapusers 417s + local getent_group=ldapusers 417s + local output 417s + getent group ldapusers 417s The id(1) command can resolve the group membership of the LDAP user 417s + output=ldapusers:*:10100:testuser1 417s + [ -z ldapusers:*:10100:testuser1 ] 417s + echo The id(1) command can resolve the group membership of the LDAP user 417s + id -Gn testuser1 417s + output=testuser1 ldapusers 417s + [ testuser1 ldapusers !=The Kerberos principal can login on a terminal 417s testuser1 ldapusers ] 417s + echo The Kerberos principal can login on a terminal 417s + kdestroy 417s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1kerberos testuser1@EXAMPLE.COM 417s spawn login 417s ldap.example.com login: testuser1 417s Password: 417s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-11-generic aarch64) 417s 417s * Documentation: https://help.ubuntu.com 417s * Management: https://landscape.canonical.com 417s * Support: https://ubuntu.com/pro 417s 417s 417s The programs included with the Ubuntu system are free software; 417s the exact distribution terms for each program are described in the 417s individual files in /usr/share/doc/*/copyright. 417s 417s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 417s applicable law. 417s 417s Last login: Sat Mar 9 15:24:23 UTC 2024 on pts/0 417s [?2004htestuser1@ldap:~$ id -un 417s [?2004l testuser1 417s [?2004htestuser1@ldap:~$ klist 417s [?2004l Ticket cache: FILE:/tmp/krb5cc_10001_VX6u9j 418s Default principal: testuser1@EXAMPLE.COMautopkgtest [15:24:51]: test ldap-user-group-krb5-auth: -----------------------] 420s autopkgtest [15:24:53]: test ldap-user-group-krb5-auth: - - - - - - - - - - results - - - - - - - - - - 420s ldap-user-group-krb5-auth PASS 420s autopkgtest [15:24:53]: test sssd-softhism2-certificates-tests.sh: preparing testbed 540s autopkgtest [15:26:53]: @@@@@@@@@@@@@@@@@@@@ test bed setup 541s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 541s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [429 kB] 541s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [2635 kB] 542s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [3976 B] 542s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [37.3 kB] 542s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 Packages [572 kB] 542s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 c-n-f Metadata [3144 B] 542s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted arm64 Packages [20.3 kB] 542s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted arm64 c-n-f Metadata [116 B] 542s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe arm64 Packages [2878 kB] 542s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe arm64 c-n-f Metadata [8528 B] 542s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse arm64 Packages [39.2 kB] 542s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse arm64 c-n-f Metadata [116 B] 545s Fetched 6745 kB in 2s (3645 kB/s) 545s Reading package lists... 547s Reading package lists... 547s Building dependency tree... 547s Reading state information... 548s Calculating upgrade... 548s The following package was automatically installed and is no longer required: 548s ubuntu-advantage-tools 548s Use 'sudo apt autoremove' to remove it. 548s The following packages will be REMOVED: 548s libglib2.0-0 548s The following NEW packages will be installed: 548s libglib2.0-0t64 libnuma1 libsensors-config libsensors5 numactl sysstat 548s xdg-user-dirs 548s The following packages will be upgraded: 548s dbus dbus-bin dbus-daemon dbus-session-bus-common dbus-system-bus-common 548s dbus-user-session efibootmgr gir1.2-glib-2.0 libdbus-1-3 libglib2.0-data 548s ubuntu-minimal ubuntu-standard 548s 12 upgraded, 7 newly installed, 1 to remove and 0 not upgraded. 548s Need to get 2962 kB of archives. 548s After this operation, 2353 kB of additional disk space will be used. 548s Get:1 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 gir1.2-glib-2.0 arm64 2.79.3-3ubuntu3 [182 kB] 548s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libglib2.0-0t64 arm64 2.79.3-3ubuntu3 [1527 kB] 549s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 dbus-session-bus-common all 1.14.10-4ubuntu2 [80.3 kB] 549s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 dbus-user-session arm64 1.14.10-4ubuntu2 [9960 B] 549s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 dbus-daemon arm64 1.14.10-4ubuntu2 [115 kB] 549s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 dbus-bin arm64 1.14.10-4ubuntu2 [38.8 kB] 549s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 dbus-system-bus-common all 1.14.10-4ubuntu2 [81.5 kB] 549s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 dbus arm64 1.14.10-4ubuntu2 [23.9 kB] 549s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libdbus-1-3 arm64 1.14.10-4ubuntu2 [210 kB] 549s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libglib2.0-data all 2.79.3-3ubuntu3 [46.6 kB] 549s Get:11 http://ftpmaster.internal/ubuntu noble/main arm64 ubuntu-minimal arm64 1.535 [10.5 kB] 549s Get:12 http://ftpmaster.internal/ubuntu noble/main arm64 xdg-user-dirs arm64 0.18-1 [18.1 kB] 549s Get:13 http://ftpmaster.internal/ubuntu noble/main arm64 libnuma1 arm64 2.0.18-1 [23.5 kB] 549s Get:14 http://ftpmaster.internal/ubuntu noble/main arm64 ubuntu-standard arm64 1.535 [10.5 kB] 549s Get:15 http://ftpmaster.internal/ubuntu noble/main arm64 efibootmgr arm64 18-1build1 [31.5 kB] 549s Get:16 http://ftpmaster.internal/ubuntu noble/main arm64 libsensors-config all 1:3.6.0-9 [5458 B] 549s Get:17 http://ftpmaster.internal/ubuntu noble/main arm64 libsensors5 arm64 1:3.6.0-9 [26.9 kB] 549s Get:18 http://ftpmaster.internal/ubuntu noble/main arm64 numactl arm64 2.0.18-1 [39.5 kB] 549s Get:19 http://ftpmaster.internal/ubuntu noble/main arm64 sysstat arm64 12.6.1-1ubuntu1 [480 kB] 549s Preconfiguring packages ... 549s Fetched 2962 kB in 1s (3514 kB/s) 550s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74662 files and directories currently installed.) 550s Preparing to unpack .../gir1.2-glib-2.0_2.79.3-3ubuntu3_arm64.deb ... 550s Unpacking gir1.2-glib-2.0:arm64 (2.79.3-3ubuntu3) over (2.79.2-1~ubuntu1) ... 550s dpkg: libglib2.0-0:arm64: dependency problems, but removing anyway as you requested: 550s udisks2 depends on libglib2.0-0 (>= 2.77.0). 550s shared-mime-info depends on libglib2.0-0 (>= 2.75.3). 550s python3-gi depends on libglib2.0-0 (>= 2.77.0). 550s python3-dbus depends on libglib2.0-0 (>= 2.16.0). 550s netplan.io depends on libglib2.0-0 (>= 2.70.0). 550s netplan-generator depends on libglib2.0-0 (>= 2.70.0). 550s libxmlb2:arm64 depends on libglib2.0-0 (>= 2.54.0). 550s libvolume-key1:arm64 depends on libglib2.0-0 (>= 2.18.0). 550s libudisks2-0:arm64 depends on libglib2.0-0 (>= 2.75.3). 550s libqrtr-glib0:arm64 depends on libglib2.0-0 (>= 2.56). 550s libqmi-proxy depends on libglib2.0-0 (>= 2.30.0). 550s libqmi-glib5:arm64 depends on libglib2.0-0 (>= 2.54.0). 550s libpolkit-gobject-1-0:arm64 depends on libglib2.0-0 (>= 2.38.0). 550s libpolkit-agent-1-0:arm64 depends on libglib2.0-0 (>= 2.38.0). 550s libnetplan0:arm64 depends on libglib2.0-0 (>= 2.75.3). 550s libmm-glib0:arm64 depends on libglib2.0-0 (>= 2.62.0). 550s libmbim-proxy depends on libglib2.0-0 (>= 2.56). 550s libmbim-glib4:arm64 depends on libglib2.0-0 (>= 2.56). 550s libjson-glib-1.0-0:arm64 depends on libglib2.0-0 (>= 2.75.3). 550s libjcat1:arm64 depends on libglib2.0-0 (>= 2.75.3). 550s libgusb2:arm64 depends on libglib2.0-0 (>= 2.75.3). 550s libgudev-1.0-0:arm64 depends on libglib2.0-0 (>= 2.38.0). 550s libgirepository-1.0-1:arm64 depends on libglib2.0-0 (>= 2.79.0). 550s libfwupd2:arm64 depends on libglib2.0-0 (>= 2.79.0). 550s libblockdev3:arm64 depends on libglib2.0-0 (>= 2.42.2). 550s libblockdev-utils3:arm64 depends on libglib2.0-0 (>= 2.75.3). 550s libblockdev-swap3:arm64 depends on libglib2.0-0 (>= 2.42.2). 550s libblockdev-part3:arm64 depends on libglib2.0-0 (>= 2.42.2). 550s libblockdev-nvme3:arm64 depends on libglib2.0-0 (>= 2.42.2). 550s libblockdev-mdraid3:arm64 depends on libglib2.0-0 (>= 2.42.2). 550s libblockdev-loop3:arm64 depends on libglib2.0-0 (>= 2.42.2). 550s libblockdev-fs3:arm64 depends on libglib2.0-0 (>= 2.42.2). 550s libblockdev-crypto3:arm64 depends on libglib2.0-0 (>= 2.42.2). 550s fwupd depends on libglib2.0-0 (>= 2.79.0). 550s bolt depends on libglib2.0-0 (>= 2.56.0). 550s 550s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74662 files and directories currently installed.) 550s Removing libglib2.0-0:arm64 (2.79.2-1~ubuntu1) ... 550s Selecting previously unselected package libglib2.0-0t64:arm64. 550s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74637 files and directories currently installed.) 550s Preparing to unpack .../00-libglib2.0-0t64_2.79.3-3ubuntu3_arm64.deb ... 550s libglib2.0-0t64.preinst: Removing /var/lib/dpkg/info/libglib2.0-0:arm64.postrm to avoid loss of /usr/share/glib-2.0/schemas/gschemas.compiled... 550s removed '/var/lib/dpkg/info/libglib2.0-0:arm64.postrm' 550s Unpacking libglib2.0-0t64:arm64 (2.79.3-3ubuntu3) ... 550s Preparing to unpack .../01-dbus-session-bus-common_1.14.10-4ubuntu2_all.deb ... 550s Unpacking dbus-session-bus-common (1.14.10-4ubuntu2) over (1.14.10-4ubuntu1) ... 550s Preparing to unpack .../02-dbus-user-session_1.14.10-4ubuntu2_arm64.deb ... 550s Unpacking dbus-user-session (1.14.10-4ubuntu2) over (1.14.10-4ubuntu1) ... 550s Preparing to unpack .../03-dbus-daemon_1.14.10-4ubuntu2_arm64.deb ... 550s Unpacking dbus-daemon (1.14.10-4ubuntu2) over (1.14.10-4ubuntu1) ... 550s Preparing to unpack .../04-dbus-bin_1.14.10-4ubuntu2_arm64.deb ... 550s Unpacking dbus-bin (1.14.10-4ubuntu2) over (1.14.10-4ubuntu1) ... 550s Preparing to unpack .../05-dbus-system-bus-common_1.14.10-4ubuntu2_all.deb ... 550s Unpacking dbus-system-bus-common (1.14.10-4ubuntu2) over (1.14.10-4ubuntu1) ... 550s Preparing to unpack .../06-dbus_1.14.10-4ubuntu2_arm64.deb ... 550s Unpacking dbus (1.14.10-4ubuntu2) over (1.14.10-4ubuntu1) ... 550s Preparing to unpack .../07-libdbus-1-3_1.14.10-4ubuntu2_arm64.deb ... 550s Unpacking libdbus-1-3:arm64 (1.14.10-4ubuntu2) over (1.14.10-4ubuntu1) ... 550s Preparing to unpack .../08-libglib2.0-data_2.79.3-3ubuntu3_all.deb ... 550s Unpacking libglib2.0-data (2.79.3-3ubuntu3) over (2.79.2-1~ubuntu1) ... 550s Preparing to unpack .../09-ubuntu-minimal_1.535_arm64.deb ... 550s Unpacking ubuntu-minimal (1.535) over (1.534) ... 550s Selecting previously unselected package xdg-user-dirs. 550s Preparing to unpack .../10-xdg-user-dirs_0.18-1_arm64.deb ... 550s Unpacking xdg-user-dirs (0.18-1) ... 550s Selecting previously unselected package libnuma1:arm64. 550s Preparing to unpack .../11-libnuma1_2.0.18-1_arm64.deb ... 550s Unpacking libnuma1:arm64 (2.0.18-1) ... 550s Preparing to unpack .../12-ubuntu-standard_1.535_arm64.deb ... 550s Unpacking ubuntu-standard (1.535) over (1.534) ... 550s Preparing to unpack .../13-efibootmgr_18-1build1_arm64.deb ... 550s Unpacking efibootmgr (18-1build1) over (18-1) ... 550s Selecting previously unselected package libsensors-config. 550s Preparing to unpack .../14-libsensors-config_1%3a3.6.0-9_all.deb ... 550s Unpacking libsensors-config (1:3.6.0-9) ... 550s Selecting previously unselected package libsensors5:arm64. 550s Preparing to unpack .../15-libsensors5_1%3a3.6.0-9_arm64.deb ... 550s Unpacking libsensors5:arm64 (1:3.6.0-9) ... 550s Selecting previously unselected package numactl. 550s Preparing to unpack .../16-numactl_2.0.18-1_arm64.deb ... 550s Unpacking numactl (2.0.18-1) ... 550s Selecting previously unselected package sysstat. 550s Preparing to unpack .../17-sysstat_12.6.1-1ubuntu1_arm64.deb ... 550s Unpacking sysstat (12.6.1-1ubuntu1) ... 550s Setting up efibootmgr (18-1build1) ... 550s Setting up ubuntu-minimal (1.535) ... 550s Setting up xdg-user-dirs (0.18-1) ... 550s Setting up libsensors-config (1:3.6.0-9) ... 550s Setting up ubuntu-standard (1.535) ... 550s Setting up libglib2.0-0t64:arm64 (2.79.3-3ubuntu3) ... 550s No schema files found: doing nothing. 550s Setting up libglib2.0-data (2.79.3-3ubuntu3) ... 550s Setting up libdbus-1-3:arm64 (1.14.10-4ubuntu2) ... 550s Setting up gir1.2-glib-2.0:arm64 (2.79.3-3ubuntu3) ... 550s Setting up libsensors5:arm64 (1:3.6.0-9) ... 550s Setting up libnuma1:arm64 (2.0.18-1) ... 550s Setting up dbus-session-bus-common (1.14.10-4ubuntu2) ... 550s Setting up dbus-system-bus-common (1.14.10-4ubuntu2) ... 551s Setting up sysstat (12.6.1-1ubuntu1) ... 551s 551s Creating config file /etc/default/sysstat with new version 551s update-alternatives: using /usr/bin/sar.sysstat to provide /usr/bin/sar (sar) in auto mode 551s Created symlink /etc/systemd/system/sysstat.service.wants/sysstat-collect.timer → /usr/lib/systemd/system/sysstat-collect.timer. 551s Created symlink /etc/systemd/system/sysstat.service.wants/sysstat-summary.timer → /usr/lib/systemd/system/sysstat-summary.timer. 551s Created symlink /etc/systemd/system/multi-user.target.wants/sysstat.service → /usr/lib/systemd/system/sysstat.service. 553s Setting up dbus-bin (1.14.10-4ubuntu2) ... 553s Setting up numactl (2.0.18-1) ... 553s Setting up dbus-daemon (1.14.10-4ubuntu2) ... 553s Setting up dbus-user-session (1.14.10-4ubuntu2) ... 553s Setting up dbus (1.14.10-4ubuntu2) ... 553s A reboot is required to replace the running dbus-daemon. 553s Please reboot the system when convenient. 553s Processing triggers for man-db (2.12.0-3) ... 554s Processing triggers for libc-bin (2.39-0ubuntu2) ... 554s Reading package lists... 555s Building dependency tree... 555s Reading state information... 555s The following packages will be REMOVED: 555s ubuntu-advantage-tools* 555s 0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded. 555s After this operation, 71.7 kB disk space will be freed. 555s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74769 files and directories currently installed.) 555s Removing ubuntu-advantage-tools (31.1) ... 556s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74763 files and directories currently installed.) 556s Purging configuration files for ubuntu-advantage-tools (31.1) ... 557s sh: Attempting to set up Debian/Ubuntu apt sources automatically 557s sh: Distribution appears to be Ubuntu 557s Reading package lists... 558s Building dependency tree... 558s Reading state information... 558s eatmydata is already the newest version (131-1). 558s dbus is already the newest version (1.14.10-4ubuntu2). 558s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 558s Reading package lists... 558s Building dependency tree... 558s Reading state information... 559s rng-tools-debian is already the newest version (2.4). 559s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 559s Reading package lists... 559s Building dependency tree... 559s Reading state information... 560s haveged is already the newest version (1.9.14-1ubuntu1). 560s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 560s Reading package lists... 560s Building dependency tree... 560s Reading state information... 560s The following packages will be REMOVED: 560s cloud-init* python3-configobj* python3-debconf* 561s 0 upgraded, 0 newly installed, 3 to remove and 0 not upgraded. 561s After this operation, 3248 kB disk space will be freed. 561s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74762 files and directories currently installed.) 561s Removing cloud-init (24.1-0ubuntu1) ... 561s Removing python3-configobj (5.0.8-3) ... 561s Removing python3-debconf (1.5.86) ... 561s Processing triggers for man-db (2.12.0-3) ... 562s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74373 files and directories currently installed.) 562s Purging configuration files for cloud-init (24.1-0ubuntu1) ... 562s dpkg: warning: while removing cloud-init, directory '/etc/cloud/cloud.cfg.d' not empty so not removed 562s Processing triggers for rsyslog (8.2312.0-3ubuntu3) ... 563s Reading package lists... 563s Building dependency tree... 563s Reading state information... 564s linux-generic is already the newest version (6.8.0-11.11+1). 564s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 564s Hit:1 http://ftpmaster.internal/ubuntu noble InRelease 564s Hit:2 http://ftpmaster.internal/ubuntu noble-updates InRelease 564s Hit:3 http://ftpmaster.internal/ubuntu noble-security InRelease 564s Hit:4 http://ftpmaster.internal/ubuntu noble-proposed InRelease 565s Reading package lists... 565s Reading package lists... 566s Building dependency tree... 566s Reading state information... 566s Calculating upgrade... 566s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 566s Reading package lists... 567s Building dependency tree... 567s Reading state information... 567s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 567s autopkgtest [15:27:20]: rebooting testbed after setup commands that affected boot 749s autopkgtest [15:30:22]: testbed dpkg architecture: arm64 752s Reading package lists... 753s Building dependency tree... 753s Reading state information... 753s Correcting dependencies...Starting pkgProblemResolver with broken count: 0 753s Starting 2 pkgProblemResolver with broken count: 0 753s Done 753s Done 754s Starting pkgProblemResolver with broken count: 0 754s Starting 2 pkgProblemResolver with broken count: 0 754s Done 754s The following additional packages will be installed: 754s gnutls-bin libavahi-client3 libavahi-common-data libavahi-common3 754s libbasicobjects0 libc-ares2 libcollection4 libcrack2 libdhash1 754s libevent-2.1-7 libgnutls-dane0 libini-config5 libipa-hbac0 libldb2 754s libnfsidmap1 libnss-sss libpam-pwquality libpam-sss libpath-utils1 754s libpwquality-common libpwquality1 libref-array1 libsmbclient libsofthsm2 754s libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 libtalloc2 libtdb1 754s libtevent0 libunbound8 libwbclient0 python3-sss samba-libs softhsm2 754s softhsm2-common sssd sssd-ad sssd-ad-common sssd-common sssd-ipa sssd-krb5 754s sssd-krb5-common sssd-ldap sssd-proxy 754s Suggested packages: 754s dns-root-data adcli libsss-sudo sssd-tools libsasl2-modules-ldap 754s Recommended packages: 754s cracklib-runtime libsasl2-modules-gssapi-mit 754s | libsasl2-modules-gssapi-heimdal ldap-utils 754s The following NEW packages will be installed: 754s gnutls-bin libavahi-client3 libavahi-common-data libavahi-common3 754s libbasicobjects0 libc-ares2 libcollection4 libcrack2 libdhash1 754s libevent-2.1-7 libgnutls-dane0 libini-config5 libipa-hbac0 libldb2 754s libnfsidmap1 libnss-sss libpam-pwquality libpam-sss libpath-utils1 754s libpwquality-common libpwquality1 libref-array1 libsmbclient libsofthsm2 754s libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 libtalloc2 libtdb1 754s libtevent0 libunbound8 libwbclient0 python3-sss samba-libs softhsm2 754s softhsm2-common sssd sssd-ad sssd-ad-common sssd-common sssd-ipa sssd-krb5 754s sssd-krb5-common sssd-ldap sssd-proxy 755s 0 upgraded, 45 newly installed, 0 to remove and 0 not upgraded. 755s 1 not fully installed or removed. 755s Need to get 10.1 MB of archives. 755s After this operation, 48.6 MB of additional disk space will be used. 755s Get:1 http://ftpmaster.internal/ubuntu noble/main arm64 libevent-2.1-7 arm64 2.1.12-stable-9 [138 kB] 755s Get:2 http://ftpmaster.internal/ubuntu noble/main arm64 libunbound8 arm64 1.19.1-1ubuntu1 [423 kB] 755s Get:3 http://ftpmaster.internal/ubuntu noble/main arm64 libgnutls-dane0 arm64 3.8.3-1ubuntu1 [23.3 kB] 755s Get:4 http://ftpmaster.internal/ubuntu noble/universe arm64 gnutls-bin arm64 3.8.3-1ubuntu1 [267 kB] 755s Get:5 http://ftpmaster.internal/ubuntu noble/universe arm64 softhsm2-common arm64 2.6.1-2.2 [5806 B] 755s Get:6 http://ftpmaster.internal/ubuntu noble/universe arm64 libsofthsm2 arm64 2.6.1-2.2 [246 kB] 755s Get:7 http://ftpmaster.internal/ubuntu noble/universe arm64 softhsm2 arm64 2.6.1-2.2 [167 kB] 755s Get:8 http://ftpmaster.internal/ubuntu noble/main arm64 libtalloc2 arm64 2.4.2-1 [26.6 kB] 755s Get:9 http://ftpmaster.internal/ubuntu noble/main arm64 libtdb1 arm64 1.4.10-1 [48.4 kB] 755s Get:10 http://ftpmaster.internal/ubuntu noble/main arm64 libtevent0 arm64 0.16.1-1 [41.8 kB] 755s Get:11 http://ftpmaster.internal/ubuntu noble/main arm64 libldb2 arm64 2:2.8.0+samba4.19.5+dfsg-1ubuntu1 [187 kB] 755s Get:12 http://ftpmaster.internal/ubuntu noble/main arm64 python3-sss arm64 2.9.4-1ubuntu1 [46.5 kB] 755s Get:13 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-idmap0 arm64 2.9.4-1ubuntu1 [21.8 kB] 755s Get:14 http://ftpmaster.internal/ubuntu noble/main arm64 libnss-sss arm64 2.9.4-1ubuntu1 [31.7 kB] 755s Get:15 http://ftpmaster.internal/ubuntu noble/main arm64 libcrack2 arm64 2.9.6-5.1 [28.7 kB] 755s Get:16 http://ftpmaster.internal/ubuntu noble/main arm64 libpwquality-common all 1.4.5-3 [7658 B] 755s Get:17 http://ftpmaster.internal/ubuntu noble/main arm64 libpwquality1 arm64 1.4.5-3 [13.2 kB] 755s Get:18 http://ftpmaster.internal/ubuntu noble/main arm64 libpam-pwquality arm64 1.4.5-3 [11.6 kB] 755s Get:19 http://ftpmaster.internal/ubuntu noble/main arm64 libpam-sss arm64 2.9.4-1ubuntu1 [48.8 kB] 755s Get:20 http://ftpmaster.internal/ubuntu noble/main arm64 libc-ares2 arm64 1.27.0-1 [74.1 kB] 755s Get:21 http://ftpmaster.internal/ubuntu noble/main arm64 libdhash1 arm64 0.6.2-2 [8540 B] 755s Get:22 http://ftpmaster.internal/ubuntu noble/main arm64 libbasicobjects0 arm64 0.6.2-2 [5586 B] 755s Get:23 http://ftpmaster.internal/ubuntu noble/main arm64 libcollection4 arm64 0.6.2-2 [23.0 kB] 755s Get:24 http://ftpmaster.internal/ubuntu noble/main arm64 libpath-utils1 arm64 0.6.2-2 [8722 B] 755s Get:25 http://ftpmaster.internal/ubuntu noble/main arm64 libref-array1 arm64 0.6.2-2 [7042 B] 755s Get:26 http://ftpmaster.internal/ubuntu noble/main arm64 libini-config5 arm64 0.6.2-2 [43.7 kB] 755s Get:27 http://ftpmaster.internal/ubuntu noble/main arm64 libnfsidmap1 arm64 1:2.6.3-3ubuntu1 [47.1 kB] 755s Get:28 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-certmap0 arm64 2.9.4-1ubuntu1 [45.8 kB] 755s Get:29 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-nss-idmap0 arm64 2.9.4-1ubuntu1 [30.3 kB] 755s Get:30 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-common arm64 2.9.4-1ubuntu1 [1147 kB] 756s Get:31 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-common-data arm64 0.8-13ubuntu2 [29.5 kB] 756s Get:32 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-common3 arm64 0.8-13ubuntu2 [23.2 kB] 756s Get:33 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-client3 arm64 0.8-13ubuntu2 [27.3 kB] 756s Get:34 http://ftpmaster.internal/ubuntu noble/main arm64 libwbclient0 arm64 2:4.19.5+dfsg-1ubuntu1 [70.6 kB] 756s Get:35 http://ftpmaster.internal/ubuntu noble/main arm64 samba-libs arm64 2:4.19.5+dfsg-1ubuntu1 [6061 kB] 756s Get:36 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ad-common arm64 2.9.4-1ubuntu1 [75.4 kB] 756s Get:37 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-krb5-common arm64 2.9.4-1ubuntu1 [87.9 kB] 756s Get:38 http://ftpmaster.internal/ubuntu noble/main arm64 libsmbclient arm64 2:4.19.5+dfsg-1ubuntu1 [62.2 kB] 756s Get:39 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ad arm64 2.9.4-1ubuntu1 [134 kB] 756s Get:40 http://ftpmaster.internal/ubuntu noble/main arm64 libipa-hbac0 arm64 2.9.4-1ubuntu1 [16.7 kB] 756s Get:41 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ipa arm64 2.9.4-1ubuntu1 [220 kB] 756s Get:42 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-krb5 arm64 2.9.4-1ubuntu1 [14.3 kB] 756s Get:43 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ldap arm64 2.9.4-1ubuntu1 [31.3 kB] 756s Get:44 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-proxy arm64 2.9.4-1ubuntu1 [44.6 kB] 756s Get:45 http://ftpmaster.internal/ubuntu noble/main arm64 sssd arm64 2.9.4-1ubuntu1 [4120 B] 757s Fetched 10.1 MB in 2s (5731 kB/s) 757s Selecting previously unselected package libevent-2.1-7:arm64. 757s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74318 files and directories currently installed.) 757s Preparing to unpack .../00-libevent-2.1-7_2.1.12-stable-9_arm64.deb ... 757s Unpacking libevent-2.1-7:arm64 (2.1.12-stable-9) ... 757s Selecting previously unselected package libunbound8:arm64. 757s Preparing to unpack .../01-libunbound8_1.19.1-1ubuntu1_arm64.deb ... 757s Unpacking libunbound8:arm64 (1.19.1-1ubuntu1) ... 757s Selecting previously unselected package libgnutls-dane0:arm64. 757s Preparing to unpack .../02-libgnutls-dane0_3.8.3-1ubuntu1_arm64.deb ... 757s Unpacking libgnutls-dane0:arm64 (3.8.3-1ubuntu1) ... 757s Selecting previously unselected package gnutls-bin. 757s Preparing to unpack .../03-gnutls-bin_3.8.3-1ubuntu1_arm64.deb ... 757s Unpacking gnutls-bin (3.8.3-1ubuntu1) ... 757s Selecting previously unselected package softhsm2-common. 757s Preparing to unpack .../04-softhsm2-common_2.6.1-2.2_arm64.deb ... 757s Unpacking softhsm2-common (2.6.1-2.2) ... 757s Selecting previously unselected package libsofthsm2. 757s Preparing to unpack .../05-libsofthsm2_2.6.1-2.2_arm64.deb ... 757s Unpacking libsofthsm2 (2.6.1-2.2) ... 757s Selecting previously unselected package softhsm2. 757s Preparing to unpack .../06-softhsm2_2.6.1-2.2_arm64.deb ... 757s Unpacking softhsm2 (2.6.1-2.2) ... 757s Selecting previously unselected package libtalloc2:arm64. 757s Preparing to unpack .../07-libtalloc2_2.4.2-1_arm64.deb ... 757s Unpacking libtalloc2:arm64 (2.4.2-1) ... 757s Selecting previously unselected package libtdb1:arm64. 757s Preparing to unpack .../08-libtdb1_1.4.10-1_arm64.deb ... 757s Unpacking libtdb1:arm64 (1.4.10-1) ... 757s Selecting previously unselected package libtevent0:arm64. 757s Preparing to unpack .../09-libtevent0_0.16.1-1_arm64.deb ... 757s Unpacking libtevent0:arm64 (0.16.1-1) ... 757s Selecting previously unselected package libldb2:arm64. 757s Preparing to unpack .../10-libldb2_2%3a2.8.0+samba4.19.5+dfsg-1ubuntu1_arm64.deb ... 757s Unpacking libldb2:arm64 (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 757s Selecting previously unselected package python3-sss. 757s Preparing to unpack .../11-python3-sss_2.9.4-1ubuntu1_arm64.deb ... 757s Unpacking python3-sss (2.9.4-1ubuntu1) ... 757s Selecting previously unselected package libsss-idmap0. 757s Preparing to unpack .../12-libsss-idmap0_2.9.4-1ubuntu1_arm64.deb ... 757s Unpacking libsss-idmap0 (2.9.4-1ubuntu1) ... 757s Selecting previously unselected package libnss-sss:arm64. 757s Preparing to unpack .../13-libnss-sss_2.9.4-1ubuntu1_arm64.deb ... 757s Unpacking libnss-sss:arm64 (2.9.4-1ubuntu1) ... 757s Selecting previously unselected package libcrack2:arm64. 757s Preparing to unpack .../14-libcrack2_2.9.6-5.1_arm64.deb ... 757s Unpacking libcrack2:arm64 (2.9.6-5.1) ... 757s Selecting previously unselected package libpwquality-common. 757s Preparing to unpack .../15-libpwquality-common_1.4.5-3_all.deb ... 757s Unpacking libpwquality-common (1.4.5-3) ... 757s Selecting previously unselected package libpwquality1:arm64. 757s Preparing to unpack .../16-libpwquality1_1.4.5-3_arm64.deb ... 757s Unpacking libpwquality1:arm64 (1.4.5-3) ... 757s Selecting previously unselected package libpam-pwquality:arm64. 757s Preparing to unpack .../17-libpam-pwquality_1.4.5-3_arm64.deb ... 757s Unpacking libpam-pwquality:arm64 (1.4.5-3) ... 757s Selecting previously unselected package libpam-sss:arm64. 757s Preparing to unpack .../18-libpam-sss_2.9.4-1ubuntu1_arm64.deb ... 757s Unpacking libpam-sss:arm64 (2.9.4-1ubuntu1) ... 758s Selecting previously unselected package libc-ares2:arm64. 758s Preparing to unpack .../19-libc-ares2_1.27.0-1_arm64.deb ... 758s Unpacking libc-ares2:arm64 (1.27.0-1) ... 758s Selecting previously unselected package libdhash1:arm64. 758s Preparing to unpack .../20-libdhash1_0.6.2-2_arm64.deb ... 758s Unpacking libdhash1:arm64 (0.6.2-2) ... 758s Selecting previously unselected package libbasicobjects0:arm64. 758s Preparing to unpack .../21-libbasicobjects0_0.6.2-2_arm64.deb ... 758s Unpacking libbasicobjects0:arm64 (0.6.2-2) ... 758s Selecting previously unselected package libcollection4:arm64. 758s Preparing to unpack .../22-libcollection4_0.6.2-2_arm64.deb ... 758s Unpacking libcollection4:arm64 (0.6.2-2) ... 758s Selecting previously unselected package libpath-utils1:arm64. 758s Preparing to unpack .../23-libpath-utils1_0.6.2-2_arm64.deb ... 758s Unpacking libpath-utils1:arm64 (0.6.2-2) ... 758s Selecting previously unselected package libref-array1:arm64. 758s Preparing to unpack .../24-libref-array1_0.6.2-2_arm64.deb ... 758s Unpacking libref-array1:arm64 (0.6.2-2) ... 758s Selecting previously unselected package libini-config5:arm64. 758s Preparing to unpack .../25-libini-config5_0.6.2-2_arm64.deb ... 758s Unpacking libini-config5:arm64 (0.6.2-2) ... 758s Selecting previously unselected package libnfsidmap1:arm64. 758s Preparing to unpack .../26-libnfsidmap1_1%3a2.6.3-3ubuntu1_arm64.deb ... 758s Unpacking libnfsidmap1:arm64 (1:2.6.3-3ubuntu1) ... 758s Selecting previously unselected package libsss-certmap0. 758s Preparing to unpack .../27-libsss-certmap0_2.9.4-1ubuntu1_arm64.deb ... 758s Unpacking libsss-certmap0 (2.9.4-1ubuntu1) ... 758s Selecting previously unselected package libsss-nss-idmap0. 758s Preparing to unpack .../28-libsss-nss-idmap0_2.9.4-1ubuntu1_arm64.deb ... 758s Unpacking libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 758s Selecting previously unselected package sssd-common. 758s Preparing to unpack .../29-sssd-common_2.9.4-1ubuntu1_arm64.deb ... 758s Unpacking sssd-common (2.9.4-1ubuntu1) ... 758s Selecting previously unselected package libavahi-common-data:arm64. 758s Preparing to unpack .../30-libavahi-common-data_0.8-13ubuntu2_arm64.deb ... 758s Unpacking libavahi-common-data:arm64 (0.8-13ubuntu2) ... 758s Selecting previously unselected package libavahi-common3:arm64. 758s Preparing to unpack .../31-libavahi-common3_0.8-13ubuntu2_arm64.deb ... 758s Unpacking libavahi-common3:arm64 (0.8-13ubuntu2) ... 758s Selecting previously unselected package libavahi-client3:arm64. 758s Preparing to unpack .../32-libavahi-client3_0.8-13ubuntu2_arm64.deb ... 758s Unpacking libavahi-client3:arm64 (0.8-13ubuntu2) ... 758s Selecting previously unselected package libwbclient0:arm64. 758s Preparing to unpack .../33-libwbclient0_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 758s Unpacking libwbclient0:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 758s Selecting previously unselected package samba-libs:arm64. 758s Preparing to unpack .../34-samba-libs_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 758s Unpacking samba-libs:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 758s Selecting previously unselected package sssd-ad-common. 758s Preparing to unpack .../35-sssd-ad-common_2.9.4-1ubuntu1_arm64.deb ... 758s Unpacking sssd-ad-common (2.9.4-1ubuntu1) ... 758s Selecting previously unselected package sssd-krb5-common. 758s Preparing to unpack .../36-sssd-krb5-common_2.9.4-1ubuntu1_arm64.deb ... 758s Unpacking sssd-krb5-common (2.9.4-1ubuntu1) ... 758s Selecting previously unselected package libsmbclient:arm64. 758s Preparing to unpack .../37-libsmbclient_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 758s Unpacking libsmbclient:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 758s Selecting previously unselected package sssd-ad. 758s Preparing to unpack .../38-sssd-ad_2.9.4-1ubuntu1_arm64.deb ... 758s Unpacking sssd-ad (2.9.4-1ubuntu1) ... 758s Selecting previously unselected package libipa-hbac0. 758s Preparing to unpack .../39-libipa-hbac0_2.9.4-1ubuntu1_arm64.deb ... 758s Unpacking libipa-hbac0 (2.9.4-1ubuntu1) ... 758s Selecting previously unselected package sssd-ipa. 758s Preparing to unpack .../40-sssd-ipa_2.9.4-1ubuntu1_arm64.deb ... 758s Unpacking sssd-ipa (2.9.4-1ubuntu1) ... 758s Selecting previously unselected package sssd-krb5. 758s Preparing to unpack .../41-sssd-krb5_2.9.4-1ubuntu1_arm64.deb ... 758s Unpacking sssd-krb5 (2.9.4-1ubuntu1) ... 758s Selecting previously unselected package sssd-ldap. 758s Preparing to unpack .../42-sssd-ldap_2.9.4-1ubuntu1_arm64.deb ... 758s Unpacking sssd-ldap (2.9.4-1ubuntu1) ... 758s Selecting previously unselected package sssd-proxy. 758s Preparing to unpack .../43-sssd-proxy_2.9.4-1ubuntu1_arm64.deb ... 758s Unpacking sssd-proxy (2.9.4-1ubuntu1) ... 758s Selecting previously unselected package sssd. 758s Preparing to unpack .../44-sssd_2.9.4-1ubuntu1_arm64.deb ... 758s Unpacking sssd (2.9.4-1ubuntu1) ... 758s Setting up libpwquality-common (1.4.5-3) ... 758s Setting up libpath-utils1:arm64 (0.6.2-2) ... 758s Setting up softhsm2-common (2.6.1-2.2) ... 759s 759s Creating config file /etc/softhsm/softhsm2.conf with new version 759s Setting up libnfsidmap1:arm64 (1:2.6.3-3ubuntu1) ... 759s Setting up libsss-idmap0 (2.9.4-1ubuntu1) ... 759s Setting up libbasicobjects0:arm64 (0.6.2-2) ... 759s Setting up libtdb1:arm64 (1.4.10-1) ... 759s Setting up libc-ares2:arm64 (1.27.0-1) ... 759s Setting up libwbclient0:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 759s Setting up libtalloc2:arm64 (2.4.2-1) ... 759s Setting up libdhash1:arm64 (0.6.2-2) ... 759s Setting up libtevent0:arm64 (0.16.1-1) ... 759s Setting up libavahi-common-data:arm64 (0.8-13ubuntu2) ... 759s Setting up libevent-2.1-7:arm64 (2.1.12-stable-9) ... 759s Setting up libcrack2:arm64 (2.9.6-5.1) ... 759s Setting up libcollection4:arm64 (0.6.2-2) ... 759s Setting up libipa-hbac0 (2.9.4-1ubuntu1) ... 759s Setting up libref-array1:arm64 (0.6.2-2) ... 759s Setting up libldb2:arm64 (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 759s Setting up libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 759s Setting up libnss-sss:arm64 (2.9.4-1ubuntu1) ... 759s Setting up libsofthsm2 (2.6.1-2.2) ... 759s Setting up softhsm2 (2.6.1-2.2) ... 759s Setting up libini-config5:arm64 (0.6.2-2) ... 759s Setting up libavahi-common3:arm64 (0.8-13ubuntu2) ... 759s Setting up python3-sss (2.9.4-1ubuntu1) ... 759s Setting up libsss-certmap0 (2.9.4-1ubuntu1) ... 759s Setting up libunbound8:arm64 (1.19.1-1ubuntu1) ... 759s Setting up libpwquality1:arm64 (1.4.5-3) ... 759s Setting up libavahi-client3:arm64 (0.8-13ubuntu2) ... 759s Setting up libgnutls-dane0:arm64 (3.8.3-1ubuntu1) ... 759s Setting up libpam-pwquality:arm64 (1.4.5-3) ... 759s Setting up samba-libs:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 759s Setting up libsmbclient:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 759s Setting up libpam-sss:arm64 (2.9.4-1ubuntu1) ... 759s Setting up gnutls-bin (3.8.3-1ubuntu1) ... 759s Setting up sssd-common (2.9.4-1ubuntu1) ... 759s Creating SSSD system user & group... 759s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 759s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 760s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 760s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 760s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 760s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 760s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 760s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 761s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 761s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 761s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 762s sssd-autofs.service is a disabled or a static unit, not starting it. 762s sssd-nss.service is a disabled or a static unit, not starting it. 762s sssd-pam.service is a disabled or a static unit, not starting it. 762s sssd-ssh.service is a disabled or a static unit, not starting it. 762s sssd-sudo.service is a disabled or a static unit, not starting it. 762s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 762s Setting up sssd-proxy (2.9.4-1ubuntu1) ... 762s Setting up sssd-ad-common (2.9.4-1ubuntu1) ... 762s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 763s sssd-pac.service is a disabled or a static unit, not starting it. 763s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 763s Setting up sssd-krb5-common (2.9.4-1ubuntu1) ... 763s Setting up sssd-krb5 (2.9.4-1ubuntu1) ... 763s Setting up sssd-ldap (2.9.4-1ubuntu1) ... 763s Setting up sssd-ad (2.9.4-1ubuntu1) ... 763s Setting up sssd-ipa (2.9.4-1ubuntu1) ... 763s Setting up sssd (2.9.4-1ubuntu1) ... 763s Setting up autopkgtest-satdep (0) ... 763s Processing triggers for man-db (2.12.0-3) ... 764s Processing triggers for libc-bin (2.39-0ubuntu2) ... 768s (Reading database ... 74906 files and directories currently installed.) 768s Removing autopkgtest-satdep (0) ... 774s autopkgtest [15:30:47]: test sssd-softhism2-certificates-tests.sh: [----------------------- 774s + '[' -z ubuntu ']' 774s + required_tools=(p11tool openssl softhsm2-util) 774s + for cmd in "${required_tools[@]}" 774s + command -v p11tool 774s + for cmd in "${required_tools[@]}" 774s + command -v openssl 774s + for cmd in "${required_tools[@]}" 774s + command -v softhsm2-util 774s + PIN=053350 774s +++ find /usr/lib/softhsm/libsofthsm2.so 774s +++ head -n 1 774s ++ realpath /usr/lib/softhsm/libsofthsm2.so 774s + SOFTHSM2_MODULE=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 774s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 774s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 774s + '[' '!' -v NO_SSSD_TESTS ']' 774s + '[' '!' -x /usr/libexec/sssd/p11_child ']' 774s + ca_db_arg=ca_db 774s ++ /usr/libexec/sssd/p11_child --help 774s + p11_child_help='Usage: p11_child [OPTION...] 774s -d, --debug-level=INT Debug level 774s --debug-timestamps=INT Add debug timestamps 774s --debug-microseconds=INT Show timestamps with microseconds 774s --dumpable=INT Allow core dumps 774s --debug-fd=INT An open file descriptor for the debug 774s logs 774s --logger=stderr|files|journald Set logger 774s --auth Run in auth mode 774s --pre Run in pre-auth mode 774s --wait_for_card Wait until card is available 774s --verification Run in verification mode 774s --pin Expect PIN on stdin 774s --keypad Expect PIN on keypad 774s --verify=STRING Tune validation 774s --ca_db=STRING CA DB to use 774s --module_name=STRING Module name for authentication 774s --token_name=STRING Token name for authentication 774s --key_id=STRING Key ID for authentication 774s --label=STRING Label for authentication 774s --certificate=STRING certificate to verify, base64 encoded 774s --uri=STRING PKCS#11 URI to restrict selection 774s --chain-id=LONG Tevent chain ID used for logging 774s purposes 774s 774s Help options: 774s -?, --help Show this help message 774s --usage Display brief usage message' 774s + echo 'Usage: p11_child [OPTION...] 774s -d, --debug-level=INT Debug level 774s --debug-timestamps=INT Add debug timestamps 774s --debug-microseconds=INT Show timestamps with microseconds 774s --dumpable=INT Allow core dumps 774s --debug-fd=INT An open file descriptor for the debug 774s logs 774s --logger=stderr|files|journald Set logger 774s --auth Run in auth mode 774s --pre Run in pre-auth mode 774s --wait_for_card Wait until card is available 774s --verification Run in verification mode 774s --pin Expect PIN on stdin 774s --keypad Expect PIN on keypad 774s --verify=STRING Tune validation 774s --ca_db=STRING CA DB to use 774s --module_name=STRING Module name for authentication 774s --token_name=STRING Token name for authentication 774s --key_id=STRING Key ID for authentication 774s --label=STRING Label for authentication 774s --certificate=STRING certificate to verify, base64 encoded 774s --uri=STRING PKCS#11 URI to restrict selection 774s --chain-id=LONG Tevent chain ID used for logging 774s purposes 774s 774s Help options: 774s -?, --help Show this help message 774s --usage Display brief usage message' 774s + grep nssdb -qs 774s + echo 'Usage: p11_child [OPTION...] 774s -d, --debug-level=INT Debug level 774s --debug-timestamps=INT Add debug timestamps 774s --debug-microseconds=INT Show timestamps with microseconds 774s --dumpable=INT Allow core dumps 774s --debug-fd=INT An open file descriptor for the debug 774s logs 774s --logger=stderr|files|journald Set logger 774s --auth Run in auth mode 774s --pre Run in pre-auth mode 774s --wait_for_card Wait until card is available 774s --verification Run in verification mode 774s --pin Expect PIN on stdin 774s --keypad Expect PIN on keypad 774s --verify=STRING Tune validation 774s --ca_db=STRING CA DB to use 774s --module_name=STRING Module name for authentication 774s --token_name=STRING Token name for authentication 774s --key_id=STRING Key ID for authentication 774s --label=STRING Label for authentication 774s --certificate=STRING certificate to verify, base64 encoded 774s --uri=STRING PKCS#11 URI to restrict selection 774s --chain-id=LONG Tevent chain ID used for logging 774s purposes 774s 774s Help options: 774s -?, --help Show this help message 774s --usage Display brief usage message' 774s + grep -qs -- --ca_db 774s + '[' '!' -e /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so ']' 774s ++ mktemp -d -t sssd-softhsm2-XXXXXX 774s + tmpdir=/tmp/sssd-softhsm2-18HdP2 774s + keys_size=1024 774s + [[ ! -v KEEP_TEMPORARY_FILES ]] 774s + trap 'rm -rf "$tmpdir"' EXIT 774s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 774s + echo -n 01 774s + touch /tmp/sssd-softhsm2-18HdP2/index.txt 774s + mkdir -p /tmp/sssd-softhsm2-18HdP2/new_certs 774s + cat 774s + root_ca_key_pass=pass:random-root-CA-password-2133 774s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-18HdP2/test-root-CA-key.pem -passout pass:random-root-CA-password-2133 1024 774s + openssl req -passin pass:random-root-CA-password-2133 -batch -config /tmp/sssd-softhsm2-18HdP2/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-18HdP2/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-18HdP2/test-root-CA.pem 774s + openssl x509 -noout -in /tmp/sssd-softhsm2-18HdP2/test-root-CA.pem 774s + cat 774s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-3959 774s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-3959 1024 774s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-3959 -config /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.config -key /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-2133 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-certificate-request.pem 774s + openssl req -text -noout -in /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-certificate-request.pem 774s Certificate Request: 774s Data: 774s Version: 1 (0x0) 774s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 774s Subject Public Key Info: 774s Public Key Algorithm: rsaEncryption 774s Public-Key: (1024 bit) 774s Modulus: 774s 00:d2:3b:31:1a:8c:8f:1c:d3:3a:40:ac:ef:de:e4: 774s f8:42:68:cf:e6:cd:65:1c:7f:be:9e:5b:a8:cd:fc: 774s 69:99:14:af:23:29:9e:f8:6d:23:20:4b:50:6a:79: 774s 46:40:15:c6:91:68:41:23:bc:6e:cf:fc:a0:dd:a0: 774s b0:60:9e:e2:f7:3c:29:9f:89:47:24:8b:a8:d1:df: 774s f7:01:08:48:96:39:98:93:9e:69:0c:5b:25:8a:8f: 774s ca:06:c5:af:74:b2:03:ba:e2:a0:02:8f:f8:1f:4a: 774s 49:41:26:23:4b:bc:f0:5d:2f:5a:41:2c:ea:02:87: 774s b7:55:41:9e:5d:95:2d:40:ff 774s Exponent: 65537 (0x10001) 774s Attributes: 774s (none) 774s Requested Extensions: 774s Signature Algorithm: sha256WithRSAEncryption 774s Signature Value: 774s d1:f3:da:b3:a7:a1:13:0a:18:a0:b0:99:64:29:f1:f9:ab:a9: 774s 4e:d0:7c:a5:0c:b0:1a:f5:e1:6d:df:4d:de:b1:3b:1d:a4:f4: 774s e2:7d:e2:13:dd:85:d0:ec:4d:51:9f:07:59:7a:2a:5d:af:9c: 774s 43:39:26:01:24:d7:75:ed:d2:3f:3d:5d:94:f1:0c:19:8d:5f: 774s 49:db:ff:74:05:71:14:c0:38:98:e4:2f:da:bc:19:8e:2b:61: 774s b0:ba:9d:c1:1e:da:6a:d6:2e:3f:ec:9f:e0:98:79:6e:80:9d: 774s d4:d6:cf:4e:ae:3b:00:84:dd:a6:09:c2:44:01:3e:e0:eb:8a: 774s 43:45 774s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-18HdP2/test-root-CA.config -passin pass:random-root-CA-password-2133 -keyfile /tmp/sssd-softhsm2-18HdP2/test-root-CA-key.pem -in /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem 774s Using configuration from /tmp/sssd-softhsm2-18HdP2/test-root-CA.config 774s Check that the request matches the signature 774s Signature ok 774s Certificate Details: 774s Serial Number: 1 (0x1) 774s Validity 774s Not Before: Mar 9 15:30:47 2024 GMT 774s Not After : Mar 9 15:30:47 2025 GMT 774s Subject: 774s organizationName = Test Organization 774s organizationalUnitName = Test Organization Unit 774s commonName = Test Organization Intermediate CA 774s X509v3 extensions: 774s X509v3 Subject Key Identifier: 774s F4:85:17:14:EA:B5:70:25:A8:B6:D1:31:39:8E:41:7C:A7:7F:AD:A8 774s X509v3 Authority Key Identifier: 774s keyid:72:47:FA:73:41:85:91:0A:EB:E9:86:71:A6:CD:99:06:13:13:D9:05 774s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 774s serial:00 774s X509v3 Basic Constraints: 774s CA:TRUE 774s X509v3 Key Usage: critical 774s Digital Signature, Certificate Sign, CRL Sign 774s Certificate is to be certified until Mar 9 15:30:47 2025 GMT (365 days) 774s 774s Write out database with 1 new entries 774s Database updated 774s + openssl x509 -noout -in /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem 774s + openssl verify -CAfile /tmp/sssd-softhsm2-18HdP2/test-root-CA.pem /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem 774s /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem: OK 774s + cat 774s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-10653 774s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-10653 1024 774s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-10653 -config /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-3959 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-certificate-request.pem 774s + openssl req -text -noout -in /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-certificate-request.pem 774s Certificate Request: 774s Data: 774s Version: 1 (0x0) 774s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 774s Subject Public Key Info: 774s Public Key Algorithm: rsaEncryption 774s Public-Key: (1024 bit) 774s Modulus: 774s 00:be:67:ce:eb:42:15:c4:b9:8a:31:01:18:ab:85: 774s d9:22:1f:c3:13:89:75:f5:55:ec:6a:c5:14:bb:16: 774s b9:0b:58:92:17:92:33:4a:7b:f5:14:f2:50:bb:ca: 774s 80:9f:2c:63:61:23:b5:74:1e:ad:34:d8:19:03:af: 774s a1:0b:d7:68:58:57:51:c9:e0:99:39:e9:91:cb:4b: 774s 2c:bd:c4:9c:8b:60:54:3f:57:fd:e3:ef:9d:14:e4: 774s d8:1d:aa:ca:b3:14:15:7e:d7:07:09:fa:a5:29:d0: 774s fb:25:4e:c5:04:cc:c9:e2:35:b2:ac:52:b3:11:fb: 774s 12:fd:d0:cb:62:a2:f2:77:25 774s Exponent: 65537 (0x10001) 774s Attributes: 774s (none) 774s Requested Extensions: 774s Signature Algorithm: sha256WithRSAEncryption 774s Signature Value: 774s 12:b4:52:38:f4:3c:24:b6:ae:51:a5:de:73:64:15:4a:06:b7: 774s 0b:f7:b2:1e:b3:01:92:89:9d:b6:b8:ec:c6:57:f9:46:f0:37: 774s 75:57:88:91:fe:96:e0:5f:87:1c:53:44:70:af:9c:d4:43:f2: 774s 01:f8:8f:57:69:fa:c4:c3:44:3c:c2:87:b8:5a:74:e9:46:96: 774s 1c:61:0c:c0:29:e4:a9:14:fa:82:f9:1d:c8:cc:f0:3c:21:14: 774s 95:8a:37:1b:69:17:34:b6:1e:63:09:e9:65:1b:aa:f1:8a:2d: 774s 27:1c:ec:52:75:63:38:5f:23:9e:28:07:3c:79:c3:22:e2:07: 774s f1:e9 774s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-3959 -keyfile /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.pem 774s Using configuration from /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.config 774s Check that the request matches the signature 774s Signature ok 774s Certificate Details: 774s Serial Number: 2 (0x2) 774s Validity 774s Not Before: Mar 9 15:30:47 2024 GMT 774s Not After : Mar 9 15:30:47 2025 GMT 774s Subject: 774s organizationName = Test Organization 774s organizationalUnitName = Test Organization Unit 774s commonName = Test Organization Sub Intermediate CA 774s X509v3 extensions: 774s X509v3 Subject Key Identifier: 774s 9E:95:F0:D7:78:98:86:03:E8:94:BE:39:09:08:5B:DE:DA:78:74:13 774s X509v3 Authority Key Identifier: 774s keyid:F4:85:17:14:EA:B5:70:25:A8:B6:D1:31:39:8E:41:7C:A7:7F:AD:A8 774s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 774s serial:01 774s X509v3 Basic Constraints: 774s CA:TRUE 774s X509v3 Key Usage: critical 774s Digital Signature, Certificate Sign, CRL Sign 774s Certificate is to be certified until Mar 9 15:30:47 2025 GMT (365 days) 774s 774s Write out database with 1 new entries 774s Database updated 774s + openssl x509 -noout -in /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.pem 774s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.pem 774s /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.pem: OK 774s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-18HdP2/test-root-CA.pem /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.pem 774s + local cmd=openssl 774s + shift 774s + openssl verify -CAfile /tmp/sssd-softhsm2-18HdP2/test-root-CA.pem /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.pem 774s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 774s error 20 at 0 depth lookup: unable to get local issuer certificate 774s error /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.pem: verification failed 774s + cat 774s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-29605 774s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-29605 1024 774s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-29605 -key /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001-request.pem 774s + openssl req -text -noout -in /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001-request.pem 774s Certificate Request: 774s Data: 774s Version: 1 (0x0) 774s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 774s Subject Public Key Info: 774s Public Key Algorithm: rsaEncryption 774s Public-Key: (1024 bit) 774s Modulus: 774s 00:b7:48:a0:4b:6d:4e:9b:03:b1:34:c1:dd:64:a5: 774s 08:48:f6:de:a9:e2:41:7d:ec:43:cf:65:df:b5:6a: 774s 69:dd:af:2d:15:48:48:0b:f5:ea:67:1b:f3:e7:b4: 774s e3:74:e8:16:52:ef:ef:d9:3e:86:f8:dd:e8:5a:fc: 774s 69:2a:d4:94:42:ba:5c:78:93:47:af:a0:7c:d8:ef: 774s 5d:fb:32:88:7f:05:67:f4:31:e0:9a:0c:0a:c2:59: 774s 5b:98:37:2d:93:1b:d4:18:ab:67:6e:55:da:2c:0e: 774s 61:60:f4:29:d1:fa:14:15:d2:8e:02:4f:67:77:e3: 774s bc:e8:5e:d0:ec:00:43:80:b3 774s Exponent: 65537 (0x10001) 774s Attributes: 774s Requested Extensions: 774s X509v3 Basic Constraints: 774s CA:FALSE 774s Netscape Cert Type: 774s SSL Client, S/MIME 774s Netscape Comment: 774s Test Organization Root CA trusted Certificate 774s X509v3 Subject Key Identifier: 774s 11:11:59:9C:DD:F9:39:9B:A4:5A:D6:73:52:3E:BF:DE:C5:63:BC:67 774s X509v3 Key Usage: critical 774s Digital Signature, Non Repudiation, Key Encipherment 774s X509v3 Extended Key Usage: 774s TLS Web Client Authentication, E-mail Protection 774s X509v3 Subject Alternative Name: 774s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 774s Signature Algorithm: sha256WithRSAEncryption 774s Signature Value: 774s 7f:d7:50:b1:e7:d8:d6:62:da:d9:3b:dc:d3:ab:33:8d:6a:71: 774s 77:ed:e6:e6:88:21:cf:5d:44:b2:c9:13:76:ca:9c:2b:a4:d0: 774s bf:56:4a:e7:bc:bc:01:a3:5e:69:cd:ed:0f:44:b9:e0:c4:27: 774s cf:f0:18:5f:bd:ba:bb:33:40:e2:aa:e6:20:b2:d1:03:5d:7f: 774s b0:24:5f:30:5a:0c:9c:f6:2e:65:ff:97:4b:42:80:62:40:e7: 774s 29:90:4d:af:3a:92:13:e0:dc:67:67:f2:1d:24:93:7f:65:72: 774s 23:7f:81:f9:9d:28:45:b1:63:82:61:64:88:9c:3c:d9:93:05: 774s 49:07 774s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-18HdP2/test-root-CA.config -passin pass:random-root-CA-password-2133 -keyfile /tmp/sssd-softhsm2-18HdP2/test-root-CA-key.pem -in /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 774s Using configuration from /tmp/sssd-softhsm2-18HdP2/test-root-CA.config 774s Check that the request matches the signature 774s Signature ok 774s Certificate Details: 774s Serial Number: 3 (0x3) 774s Validity 774s Not Before: Mar 9 15:30:47 2024 GMT 774s Not After : Mar 9 15:30:47 2025 GMT 774s Subject: 774s organizationName = Test Organization 774s organizationalUnitName = Test Organization Unit 774s commonName = Test Organization Root Trusted Certificate 0001 774s X509v3 extensions: 774s X509v3 Authority Key Identifier: 774s 72:47:FA:73:41:85:91:0A:EB:E9:86:71:A6:CD:99:06:13:13:D9:05 774s X509v3 Basic Constraints: 774s CA:FALSE 774s Netscape Cert Type: 774s SSL Client, S/MIME 774s Netscape Comment: 774s Test Organization Root CA trusted Certificate 774s X509v3 Subject Key Identifier: 774s 11:11:59:9C:DD:F9:39:9B:A4:5A:D6:73:52:3E:BF:DE:C5:63:BC:67 774s X509v3 Key Usage: critical 774s Digital Signature, Non Repudiation, Key Encipherment 774s X509v3 Extended Key Usage: 774s TLS Web Client Authentication, E-mail Protection 774s X509v3 Subject Alternative Name: 774s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 774s Certificate is to be certified until Mar 9 15:30:47 2025 GMT (365 days) 774s 774s Write out database with 1 new entries 774s Database updated 774s + openssl x509 -noout -in /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 774s + openssl verify -CAfile /tmp/sssd-softhsm2-18HdP2/test-root-CA.pem /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 774s /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem: OK 774s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 774s + local cmd=openssl 774s + shift 774s + openssl verify -CAfile /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 774s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 774s error 20 at 0 depth lookup: unable to get local issuer certificate 774s error /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem: verification failed 774s + cat 774s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-20647 774s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-20647 1024 775s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-20647 -key /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001-request.pem 775s + openssl req -text -noout -in /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001-request.pem 775s Certificate Request: 775s Data: 775s Version: 1 (0x0) 775s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 775s Subject Public Key Info: 775s Public Key Algorithm: rsaEncryption 775s Public-Key: (1024 bit) 775s Modulus: 775s 00:da:7f:32:1c:8d:b6:21:0a:be:29:aa:10:ca:e7: 775s f6:b2:68:34:f2:ba:19:83:3e:c4:d7:7b:a3:dd:7a: 775s 46:77:e9:00:45:bc:0b:4b:e7:ce:2e:0a:44:54:3a: 775s 6d:ea:1a:84:6c:79:b1:db:6b:6c:58:21:f2:8f:80: 775s 5e:00:f9:78:b6:2f:34:b1:89:4e:46:04:85:fc:86: 775s 6c:cf:3b:bc:aa:c5:d5:4f:59:d0:cc:a7:b2:61:ad: 775s d2:7f:e9:14:e3:fe:78:48:12:d7:ed:90:fb:9a:c6: 775s 36:66:9b:e2:d8:ce:07:27:45:4f:97:ad:6a:d6:ef: 775s 4b:d0:a2:26:95:41:b1:1e:13 775s Exponent: 65537 (0x10001) 775s Attributes: 775s Requested Extensions: 775s X509v3 Basic Constraints: 775s CA:FALSE 775s Netscape Cert Type: 775s SSL Client, S/MIME 775s Netscape Comment: 775s Test Organization Intermediate CA trusted Certificate 775s X509v3 Subject Key Identifier: 775s FA:EB:79:BE:59:67:21:8D:D5:D4:04:55:CF:42:26:D9:D4:EF:3D:83 775s X509v3 Key Usage: critical 775s Digital Signature, Non Repudiation, Key Encipherment 775s X509v3 Extended Key Usage: 775s TLS Web Client Authentication, E-mail Protection 775s X509v3 Subject Alternative Name: 775s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 775s Signature Algorithm: sha256WithRSAEncryption 775s Signature Value: 775s 2f:53:49:26:e4:04:20:07:b6:13:b1:d6:7a:bd:dd:05:eb:4f: 775s 7e:81:c4:f4:61:f5:0e:c9:17:33:91:e9:e9:69:49:f9:88:55: 775s 4c:a3:e9:90:c7:31:35:38:ba:7e:60:f8:c1:03:9b:be:dc:9f: 775s 91:c9:7a:90:14:29:9e:ff:b9:f9:98:7e:a9:de:3e:81:fb:f7: 775s 2e:fe:e4:c1:d0:b9:bb:e0:79:4b:e9:a6:eb:25:de:b4:8c:b1: 775s ef:f5:b0:40:ae:b3:5a:14:6d:16:26:48:7d:88:a8:09:7e:9c: 775s c3:c6:2f:aa:e8:f7:8a:79:46:db:da:aa:04:aa:9c:65:0a:61: 775s b6:0f 775s + openssl ca -passin pass:random-intermediate-CA-password-3959 -config /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 775s Using configuration from /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.config 775s Check that the request matches the signature 775s Signature ok 775s Certificate Details: 775s Serial Number: 4 (0x4) 775s Validity 775s Not Before: Mar 9 15:30:47 2024 GMT 775s Not After : Mar 9 15:30:47 2025 GMT 775s Subject: 775s organizationName = Test Organization 775s organizationalUnitName = Test Organization Unit 775s commonName = Test Organization Intermediate Trusted Certificate 0001 775s X509v3 extensions: 775s X509v3 Authority Key Identifier: 775s F4:85:17:14:EA:B5:70:25:A8:B6:D1:31:39:8E:41:7C:A7:7F:AD:A8 775s X509v3 Basic Constraints: 775s CA:FALSE 775s Netscape Cert Type: 775s SSL Client, S/MIME 775s Netscape Comment: 775s Test Organization Intermediate CA trusted Certificate 775s X509v3 Subject Key Identifier: 775s FA:EB:79:BE:59:67:21:8D:D5:D4:04:55:CF:42:26:D9:D4:EF:3D:83 775s X509v3 Key Usage: critical 775s Digital Signature, Non Repudiation, Key Encipherment 775s X509v3 Extended Key Usage: 775s TLS Web Client Authentication, E-mail Protection 775s X509v3 Subject Alternative Name: 775s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 775s Certificate is to be certified until Mar 9 15:30:47 2025 GMT (365 days) 775s 775s Write out database with 1 new entries 775s Database updated 775s + openssl x509 -noout -in /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 775s + echo 'This certificate should not be trusted fully' 775s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 775s + local cmd=openssl 775s + shift 775s + openssl verify -CAfile /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 775s This certificate should not be trusted fully 775s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 775s error 2 at 1 depth lookup: unable to get issuer certificate 775s error /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 775s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 775s /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem: OK 775s + cat 775s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-183 775s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-183 1024 775s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-183 -key /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 775s + openssl req -text -noout -in /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 775s Certificate Request: 775s Data: 775s Version: 1 (0x0) 775s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 775s Subject Public Key Info: 775s Public Key Algorithm: rsaEncryption 775s Public-Key: (1024 bit) 775s Modulus: 775s 00:9b:66:5e:36:2e:e8:df:31:8e:81:d3:69:fa:fc: 775s d2:e0:96:4d:26:1b:6f:f0:ec:0c:da:86:2a:86:31: 775s 8a:57:02:89:23:60:c6:fd:cb:f1:9c:32:9e:7a:e0: 775s bd:cb:c2:cb:18:0b:cb:09:9d:b3:c3:62:27:55:f9: 775s 95:51:55:74:1e:4f:0a:9d:16:70:9c:97:7f:8e:b7: 775s 73:fa:f9:69:80:bd:a0:cf:62:f0:4c:bc:d7:de:ed: 775s e7:1b:9d:43:ff:40:ee:32:aa:d8:7b:75:7e:84:5f: 775s 80:78:51:30:51:c9:85:bc:b0:af:0c:bb:5d:d3:10: 775s 51:ad:f5:6c:21:56:7f:b1:55 775s Exponent: 65537 (0x10001) 775s Attributes: 775s Requested Extensions: 775s X509v3 Basic Constraints: 775s CA:FALSE 775s Netscape Cert Type: 775s SSL Client, S/MIME 775s Netscape Comment: 775s Test Organization Sub Intermediate CA trusted Certificate 775s X509v3 Subject Key Identifier: 775s BF:C3:C8:8F:D6:41:1F:A0:6D:5D:29:21:EB:76:DB:D2:72:29:5F:23 775s X509v3 Key Usage: critical 775s Digital Signature, Non Repudiation, Key Encipherment 775s X509v3 Extended Key Usage: 775s TLS Web Client Authentication, E-mail Protection 775s X509v3 Subject Alternative Name: 775s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 775s Signature Algorithm: sha256WithRSAEncryption 775s Signature Value: 775s 81:7c:3e:22:9d:5c:14:b8:31:1c:e0:f4:d3:3d:af:8f:07:8a: 775s 9d:91:31:d5:0e:b5:16:43:ec:f7:fc:98:e8:67:db:aa:f5:0d: 775s 70:de:14:cb:18:c2:66:30:8e:18:fa:66:6a:87:98:52:8d:09: 775s 83:ac:ef:f3:7e:03:95:a4:46:81:b4:f3:6b:a9:08:e2:7d:18: 775s aa:cd:59:ab:01:b3:d4:da:df:e9:66:fb:c3:97:8a:b6:4a:06: 775s 4d:91:08:55:ca:61:01:1c:6c:05:60:4a:8b:5e:d8:c1:bd:38: 775s a5:b8:49:21:45:18:22:65:08:cf:89:3c:80:21:25:7d:52:df: 775s 8b:6b 775s + openssl ca -passin pass:random-sub-intermediate-CA-password-10653 -config /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 775s Using configuration from /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.config 775s Check that the request matches the signature 775s Signature ok 775s Certificate Details: 775s Serial Number: 5 (0x5) 775s Validity 775s Not Before: Mar 9 15:30:47 2024 GMT 775s Not After : Mar 9 15:30:47 2025 GMT 775s Subject: 775s organizationName = Test Organization 775s organizationalUnitName = Test Organization Unit 775s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 775s X509v3 extensions: 775s X509v3 Authority Key Identifier: 775s 9E:95:F0:D7:78:98:86:03:E8:94:BE:39:09:08:5B:DE:DA:78:74:13 775s X509v3 Basic Constraints: 775s CA:FALSE 775s Netscape Cert Type: 775s SSL Client, S/MIME 775s Netscape Comment: 775s Test Organization Sub Intermediate CA trusted Certificate 775s X509v3 Subject Key Identifier: 775s BF:C3:C8:8F:D6:41:1F:A0:6D:5D:29:21:EB:76:DB:D2:72:29:5F:23 775s X509v3 Key Usage: critical 775s Digital Signature, Non Repudiation, Key Encipherment 775s X509v3 Extended Key Usage: 775s TLS Web Client Authentication, E-mail Protection 775s X509v3 Subject Alternative Name: 775s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 775s Certificate is to be certified until Mar 9 15:30:47 2025 GMT (365 days) 775s 775s Write out database with 1 new entries 775s Database updated 775s + openssl x509 -noout -in /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 775s This certificate should not be trusted fully 775s + echo 'This certificate should not be trusted fully' 775s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 775s + local cmd=openssl 775s + shift 775s + openssl verify -CAfile /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 775s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 775s error 2 at 1 depth lookup: unable to get issuer certificate 775s error /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 775s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 775s + local cmd=openssl 775s + shift 775s + openssl verify -CAfile /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 775s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 775s error 20 at 0 depth lookup: unable to get local issuer certificate 775s error /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 775s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 775s /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 775s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 775s + local cmd=openssl 775s + shift 775s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 775s Building a the full-chain CA file... 775s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 775s error 20 at 0 depth lookup: unable to get local issuer certificate 775s error /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 775s + echo 'Building a the full-chain CA file...' 775s + cat /tmp/sssd-softhsm2-18HdP2/test-root-CA.pem /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.pem 775s + cat /tmp/sssd-softhsm2-18HdP2/test-root-CA.pem /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem 775s + cat /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.pem 775s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem 775s + openssl pkcs7 -print_certs -noout 775s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 775s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 775s 775s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 775s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 775s 775s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 775s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 775s 775s + openssl verify -CAfile /tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem 775s /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem: OK 775s + openssl verify -CAfile /tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 775s /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem: OK 775s + openssl verify -CAfile /tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 775s /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem: OK 775s + openssl verify -CAfile /tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem /tmp/sssd-softhsm2-18HdP2/test-root-intermediate-chain-CA.pem 775s /tmp/sssd-softhsm2-18HdP2/test-root-intermediate-chain-CA.pem: OK 775s + openssl verify -CAfile /tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 775s /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 775s + echo 'Certificates generation completed!' 775s + [[ -v NO_SSSD_TESTS ]] 775s Certificates generation completed! 775s + invalid_certificate /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 /dev/null 775s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 /dev/null 775s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 775s + local key_pass=pass:random-root-ca-trusted-cert-0001-29605 775s + local key_ring=/dev/null 775s + local verify_option= 775s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 775s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 775s + local key_pass=pass:random-root-ca-trusted-cert-0001-29605 775s + local key_cn 775s + local key_name 775s + local tokens_dir 775s + local output_cert_file 775s + token_name= 775s ++ basename /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem .pem 775s + key_name=test-root-CA-trusted-certificate-0001 775s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 775s ++ sed -n 's/ *commonName *= //p' 775s + key_cn='Test Organization Root Trusted Certificate 0001' 775s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 775s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf 775s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf 775s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 775s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001 775s + token_name='Test Organization Root Tr Token' 775s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 775s + local key_file 775s + local decrypted_key 775s + mkdir -p /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001 775s + key_file=/tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001-key.pem 775s + decrypted_key=/tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001-key-decrypted.pem 775s + cat 775s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 053350 --so-pin 053350 --free 775s Slot 0 has a free/uninitialized token. 775s The token has been initialized and is reassigned to slot 441196798 775s + softhsm2-util --show-slots 775s Available slots: 775s Slot 441196798 775s Slot info: 775s Description: SoftHSM slot ID 0x1a4c20fe 775s Manufacturer ID: SoftHSM project 775s Hardware version: 2.6 775s Firmware version: 2.6 775s Token present: yes 775s Token info: 775s Manufacturer ID: SoftHSM project 775s Model: SoftHSM v2 775s Hardware version: 2.6 775s Firmware version: 2.6 775s Serial number: 38c027341a4c20fe 775s Initialized: yes 775s User PIN init.: yes 775s Label: Test Organization Root Tr Token 775s Slot 1 775s Slot info: 775s Description: SoftHSM slot ID 0x1 775s Manufacturer ID: SoftHSM project 775s Hardware version: 2.6 775s Firmware version: 2.6 775s Token present: yes 775s Token info: 775s Manufacturer ID: SoftHSM project 775s Model: SoftHSM v2 775s Hardware version: 2.6 775s Firmware version: 2.6 775s Serial number: 775s Initialized: no 775s User PIN init.: no 775s Label: 775s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 775s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-29605 -in /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001-key-decrypted.pem 775s writing RSA key 775s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 775s + rm /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001-key-decrypted.pem 775s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 775s Object 0: 775s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=38c027341a4c20fe;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 775s Type: X.509 Certificate (RSA-1024) 775s Expires: Sun Mar 9 15:30:47 2025 775s Label: Test Organization Root Trusted Certificate 0001 775s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 775s 775s + echo 'Test Organization Root Tr Token' 775s Test Organization Root Tr Token 775s + '[' -n '' ']' 775s + local output_base_name=SSSD-child-17467 775s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-17467.output 775s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-17467.pem 775s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 775s [p11_child[2012]] [main] (0x0400): p11_child started. 775s [p11_child[2012]] [main] (0x2000): Running in [pre-auth] mode. 775s [p11_child[2012]] [main] (0x2000): Running with effective IDs: [0][0]. 775s [p11_child[2012]] [main] (0x2000): Running with real IDs [0][0]. 775s [p11_child[2012]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 775s [p11_child[2012]] [do_work] (0x0040): init_verification failed. 775s [p11_child[2012]] [main] (0x0020): p11_child failed (5) 775s + return 2 775s + valid_certificate /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 /dev/null no_verification 775s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 /dev/null no_verification 775s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 775s + local key_pass=pass:random-root-ca-trusted-cert-0001-29605 775s + local key_ring=/dev/null 775s + local verify_option=no_verification 775s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 775s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 775s + local key_pass=pass:random-root-ca-trusted-cert-0001-29605 775s + local key_cn 775s + local key_name 775s + local tokens_dir 775s + local output_cert_file 775s + token_name= 775s ++ basename /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem .pem 775s + key_name=test-root-CA-trusted-certificate-0001 775s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 775s ++ sed -n 's/ *commonName *= //p' 775s + key_cn='Test Organization Root Trusted Certificate 0001' 775s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 775s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf 775s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf 775s Test Organization Root Tr Token 775s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 775s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001 775s + token_name='Test Organization Root Tr Token' 775s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 775s + '[' '!' -d /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001 ']' 775s + echo 'Test Organization Root Tr Token' 775s + '[' -n no_verification ']' 775s + local verify_arg=--verify=no_verification 775s + local output_base_name=SSSD-child-5618 775s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-5618.output 775s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-5618.pem 775s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 775s [p11_child[2018]] [main] (0x0400): p11_child started. 775s [p11_child[2018]] [main] (0x2000): Running in [pre-auth] mode. 775s [p11_child[2018]] [main] (0x2000): Running with effective IDs: [0][0]. 775s [p11_child[2018]] [main] (0x2000): Running with real IDs [0][0]. 775s [p11_child[2018]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 775s [p11_child[2018]] [do_card] (0x4000): Module List: 775s [p11_child[2018]] [do_card] (0x4000): common name: [softhsm2]. 775s [p11_child[2018]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 775s [p11_child[2018]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1a4c20fe] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 775s [p11_child[2018]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 775s [p11_child[2018]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x1a4c20fe][441196798] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 775s [p11_child[2018]] [do_card] (0x4000): Login NOT required. 775s [p11_child[2018]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 775s [p11_child[2018]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 775s [p11_child[2018]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x1a4c20fe;slot-manufacturer=SoftHSM%20project;slot-id=441196798;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=38c027341a4c20fe;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 775s [p11_child[2018]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 775s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-5618.output 775s + echo '-----BEGIN CERTIFICATE-----' 775s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-5618.output 775s + echo '-----END CERTIFICATE-----' 775s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-5618.pem 775s Certificate: 775s Data: 775s Version: 3 (0x2) 775s Serial Number: 3 (0x3) 775s Signature Algorithm: sha256WithRSAEncryption 775s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 775s Validity 775s Not Before: Mar 9 15:30:47 2024 GMT 775s Not After : Mar 9 15:30:47 2025 GMT 775s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 775s Subject Public Key Info: 775s Public Key Algorithm: rsaEncryption 775s Public-Key: (1024 bit) 775s Modulus: 775s 00:b7:48:a0:4b:6d:4e:9b:03:b1:34:c1:dd:64:a5: 775s 08:48:f6:de:a9:e2:41:7d:ec:43:cf:65:df:b5:6a: 775s 69:dd:af:2d:15:48:48:0b:f5:ea:67:1b:f3:e7:b4: 775s e3:74:e8:16:52:ef:ef:d9:3e:86:f8:dd:e8:5a:fc: 775s 69:2a:d4:94:42:ba:5c:78:93:47:af:a0:7c:d8:ef: 775s 5d:fb:32:88:7f:05:67:f4:31:e0:9a:0c:0a:c2:59: 775s 5b:98:37:2d:93:1b:d4:18:ab:67:6e:55:da:2c:0e: 775s 61:60:f4:29:d1:fa:14:15:d2:8e:02:4f:67:77:e3: 775s bc:e8:5e:d0:ec:00:43:80:b3 775s Exponent: 65537 (0x10001) 775s X509v3 extensions: 775s X509v3 Authority Key Identifier: 775s 72:47:FA:73:41:85:91:0A:EB:E9:86:71:A6:CD:99:06:13:13:D9:05 775s X509v3 Basic Constraints: 775s CA:FALSE 775s Netscape Cert Type: 775s SSL Client, S/MIME 775s Netscape Comment: 775s Test Organization Root CA trusted Certificate 775s X509v3 Subject Key Identifier: 775s 11:11:59:9C:DD:F9:39:9B:A4:5A:D6:73:52:3E:BF:DE:C5:63:BC:67 775s X509v3 Key Usage: critical 775s Digital Signature, Non Repudiation, Key Encipherment 775s X509v3 Extended Key Usage: 775s TLS Web Client Authentication, E-mail Protection 775s X509v3 Subject Alternative Name: 775s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 775s Signature Algorithm: sha256WithRSAEncryption 775s Signature Value: 775s a5:9b:30:58:4c:e9:1e:af:bc:86:f9:81:e1:89:b1:79:f7:ac: 775s d7:fe:2c:5d:84:5c:50:d8:3c:a6:6d:1c:1c:45:6a:d2:75:57: 775s 22:b9:71:98:e0:9a:90:d2:2a:22:e3:bb:98:ac:87:50:67:b6: 775s 87:b7:d4:df:c9:33:df:ea:ec:08:3e:40:b1:3e:1d:9f:4b:ab: 775s aa:57:d3:e4:cc:01:d2:22:ef:1c:5b:ad:26:bf:ff:21:d3:3c: 775s a3:3a:03:d2:7e:63:5b:3b:b1:18:9b:6a:6d:d2:6c:98:74:ab: 775s 7d:ee:d8:b7:49:94:fb:3d:d3:92:de:d7:af:44:e4:87:70:d4: 775s c2:26 775s + local found_md5 expected_md5 775s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 775s + expected_md5=Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 775s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-5618.pem 775s + found_md5=Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 775s + '[' Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 '!=' Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 ']' 775s + output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-5618-auth.output 775s ++ basename /tmp/sssd-softhsm2-18HdP2/SSSD-child-5618-auth.output .output 775s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-5618-auth.pem 775s + echo -n 053350 775s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 775s [p11_child[2026]] [main] (0x0400): p11_child started. 775s [p11_child[2026]] [main] (0x2000): Running in [auth] mode. 775s [p11_child[2026]] [main] (0x2000): Running with effective IDs: [0][0]. 775s [p11_child[2026]] [main] (0x2000): Running with real IDs [0][0]. 775s [p11_child[2026]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 775s [p11_child[2026]] [do_card] (0x4000): Module List: 775s [p11_child[2026]] [do_card] (0x4000): common name: [softhsm2]. 775s [p11_child[2026]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 775s [p11_child[2026]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1a4c20fe] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 775s [p11_child[2026]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 775s [p11_child[2026]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x1a4c20fe][441196798] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 775s [p11_child[2026]] [do_card] (0x4000): Login required. 775s [p11_child[2026]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 775s [p11_child[2026]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 775s [p11_child[2026]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x1a4c20fe;slot-manufacturer=SoftHSM%20project;slot-id=441196798;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=38c027341a4c20fe;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 775s [p11_child[2026]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 775s [p11_child[2026]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 775s [p11_child[2026]] [do_card] (0x4000): Certificate verified and validated. 775s [p11_child[2026]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 775s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-5618-auth.output 775s + echo '-----BEGIN CERTIFICATE-----' 775s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-5618-auth.output 775s + echo '-----END CERTIFICATE-----' 775s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-5618-auth.pem 775s Certificate: 775s Data: 775s Version: 3 (0x2) 775s Serial Number: 3 (0x3) 775s Signature Algorithm: sha256WithRSAEncryption 775s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 775s Validity 775s Not Before: Mar 9 15:30:47 2024 GMT 775s Not After : Mar 9 15:30:47 2025 GMT 775s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 775s Subject Public Key Info: 775s Public Key Algorithm: rsaEncryption 775s Public-Key: (1024 bit) 775s Modulus: 775s 00:b7:48:a0:4b:6d:4e:9b:03:b1:34:c1:dd:64:a5: 775s 08:48:f6:de:a9:e2:41:7d:ec:43:cf:65:df:b5:6a: 775s 69:dd:af:2d:15:48:48:0b:f5:ea:67:1b:f3:e7:b4: 775s e3:74:e8:16:52:ef:ef:d9:3e:86:f8:dd:e8:5a:fc: 775s 69:2a:d4:94:42:ba:5c:78:93:47:af:a0:7c:d8:ef: 775s 5d:fb:32:88:7f:05:67:f4:31:e0:9a:0c:0a:c2:59: 775s 5b:98:37:2d:93:1b:d4:18:ab:67:6e:55:da:2c:0e: 775s 61:60:f4:29:d1:fa:14:15:d2:8e:02:4f:67:77:e3: 775s bc:e8:5e:d0:ec:00:43:80:b3 775s Exponent: 65537 (0x10001) 775s X509v3 extensions: 775s X509v3 Authority Key Identifier: 775s 72:47:FA:73:41:85:91:0A:EB:E9:86:71:A6:CD:99:06:13:13:D9:05 775s X509v3 Basic Constraints: 775s CA:FALSE 775s Netscape Cert Type: 775s SSL Client, S/MIME 775s Netscape Comment: 775s Test Organization Root CA trusted Certificate 775s X509v3 Subject Key Identifier: 775s 11:11:59:9C:DD:F9:39:9B:A4:5A:D6:73:52:3E:BF:DE:C5:63:BC:67 775s X509v3 Key Usage: critical 775s Digital Signature, Non Repudiation, Key Encipherment 775s X509v3 Extended Key Usage: 775s TLS Web Client Authentication, E-mail Protection 775s X509v3 Subject Alternative Name: 775s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 775s Signature Algorithm: sha256WithRSAEncryption 775s Signature Value: 775s a5:9b:30:58:4c:e9:1e:af:bc:86:f9:81:e1:89:b1:79:f7:ac: 775s d7:fe:2c:5d:84:5c:50:d8:3c:a6:6d:1c:1c:45:6a:d2:75:57: 775s 22:b9:71:98:e0:9a:90:d2:2a:22:e3:bb:98:ac:87:50:67:b6: 775s 87:b7:d4:df:c9:33:df:ea:ec:08:3e:40:b1:3e:1d:9f:4b:ab: 775s aa:57:d3:e4:cc:01:d2:22:ef:1c:5b:ad:26:bf:ff:21:d3:3c: 775s a3:3a:03:d2:7e:63:5b:3b:b1:18:9b:6a:6d:d2:6c:98:74:ab: 775s 7d:ee:d8:b7:49:94:fb:3d:d3:92:de:d7:af:44:e4:87:70:d4: 775s c2:26 775s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-5618-auth.pem 775s + found_md5=Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 775s + '[' Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 '!=' Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 ']' 775s + valid_certificate /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 /tmp/sssd-softhsm2-18HdP2/test-root-CA.pem 775s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 /tmp/sssd-softhsm2-18HdP2/test-root-CA.pem 775s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 775s + local key_pass=pass:random-root-ca-trusted-cert-0001-29605 775s + local key_ring=/tmp/sssd-softhsm2-18HdP2/test-root-CA.pem 775s + local verify_option= 775s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 775s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 775s + local key_pass=pass:random-root-ca-trusted-cert-0001-29605 775s + local key_cn 775s + local key_name 775s + local tokens_dir 775s + local output_cert_file 775s + token_name= 775s ++ basename /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem .pem 775s + key_name=test-root-CA-trusted-certificate-0001 775s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 775s ++ sed -n 's/ *commonName *= //p' 775s Test Organization Root Tr Token 775s + key_cn='Test Organization Root Trusted Certificate 0001' 775s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 775s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf 775s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf 775s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 775s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001 775s + token_name='Test Organization Root Tr Token' 775s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 775s + '[' '!' -d /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001 ']' 775s + echo 'Test Organization Root Tr Token' 775s + '[' -n '' ']' 775s + local output_base_name=SSSD-child-3631 775s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-3631.output 775s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-3631.pem 775s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-18HdP2/test-root-CA.pem 775s [p11_child[2036]] [main] (0x0400): p11_child started. 775s [p11_child[2036]] [main] (0x2000): Running in [pre-auth] mode. 775s [p11_child[2036]] [main] (0x2000): Running with effective IDs: [0][0]. 775s [p11_child[2036]] [main] (0x2000): Running with real IDs [0][0]. 775s [p11_child[2036]] [do_card] (0x4000): Module List: 775s [p11_child[2036]] [do_card] (0x4000): common name: [softhsm2]. 775s [p11_child[2036]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 775s [p11_child[2036]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1a4c20fe] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 775s [p11_child[2036]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 775s [p11_child[2036]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x1a4c20fe][441196798] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 775s [p11_child[2036]] [do_card] (0x4000): Login NOT required. 775s [p11_child[2036]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 775s [p11_child[2036]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 775s [p11_child[2036]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 775s [p11_child[2036]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x1a4c20fe;slot-manufacturer=SoftHSM%20project;slot-id=441196798;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=38c027341a4c20fe;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 775s [p11_child[2036]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 775s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-3631.output 775s + echo '-----BEGIN CERTIFICATE-----' 775s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-3631.output 775s + echo '-----END CERTIFICATE-----' 775s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-3631.pem 775s Certificate: 775s Data: 775s Version: 3 (0x2) 775s Serial Number: 3 (0x3) 775s Signature Algorithm: sha256WithRSAEncryption 775s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 775s Validity 775s Not Before: Mar 9 15:30:47 2024 GMT 775s Not After : Mar 9 15:30:47 2025 GMT 775s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 775s Subject Public Key Info: 775s Public Key Algorithm: rsaEncryption 775s Public-Key: (1024 bit) 775s Modulus: 775s 00:b7:48:a0:4b:6d:4e:9b:03:b1:34:c1:dd:64:a5: 775s 08:48:f6:de:a9:e2:41:7d:ec:43:cf:65:df:b5:6a: 775s 69:dd:af:2d:15:48:48:0b:f5:ea:67:1b:f3:e7:b4: 775s e3:74:e8:16:52:ef:ef:d9:3e:86:f8:dd:e8:5a:fc: 775s 69:2a:d4:94:42:ba:5c:78:93:47:af:a0:7c:d8:ef: 775s 5d:fb:32:88:7f:05:67:f4:31:e0:9a:0c:0a:c2:59: 775s 5b:98:37:2d:93:1b:d4:18:ab:67:6e:55:da:2c:0e: 775s 61:60:f4:29:d1:fa:14:15:d2:8e:02:4f:67:77:e3: 775s bc:e8:5e:d0:ec:00:43:80:b3 775s Exponent: 65537 (0x10001) 775s X509v3 extensions: 775s X509v3 Authority Key Identifier: 775s 72:47:FA:73:41:85:91:0A:EB:E9:86:71:A6:CD:99:06:13:13:D9:05 775s X509v3 Basic Constraints: 775s CA:FALSE 775s Netscape Cert Type: 775s SSL Client, S/MIME 775s Netscape Comment: 775s Test Organization Root CA trusted Certificate 775s X509v3 Subject Key Identifier: 775s 11:11:59:9C:DD:F9:39:9B:A4:5A:D6:73:52:3E:BF:DE:C5:63:BC:67 775s X509v3 Key Usage: critical 775s Digital Signature, Non Repudiation, Key Encipherment 775s X509v3 Extended Key Usage: 775s TLS Web Client Authentication, E-mail Protection 775s X509v3 Subject Alternative Name: 775s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 775s Signature Algorithm: sha256WithRSAEncryption 775s Signature Value: 775s a5:9b:30:58:4c:e9:1e:af:bc:86:f9:81:e1:89:b1:79:f7:ac: 775s d7:fe:2c:5d:84:5c:50:d8:3c:a6:6d:1c:1c:45:6a:d2:75:57: 775s 22:b9:71:98:e0:9a:90:d2:2a:22:e3:bb:98:ac:87:50:67:b6: 775s 87:b7:d4:df:c9:33:df:ea:ec:08:3e:40:b1:3e:1d:9f:4b:ab: 775s aa:57:d3:e4:cc:01:d2:22:ef:1c:5b:ad:26:bf:ff:21:d3:3c: 775s a3:3a:03:d2:7e:63:5b:3b:b1:18:9b:6a:6d:d2:6c:98:74:ab: 775s 7d:ee:d8:b7:49:94:fb:3d:d3:92:de:d7:af:44:e4:87:70:d4: 775s c2:26 775s + local found_md5 expected_md5 775s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 775s + expected_md5=Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 775s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-3631.pem 775s + found_md5=Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 775s + '[' Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 '!=' Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 ']' 775s + output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-3631-auth.output 775s ++ basename /tmp/sssd-softhsm2-18HdP2/SSSD-child-3631-auth.output .output 775s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-3631-auth.pem 775s + echo -n 053350 775s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-18HdP2/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 775s [p11_child[2044]] [main] (0x0400): p11_child started. 775s [p11_child[2044]] [main] (0x2000): Running in [auth] mode. 775s [p11_child[2044]] [main] (0x2000): Running with effective IDs: [0][0]. 775s [p11_child[2044]] [main] (0x2000): Running with real IDs [0][0]. 775s [p11_child[2044]] [do_card] (0x4000): Module List: 775s [p11_child[2044]] [do_card] (0x4000): common name: [softhsm2]. 775s [p11_child[2044]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 775s [p11_child[2044]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1a4c20fe] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 775s [p11_child[2044]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 775s [p11_child[2044]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x1a4c20fe][441196798] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 775s [p11_child[2044]] [do_card] (0x4000): Login required. 775s [p11_child[2044]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 775s [p11_child[2044]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 775s [p11_child[2044]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 775s [p11_child[2044]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x1a4c20fe;slot-manufacturer=SoftHSM%20project;slot-id=441196798;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=38c027341a4c20fe;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 775s [p11_child[2044]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 775s [p11_child[2044]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 775s [p11_child[2044]] [do_card] (0x4000): Certificate verified and validated. 775s [p11_child[2044]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 775s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-3631-auth.output 775s + echo '-----BEGIN CERTIFICATE-----' 775s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-3631-auth.output 775s + echo '-----END CERTIFICATE-----' 775s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-3631-auth.pem 775s Certificate: 775s Data: 775s Version: 3 (0x2) 775s Serial Number: 3 (0x3) 775s Signature Algorithm: sha256WithRSAEncryption 775s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 775s Validity 775s Not Before: Mar 9 15:30:47 2024 GMT 775s Not After : Mar 9 15:30:47 2025 GMT 775s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 775s Subject Public Key Info: 775s Public Key Algorithm: rsaEncryption 775s Public-Key: (1024 bit) 775s Modulus: 775s 00:b7:48:a0:4b:6d:4e:9b:03:b1:34:c1:dd:64:a5: 775s 08:48:f6:de:a9:e2:41:7d:ec:43:cf:65:df:b5:6a: 775s 69:dd:af:2d:15:48:48:0b:f5:ea:67:1b:f3:e7:b4: 775s e3:74:e8:16:52:ef:ef:d9:3e:86:f8:dd:e8:5a:fc: 775s 69:2a:d4:94:42:ba:5c:78:93:47:af:a0:7c:d8:ef: 775s 5d:fb:32:88:7f:05:67:f4:31:e0:9a:0c:0a:c2:59: 775s 5b:98:37:2d:93:1b:d4:18:ab:67:6e:55:da:2c:0e: 775s 61:60:f4:29:d1:fa:14:15:d2:8e:02:4f:67:77:e3: 775s bc:e8:5e:d0:ec:00:43:80:b3 775s Exponent: 65537 (0x10001) 775s X509v3 extensions: 775s X509v3 Authority Key Identifier: 775s 72:47:FA:73:41:85:91:0A:EB:E9:86:71:A6:CD:99:06:13:13:D9:05 775s X509v3 Basic Constraints: 775s CA:FALSE 775s Netscape Cert Type: 775s SSL Client, S/MIME 775s Netscape Comment: 775s Test Organization Root CA trusted Certificate 775s X509v3 Subject Key Identifier: 775s 11:11:59:9C:DD:F9:39:9B:A4:5A:D6:73:52:3E:BF:DE:C5:63:BC:67 775s X509v3 Key Usage: critical 775s Digital Signature, Non Repudiation, Key Encipherment 775s X509v3 Extended Key Usage: 775s TLS Web Client Authentication, E-mail Protection 775s X509v3 Subject Alternative Name: 775s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 775s Signature Algorithm: sha256WithRSAEncryption 775s Signature Value: 775s a5:9b:30:58:4c:e9:1e:af:bc:86:f9:81:e1:89:b1:79:f7:ac: 775s d7:fe:2c:5d:84:5c:50:d8:3c:a6:6d:1c:1c:45:6a:d2:75:57: 775s 22:b9:71:98:e0:9a:90:d2:2a:22:e3:bb:98:ac:87:50:67:b6: 775s 87:b7:d4:df:c9:33:df:ea:ec:08:3e:40:b1:3e:1d:9f:4b:ab: 775s aa:57:d3:e4:cc:01:d2:22:ef:1c:5b:ad:26:bf:ff:21:d3:3c: 775s a3:3a:03:d2:7e:63:5b:3b:b1:18:9b:6a:6d:d2:6c:98:74:ab: 775s 7d:ee:d8:b7:49:94:fb:3d:d3:92:de:d7:af:44:e4:87:70:d4: 775s c2:26 775s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-3631-auth.pem 775s + found_md5=Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 775s + '[' Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 '!=' Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 ']' 775s + valid_certificate /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 /tmp/sssd-softhsm2-18HdP2/test-root-CA.pem partial_chain 775s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 /tmp/sssd-softhsm2-18HdP2/test-root-CA.pem partial_chain 775s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 775s + local key_pass=pass:random-root-ca-trusted-cert-0001-29605 775s + local key_ring=/tmp/sssd-softhsm2-18HdP2/test-root-CA.pem 775s + local verify_option=partial_chain 775s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 775s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 775s + local key_pass=pass:random-root-ca-trusted-cert-0001-29605 775s + local key_cn 775s + local key_name 775s + local tokens_dir 775s + local output_cert_file 775s + token_name= 775s ++ basename /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem .pem 775s + key_name=test-root-CA-trusted-certificate-0001 775s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 775s ++ sed -n 's/ *commonName *= //p' 775s + key_cn='Test Organization Root Trusted Certificate 0001' 775s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 775s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf 775s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf 775s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 775s Test Organization Root Tr Token 775s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001 775s + token_name='Test Organization Root Tr Token' 775s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 775s + '[' '!' -d /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001 ']' 775s + echo 'Test Organization Root Tr Token' 775s + '[' -n partial_chain ']' 775s + local verify_arg=--verify=partial_chain 775s + local output_base_name=SSSD-child-26707 775s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-26707.output 775s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-26707.pem 775s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-18HdP2/test-root-CA.pem 775s [p11_child[2054]] [main] (0x0400): p11_child started. 775s [p11_child[2054]] [main] (0x2000): Running in [pre-auth] mode. 775s [p11_child[2054]] [main] (0x2000): Running with effective IDs: [0][0]. 775s [p11_child[2054]] [main] (0x2000): Running with real IDs [0][0]. 775s [p11_child[2054]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 775s [p11_child[2054]] [do_card] (0x4000): Module List: 775s [p11_child[2054]] [do_card] (0x4000): common name: [softhsm2]. 775s [p11_child[2054]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 775s [p11_child[2054]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1a4c20fe] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 775s [p11_child[2054]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 775s [p11_child[2054]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x1a4c20fe][441196798] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 775s [p11_child[2054]] [do_card] (0x4000): Login NOT required. 775s [p11_child[2054]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 775s [p11_child[2054]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 775s [p11_child[2054]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 775s [p11_child[2054]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x1a4c20fe;slot-manufacturer=SoftHSM%20project;slot-id=441196798;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=38c027341a4c20fe;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 775s [p11_child[2054]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 775s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-26707.output 775s + echo '-----BEGIN CERTIFICATE-----' 775s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-26707.output 775s + echo '-----END CERTIFICATE-----' 775s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-26707.pem 776s + local found_md5 expected_md5 776s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 776s Certificate: 776s Data: 776s Version: 3 (0x2) 776s Serial Number: 3 (0x3) 776s Signature Algorithm: sha256WithRSAEncryption 776s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 776s Validity 776s Not Before: Mar 9 15:30:47 2024 GMT 776s Not After : Mar 9 15:30:47 2025 GMT 776s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 776s Subject Public Key Info: 776s Public Key Algorithm: rsaEncryption 776s Public-Key: (1024 bit) 776s Modulus: 776s 00:b7:48:a0:4b:6d:4e:9b:03:b1:34:c1:dd:64:a5: 776s 08:48:f6:de:a9:e2:41:7d:ec:43:cf:65:df:b5:6a: 776s 69:dd:af:2d:15:48:48:0b:f5:ea:67:1b:f3:e7:b4: 776s e3:74:e8:16:52:ef:ef:d9:3e:86:f8:dd:e8:5a:fc: 776s 69:2a:d4:94:42:ba:5c:78:93:47:af:a0:7c:d8:ef: 776s 5d:fb:32:88:7f:05:67:f4:31:e0:9a:0c:0a:c2:59: 776s 5b:98:37:2d:93:1b:d4:18:ab:67:6e:55:da:2c:0e: 776s 61:60:f4:29:d1:fa:14:15:d2:8e:02:4f:67:77:e3: 776s bc:e8:5e:d0:ec:00:43:80:b3 776s Exponent: 65537 (0x10001) 776s X509v3 extensions: 776s X509v3 Authority Key Identifier: 776s 72:47:FA:73:41:85:91:0A:EB:E9:86:71:A6:CD:99:06:13:13:D9:05 776s X509v3 Basic Constraints: 776s CA:FALSE 776s Netscape Cert Type: 776s SSL Client, S/MIME 776s Netscape Comment: 776s Test Organization Root CA trusted Certificate 776s X509v3 Subject Key Identifier: 776s 11:11:59:9C:DD:F9:39:9B:A4:5A:D6:73:52:3E:BF:DE:C5:63:BC:67 776s X509v3 Key Usage: critical 776s Digital Signature, Non Repudiation, Key Encipherment 776s X509v3 Extended Key Usage: 776s TLS Web Client Authentication, E-mail Protection 776s X509v3 Subject Alternative Name: 776s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 776s Signature Algorithm: sha256WithRSAEncryption 776s Signature Value: 776s a5:9b:30:58:4c:e9:1e:af:bc:86:f9:81:e1:89:b1:79:f7:ac: 776s d7:fe:2c:5d:84:5c:50:d8:3c:a6:6d:1c:1c:45:6a:d2:75:57: 776s 22:b9:71:98:e0:9a:90:d2:2a:22:e3:bb:98:ac:87:50:67:b6: 776s 87:b7:d4:df:c9:33:df:ea:ec:08:3e:40:b1:3e:1d:9f:4b:ab: 776s aa:57:d3:e4:cc:01:d2:22:ef:1c:5b:ad:26:bf:ff:21:d3:3c: 776s a3:3a:03:d2:7e:63:5b:3b:b1:18:9b:6a:6d:d2:6c:98:74:ab: 776s 7d:ee:d8:b7:49:94:fb:3d:d3:92:de:d7:af:44:e4:87:70:d4: 776s c2:26 776s + expected_md5=Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 776s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-26707.pem 776s + found_md5=Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 776s + '[' Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 '!=' Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 ']' 776s + output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-26707-auth.output 776s ++ basename /tmp/sssd-softhsm2-18HdP2/SSSD-child-26707-auth.output .output 776s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-26707-auth.pem 776s + echo -n 053350 776s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-18HdP2/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 776s [p11_child[2062]] [main] (0x0400): p11_child started. 776s [p11_child[2062]] [main] (0x2000): Running in [auth] mode. 776s [p11_child[2062]] [main] (0x2000): Running with effective IDs: [0][0]. 776s [p11_child[2062]] [main] (0x2000): Running with real IDs [0][0]. 776s [p11_child[2062]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 776s [p11_child[2062]] [do_card] (0x4000): Module List: 776s [p11_child[2062]] [do_card] (0x4000): common name: [softhsm2]. 776s [p11_child[2062]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 776s [p11_child[2062]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1a4c20fe] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 776s [p11_child[2062]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 776s [p11_child[2062]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x1a4c20fe][441196798] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 776s [p11_child[2062]] [do_card] (0x4000): Login required. 776s [p11_child[2062]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 776s [p11_child[2062]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 776s [p11_child[2062]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 776s [p11_child[2062]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x1a4c20fe;slot-manufacturer=SoftHSM%20project;slot-id=441196798;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=38c027341a4c20fe;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 776s [p11_child[2062]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 776s [p11_child[2062]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 776s [p11_child[2062]] [do_card] (0x4000): Certificate verified and validated. 776s [p11_child[2062]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 776s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-26707-auth.output 776s + echo '-----BEGIN CERTIFICATE-----' 776s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-26707-auth.output 776s + echo '-----END CERTIFICATE-----' 776s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-26707-auth.pem 776s Certificate: 776s Data: 776s Version: 3 (0x2) 776s Serial Number: 3 (0x3) 776s Signature Algorithm: sha256WithRSAEncryption 776s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 776s Validity 776s Not Before: Mar 9 15:30:47 2024 GMT 776s Not After : Mar 9 15:30:47 2025 GMT 776s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 776s Subject Public Key Info: 776s Public Key Algorithm: rsaEncryption 776s Public-Key: (1024 bit) 776s Modulus: 776s 00:b7:48:a0:4b:6d:4e:9b:03:b1:34:c1:dd:64:a5: 776s 08:48:f6:de:a9:e2:41:7d:ec:43:cf:65:df:b5:6a: 776s 69:dd:af:2d:15:48:48:0b:f5:ea:67:1b:f3:e7:b4: 776s e3:74:e8:16:52:ef:ef:d9:3e:86:f8:dd:e8:5a:fc: 776s 69:2a:d4:94:42:ba:5c:78:93:47:af:a0:7c:d8:ef: 776s 5d:fb:32:88:7f:05:67:f4:31:e0:9a:0c:0a:c2:59: 776s 5b:98:37:2d:93:1b:d4:18:ab:67:6e:55:da:2c:0e: 776s 61:60:f4:29:d1:fa:14:15:d2:8e:02:4f:67:77:e3: 776s bc:e8:5e:d0:ec:00:43:80:b3 776s Exponent: 65537 (0x10001) 776s X509v3 extensions: 776s X509v3 Authority Key Identifier: 776s 72:47:FA:73:41:85:91:0A:EB:E9:86:71:A6:CD:99:06:13:13:D9:05 776s X509v3 Basic Constraints: 776s CA:FALSE 776s Netscape Cert Type: 776s SSL Client, S/MIME 776s Netscape Comment: 776s Test Organization Root CA trusted Certificate 776s X509v3 Subject Key Identifier: 776s 11:11:59:9C:DD:F9:39:9B:A4:5A:D6:73:52:3E:BF:DE:C5:63:BC:67 776s X509v3 Key Usage: critical 776s Digital Signature, Non Repudiation, Key Encipherment 776s X509v3 Extended Key Usage: 776s TLS Web Client Authentication, E-mail Protection 776s X509v3 Subject Alternative Name: 776s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 776s Signature Algorithm: sha256WithRSAEncryption 776s Signature Value: 776s a5:9b:30:58:4c:e9:1e:af:bc:86:f9:81:e1:89:b1:79:f7:ac: 776s d7:fe:2c:5d:84:5c:50:d8:3c:a6:6d:1c:1c:45:6a:d2:75:57: 776s 22:b9:71:98:e0:9a:90:d2:2a:22:e3:bb:98:ac:87:50:67:b6: 776s 87:b7:d4:df:c9:33:df:ea:ec:08:3e:40:b1:3e:1d:9f:4b:ab: 776s aa:57:d3:e4:cc:01:d2:22:ef:1c:5b:ad:26:bf:ff:21:d3:3c: 776s a3:3a:03:d2:7e:63:5b:3b:b1:18:9b:6a:6d:d2:6c:98:74:ab: 776s 7d:ee:d8:b7:49:94:fb:3d:d3:92:de:d7:af:44:e4:87:70:d4: 776s c2:26 776s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-26707-auth.pem 776s + found_md5=Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 776s + '[' Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 '!=' Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 ']' 776s + valid_certificate /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 /tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem 776s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 /tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem 776s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 776s + local key_pass=pass:random-root-ca-trusted-cert-0001-29605 776s + local key_ring=/tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem 776s + local verify_option= 776s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 776s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 776s + local key_pass=pass:random-root-ca-trusted-cert-0001-29605 776s + local key_cn 776s + local key_name 776s + local tokens_dir 776s + local output_cert_file 776s + token_name= 776s ++ basename /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem .pem 776s + key_name=test-root-CA-trusted-certificate-0001 776s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 776s ++ sed -n 's/ *commonName *= //p' 776s + key_cn='Test Organization Root Trusted Certificate 0001' 776s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 776s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf 776s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf 776s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 776s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001 776s + token_name='Test Organization Root Tr Token' 776s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 776s + '[' '!' -d /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001 ']' 776s + echo 'Test Organization Root Tr Token' 776s + '[' -n '' ']' 776s + local output_base_name=SSSD-child-32319 776s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-32319.output 776s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-32319.pem 776s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem 776s Test Organization Root Tr Token 776s [p11_child[2072]] [main] (0x0400): p11_child started. 776s [p11_child[2072]] [main] (0x2000): Running in [pre-auth] mode. 776s [p11_child[2072]] [main] (0x2000): Running with effective IDs: [0][0]. 776s [p11_child[2072]] [main] (0x2000): Running with real IDs [0][0]. 776s [p11_child[2072]] [do_card] (0x4000): Module List: 776s [p11_child[2072]] [do_card] (0x4000): common name: [softhsm2]. 776s [p11_child[2072]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 776s [p11_child[2072]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1a4c20fe] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 776s [p11_child[2072]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 776s [p11_child[2072]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x1a4c20fe][441196798] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 776s [p11_child[2072]] [do_card] (0x4000): Login NOT required. 776s [p11_child[2072]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 776s [p11_child[2072]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 776s [p11_child[2072]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 776s [p11_child[2072]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x1a4c20fe;slot-manufacturer=SoftHSM%20project;slot-id=441196798;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=38c027341a4c20fe;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 776s [p11_child[2072]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 776s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-32319.output 776s + echo '-----BEGIN CERTIFICATE-----' 776s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-32319.output 776s + echo '-----END CERTIFICATE-----' 776s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-32319.pem 776s Certificate: 776s Data: 776s Version: 3 (0x2) 776s Serial Number: 3 (0x3) 776s Signature Algorithm: sha256WithRSAEncryption 776s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 776s Validity 776s Not Before: Mar 9 15:30:47 2024 GMT 776s Not After : Mar 9 15:30:47 2025 GMT 776s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 776s Subject Public Key Info: 776s Public Key Algorithm: rsaEncryption 776s Public-Key: (1024 bit) 776s Modulus: 776s 00:b7:48:a0:4b:6d:4e:9b:03:b1:34:c1:dd:64:a5: 776s 08:48:f6:de:a9:e2:41:7d:ec:43:cf:65:df:b5:6a: 776s 69:dd:af:2d:15:48:48:0b:f5:ea:67:1b:f3:e7:b4: 776s e3:74:e8:16:52:ef:ef:d9:3e:86:f8:dd:e8:5a:fc: 776s 69:2a:d4:94:42:ba:5c:78:93:47:af:a0:7c:d8:ef: 776s 5d:fb:32:88:7f:05:67:f4:31:e0:9a:0c:0a:c2:59: 776s 5b:98:37:2d:93:1b:d4:18:ab:67:6e:55:da:2c:0e: 776s 61:60:f4:29:d1:fa:14:15:d2:8e:02:4f:67:77:e3: 776s bc:e8:5e:d0:ec:00:43:80:b3 776s Exponent: 65537 (0x10001) 776s X509v3 extensions: 776s X509v3 Authority Key Identifier: 776s 72:47:FA:73:41:85:91:0A:EB:E9:86:71:A6:CD:99:06:13:13:D9:05 776s X509v3 Basic Constraints: 776s CA:FALSE 776s Netscape Cert Type: 776s SSL Client, S/MIME 776s Netscape Comment: 776s Test Organization Root CA trusted Certificate 776s X509v3 Subject Key Identifier: 776s 11:11:59:9C:DD:F9:39:9B:A4:5A:D6:73:52:3E:BF:DE:C5:63:BC:67 776s X509v3 Key Usage: critical 776s Digital Signature, Non Repudiation, Key Encipherment 776s X509v3 Extended Key Usage: 776s TLS Web Client Authentication, E-mail Protection 776s X509v3 Subject Alternative Name: 776s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 776s Signature Algorithm: sha256WithRSAEncryption 776s Signature Value: 776s a5:9b:30:58:4c:e9:1e:af:bc:86:f9:81:e1:89:b1:79:f7:ac: 776s d7:fe:2c:5d:84:5c:50:d8:3c:a6:6d:1c:1c:45:6a:d2:75:57: 776s 22:b9:71:98:e0:9a:90:d2:2a:22:e3:bb:98:ac:87:50:67:b6: 776s 87:b7:d4:df:c9:33:df:ea:ec:08:3e:40:b1:3e:1d:9f:4b:ab: 776s aa:57:d3:e4:cc:01:d2:22:ef:1c:5b:ad:26:bf:ff:21:d3:3c: 776s a3:3a:03:d2:7e:63:5b:3b:b1:18:9b:6a:6d:d2:6c:98:74:ab: 776s 7d:ee:d8:b7:49:94:fb:3d:d3:92:de:d7:af:44:e4:87:70:d4: 776s c2:26 776s + local found_md5 expected_md5 776s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 776s + expected_md5=Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 776s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-32319.pem 776s + found_md5=Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 776s + '[' Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 '!=' Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 ']' 776s + output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-32319-auth.output 776s ++ basename /tmp/sssd-softhsm2-18HdP2/SSSD-child-32319-auth.output .output 776s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-32319-auth.pem 776s + echo -n 053350 776s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 776s [p11_child[2080]] [main] (0x0400): p11_child started. 776s [p11_child[2080]] [main] (0x2000): Running in [auth] mode. 776s [p11_child[2080]] [main] (0x2000): Running with effective IDs: [0][0]. 776s [p11_child[2080]] [main] (0x2000): Running with real IDs [0][0]. 776s [p11_child[2080]] [do_card] (0x4000): Module List: 776s [p11_child[2080]] [do_card] (0x4000): common name: [softhsm2]. 776s [p11_child[2080]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 776s [p11_child[2080]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1a4c20fe] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 776s [p11_child[2080]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 776s [p11_child[2080]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x1a4c20fe][441196798] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 776s [p11_child[2080]] [do_card] (0x4000): Login required. 776s [p11_child[2080]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 776s [p11_child[2080]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 776s [p11_child[2080]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 776s [p11_child[2080]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x1a4c20fe;slot-manufacturer=SoftHSM%20project;slot-id=441196798;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=38c027341a4c20fe;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 776s [p11_child[2080]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 776s [p11_child[2080]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 776s [p11_child[2080]] [do_card] (0x4000): Certificate verified and validated. 776s [p11_child[2080]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 776s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-32319-auth.output 776s + echo '-----BEGIN CERTIFICATE-----' 776s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-32319-auth.output 776s + echo '-----END CERTIFICATE-----' 776s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-32319-auth.pem 776s Certificate: 776s Data: 776s Version: 3 (0x2) 776s Serial Number: 3 (0x3) 776s Signature Algorithm: sha256WithRSAEncryption 776s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 776s Validity 776s Not Before: Mar 9 15:30:47 2024 GMT 776s Not After : Mar 9 15:30:47 2025 GMT 776s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 776s Subject Public Key Info: 776s Public Key Algorithm: rsaEncryption 776s Public-Key: (1024 bit) 776s Modulus: 776s 00:b7:48:a0:4b:6d:4e:9b:03:b1:34:c1:dd:64:a5: 776s 08:48:f6:de:a9:e2:41:7d:ec:43:cf:65:df:b5:6a: 776s 69:dd:af:2d:15:48:48:0b:f5:ea:67:1b:f3:e7:b4: 776s e3:74:e8:16:52:ef:ef:d9:3e:86:f8:dd:e8:5a:fc: 776s 69:2a:d4:94:42:ba:5c:78:93:47:af:a0:7c:d8:ef: 776s 5d:fb:32:88:7f:05:67:f4:31:e0:9a:0c:0a:c2:59: 776s 5b:98:37:2d:93:1b:d4:18:ab:67:6e:55:da:2c:0e: 776s 61:60:f4:29:d1:fa:14:15:d2:8e:02:4f:67:77:e3: 776s bc:e8:5e:d0:ec:00:43:80:b3 776s Exponent: 65537 (0x10001) 776s X509v3 extensions: 776s X509v3 Authority Key Identifier: 776s 72:47:FA:73:41:85:91:0A:EB:E9:86:71:A6:CD:99:06:13:13:D9:05 776s X509v3 Basic Constraints: 776s CA:FALSE 776s Netscape Cert Type: 776s SSL Client, S/MIME 776s Netscape Comment: 776s Test Organization Root CA trusted Certificate 776s X509v3 Subject Key Identifier: 776s 11:11:59:9C:DD:F9:39:9B:A4:5A:D6:73:52:3E:BF:DE:C5:63:BC:67 776s X509v3 Key Usage: critical 776s Digital Signature, Non Repudiation, Key Encipherment 776s X509v3 Extended Key Usage: 776s TLS Web Client Authentication, E-mail Protection 776s X509v3 Subject Alternative Name: 776s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 776s Signature Algorithm: sha256WithRSAEncryption 776s Signature Value: 776s a5:9b:30:58:4c:e9:1e:af:bc:86:f9:81:e1:89:b1:79:f7:ac: 776s d7:fe:2c:5d:84:5c:50:d8:3c:a6:6d:1c:1c:45:6a:d2:75:57: 776s 22:b9:71:98:e0:9a:90:d2:2a:22:e3:bb:98:ac:87:50:67:b6: 776s 87:b7:d4:df:c9:33:df:ea:ec:08:3e:40:b1:3e:1d:9f:4b:ab: 776s aa:57:d3:e4:cc:01:d2:22:ef:1c:5b:ad:26:bf:ff:21:d3:3c: 776s a3:3a:03:d2:7e:63:5b:3b:b1:18:9b:6a:6d:d2:6c:98:74:ab: 776s 7d:ee:d8:b7:49:94:fb:3d:d3:92:de:d7:af:44:e4:87:70:d4: 776s c2:26 776s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-32319-auth.pem 776s + found_md5=Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 776s + '[' Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 '!=' Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 ']' 776s + valid_certificate /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 /tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem partial_chain 776s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 /tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem partial_chain 776s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 776s + local key_pass=pass:random-root-ca-trusted-cert-0001-29605 776s + local key_ring=/tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem 776s + local verify_option=partial_chain 776s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 776s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 776s + local key_pass=pass:random-root-ca-trusted-cert-0001-29605 776s + local key_cn 776s + local key_name 776s + local tokens_dir 776s + local output_cert_file 776s + token_name= 776s ++ basename /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem .pem 776s + key_name=test-root-CA-trusted-certificate-0001 776s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 776s ++ sed -n 's/ *commonName *= //p' 776s + key_cn='Test Organization Root Trusted Certificate 0001' 776s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 776s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf 776s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf 776s Test Organization Root Tr Token 776s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 776s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001 776s + token_name='Test Organization Root Tr Token' 776s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 776s + '[' '!' -d /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001 ']' 776s + echo 'Test Organization Root Tr Token' 776s + '[' -n partial_chain ']' 776s + local verify_arg=--verify=partial_chain 776s + local output_base_name=SSSD-child-28785 776s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-28785.output 776s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-28785.pem 776s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem 776s [p11_child[2090]] [main] (0x0400): p11_child started. 776s [p11_child[2090]] [main] (0x2000): Running in [pre-auth] mode. 776s [p11_child[2090]] [main] (0x2000): Running with effective IDs: [0][0]. 776s [p11_child[2090]] [main] (0x2000): Running with real IDs [0][0]. 776s [p11_child[2090]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 776s [p11_child[2090]] [do_card] (0x4000): Module List: 776s [p11_child[2090]] [do_card] (0x4000): common name: [softhsm2]. 776s [p11_child[2090]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 776s [p11_child[2090]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1a4c20fe] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 776s [p11_child[2090]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 776s [p11_child[2090]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x1a4c20fe][441196798] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 776s [p11_child[2090]] [do_card] (0x4000): Login NOT required. 776s [p11_child[2090]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 776s [p11_child[2090]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 776s [p11_child[2090]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 776s [p11_child[2090]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x1a4c20fe;slot-manufacturer=SoftHSM%20project;slot-id=441196798;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=38c027341a4c20fe;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 776s [p11_child[2090]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 776s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-28785.output 776s + echo '-----BEGIN CERTIFICATE-----' 776s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-28785.output 776s + echo '-----END CERTIFICATE-----' 776s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-28785.pem 776s Certificate: 776s Data: 776s Version: 3 (0x2) 776s Serial Number: 3 (0x3) 776s Signature Algorithm: sha256WithRSAEncryption 776s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 776s Validity 776s Not Before: Mar 9 15:30:47 2024 GMT 776s Not After : Mar 9 15:30:47 2025 GMT 776s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 776s Subject Public Key Info: 776s Public Key Algorithm: rsaEncryption 776s Public-Key: (1024 bit) 776s Modulus: 776s 00:b7:48:a0:4b:6d:4e:9b:03:b1:34:c1:dd:64:a5: 776s 08:48:f6:de:a9:e2:41:7d:ec:43:cf:65:df:b5:6a: 776s 69:dd:af:2d:15:48:48:0b:f5:ea:67:1b:f3:e7:b4: 776s e3:74:e8:16:52:ef:ef:d9:3e:86:f8:dd:e8:5a:fc: 776s 69:2a:d4:94:42:ba:5c:78:93:47:af:a0:7c:d8:ef: 776s 5d:fb:32:88:7f:05:67:f4:31:e0:9a:0c:0a:c2:59: 776s 5b:98:37:2d:93:1b:d4:18:ab:67:6e:55:da:2c:0e: 776s 61:60:f4:29:d1:fa:14:15:d2:8e:02:4f:67:77:e3: 776s bc:e8:5e:d0:ec:00:43:80:b3 776s Exponent: 65537 (0x10001) 776s X509v3 extensions: 776s X509v3 Authority Key Identifier: 776s 72:47:FA:73:41:85:91:0A:EB:E9:86:71:A6:CD:99:06:13:13:D9:05 776s X509v3 Basic Constraints: 776s CA:FALSE 776s Netscape Cert Type: 776s SSL Client, S/MIME 776s Netscape Comment: 776s Test Organization Root CA trusted Certificate 776s X509v3 Subject Key Identifier: 776s 11:11:59:9C:DD:F9:39:9B:A4:5A:D6:73:52:3E:BF:DE:C5:63:BC:67 776s X509v3 Key Usage: critical 776s Digital Signature, Non Repudiation, Key Encipherment 776s X509v3 Extended Key Usage: 776s TLS Web Client Authentication, E-mail Protection 776s X509v3 Subject Alternative Name: 776s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 776s Signature Algorithm: sha256WithRSAEncryption 776s Signature Value: 776s a5:9b:30:58:4c:e9:1e:af:bc:86:f9:81:e1:89:b1:79:f7:ac: 776s d7:fe:2c:5d:84:5c:50:d8:3c:a6:6d:1c:1c:45:6a:d2:75:57: 776s 22:b9:71:98:e0:9a:90:d2:2a:22:e3:bb:98:ac:87:50:67:b6: 776s 87:b7:d4:df:c9:33:df:ea:ec:08:3e:40:b1:3e:1d:9f:4b:ab: 776s aa:57:d3:e4:cc:01:d2:22:ef:1c:5b:ad:26:bf:ff:21:d3:3c: 776s a3:3a:03:d2:7e:63:5b:3b:b1:18:9b:6a:6d:d2:6c:98:74:ab: 776s 7d:ee:d8:b7:49:94:fb:3d:d3:92:de:d7:af:44:e4:87:70:d4: 776s c2:26 776s + local found_md5 expected_md5 776s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 776s + expected_md5=Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 776s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-28785.pem 776s + found_md5=Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 776s + '[' Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 '!=' Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 ']' 776s + output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-28785-auth.output 776s ++ basename /tmp/sssd-softhsm2-18HdP2/SSSD-child-28785-auth.output .output 776s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-28785-auth.pem 776s + echo -n 053350 776s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 776s [p11_child[2098]] [main] (0x0400): p11_child started. 776s [p11_child[2098]] [main] (0x2000): Running in [auth] mode. 776s [p11_child[2098]] [main] (0x2000): Running with effective IDs: [0][0]. 776s [p11_child[2098]] [main] (0x2000): Running with real IDs [0][0]. 776s [p11_child[2098]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 776s [p11_child[2098]] [do_card] (0x4000): Module List: 776s [p11_child[2098]] [do_card] (0x4000): common name: [softhsm2]. 776s [p11_child[2098]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 776s [p11_child[2098]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1a4c20fe] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 776s [p11_child[2098]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 776s [p11_child[2098]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x1a4c20fe][441196798] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 776s [p11_child[2098]] [do_card] (0x4000): Login required. 776s [p11_child[2098]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 776s [p11_child[2098]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 776s [p11_child[2098]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 776s [p11_child[2098]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x1a4c20fe;slot-manufacturer=SoftHSM%20project;slot-id=441196798;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=38c027341a4c20fe;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 776s [p11_child[2098]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 776s [p11_child[2098]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 776s [p11_child[2098]] [do_card] (0x4000): Certificate verified and validated. 776s [p11_child[2098]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 776s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-28785-auth.output 776s + echo '-----BEGIN CERTIFICATE-----' 776s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-28785-auth.output 776s + echo '-----END CERTIFICATE-----' 776s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-28785-auth.pem 776s Certificate: 776s Data: 776s Version: 3 (0x2) 776s Serial Number: 3 (0x3) 776s Signature Algorithm: sha256WithRSAEncryption 776s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 776s Validity 776s Not Before: Mar 9 15:30:47 2024 GMT 776s Not After : Mar 9 15:30:47 2025 GMT 776s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 776s Subject Public Key Info: 776s Public Key Algorithm: rsaEncryption 776s Public-Key: (1024 bit) 776s Modulus: 776s 00:b7:48:a0:4b:6d:4e:9b:03:b1:34:c1:dd:64:a5: 776s 08:48:f6:de:a9:e2:41:7d:ec:43:cf:65:df:b5:6a: 776s 69:dd:af:2d:15:48:48:0b:f5:ea:67:1b:f3:e7:b4: 776s e3:74:e8:16:52:ef:ef:d9:3e:86:f8:dd:e8:5a:fc: 776s 69:2a:d4:94:42:ba:5c:78:93:47:af:a0:7c:d8:ef: 776s 5d:fb:32:88:7f:05:67:f4:31:e0:9a:0c:0a:c2:59: 776s 5b:98:37:2d:93:1b:d4:18:ab:67:6e:55:da:2c:0e: 776s 61:60:f4:29:d1:fa:14:15:d2:8e:02:4f:67:77:e3: 776s bc:e8:5e:d0:ec:00:43:80:b3 776s Exponent: 65537 (0x10001) 776s X509v3 extensions: 776s X509v3 Authority Key Identifier: 776s 72:47:FA:73:41:85:91:0A:EB:E9:86:71:A6:CD:99:06:13:13:D9:05 776s X509v3 Basic Constraints: 776s CA:FALSE 776s Netscape Cert Type: 776s SSL Client, S/MIME 776s Netscape Comment: 776s Test Organization Root CA trusted Certificate 776s X509v3 Subject Key Identifier: 776s 11:11:59:9C:DD:F9:39:9B:A4:5A:D6:73:52:3E:BF:DE:C5:63:BC:67 776s X509v3 Key Usage: critical 776s Digital Signature, Non Repudiation, Key Encipherment 776s X509v3 Extended Key Usage: 776s TLS Web Client Authentication, E-mail Protection 776s X509v3 Subject Alternative Name: 776s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 776s Signature Algorithm: sha256WithRSAEncryption 776s Signature Value: 776s a5:9b:30:58:4c:e9:1e:af:bc:86:f9:81:e1:89:b1:79:f7:ac: 776s d7:fe:2c:5d:84:5c:50:d8:3c:a6:6d:1c:1c:45:6a:d2:75:57: 776s 22:b9:71:98:e0:9a:90:d2:2a:22:e3:bb:98:ac:87:50:67:b6: 776s 87:b7:d4:df:c9:33:df:ea:ec:08:3e:40:b1:3e:1d:9f:4b:ab: 776s aa:57:d3:e4:cc:01:d2:22:ef:1c:5b:ad:26:bf:ff:21:d3:3c: 776s a3:3a:03:d2:7e:63:5b:3b:b1:18:9b:6a:6d:d2:6c:98:74:ab: 776s 7d:ee:d8:b7:49:94:fb:3d:d3:92:de:d7:af:44:e4:87:70:d4: 776s c2:26 776s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-28785-auth.pem 776s + found_md5=Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 776s + '[' Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 '!=' Modulus=B748A04B6D4E9B03B134C1DD64A50848F6DEA9E2417DEC43CF65DFB56A69DDAF2D1548480BF5EA671BF3E7B4E374E81652EFEFD93E86F8DDE85AFC692AD49442BA5C789347AFA07CD8EF5DFB32887F0567F431E09A0C0AC2595B98372D931BD418AB676E55DA2C0E6160F429D1FA1415D28E024F6777E3BCE85ED0EC004380B3 ']' 776s + invalid_certificate /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem 776s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem 776s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 776s + local key_pass=pass:random-root-ca-trusted-cert-0001-29605 776s + local key_ring=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem 776s + local verify_option= 776s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 776s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 776s + local key_pass=pass:random-root-ca-trusted-cert-0001-29605 776s + local key_cn 776s + local key_name 776s + local tokens_dir 776s + local output_cert_file 776s + token_name= 776s ++ basename /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem .pem 776s + key_name=test-root-CA-trusted-certificate-0001 776s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 776s ++ sed -n 's/ *commonName *= //p' 776s + key_cn='Test Organization Root Trusted Certificate 0001' 776s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 776s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf 776s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf 776s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 776s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001 776s + token_name='Test Organization Root Tr Token' 776s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 776s + '[' '!' -d /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001 ']' 776s + echo 'Test Organization Root Tr Token' 776s Test Organization Root Tr Token 776s + '[' -n '' ']' 776s + local output_base_name=SSSD-child-28695 776s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-28695.output 776s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-28695.pem 776s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem 776s [p11_child[2108]] [main] (0x0400): p11_child started. 776s [p11_child[2108]] [main] (0x2000): Running in [pre-auth] mode. 776s [p11_child[2108]] [main] (0x2000): Running with effective IDs: [0][0]. 776s [p11_child[2108]] [main] (0x2000): Running with real IDs [0][0]. 776s [p11_child[2108]] [do_card] (0x4000): Module List: 776s [p11_child[2108]] [do_card] (0x4000): common name: [softhsm2]. 776s [p11_child[2108]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 776s [p11_child[2108]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1a4c20fe] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 776s [p11_child[2108]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 776s [p11_child[2108]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x1a4c20fe][441196798] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 776s [p11_child[2108]] [do_card] (0x4000): Login NOT required. 776s [p11_child[2108]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 776s [p11_child[2108]] [do_verification] (0x0040): X509_verify_cert failed [0]. 776s [p11_child[2108]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 776s [p11_child[2108]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 776s [p11_child[2108]] [do_card] (0x4000): No certificate found. 776s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-28695.output 776s + return 2 776s + invalid_certificate /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem partial_chain 776s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem partial_chain 776s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 776s + local key_pass=pass:random-root-ca-trusted-cert-0001-29605 776s + local key_ring=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem 776s + local verify_option=partial_chain 776s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-29605 776s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 776s + local key_pass=pass:random-root-ca-trusted-cert-0001-29605 776s + local key_cn 776s + local key_name 776s + local tokens_dir 776s + local output_cert_file 776s + token_name= 776s ++ basename /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem .pem 776s + key_name=test-root-CA-trusted-certificate-0001 776s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-root-CA-trusted-certificate-0001.pem 776s ++ sed -n 's/ *commonName *= //p' 776s + key_cn='Test Organization Root Trusted Certificate 0001' 776s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 776s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf 776s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf 776s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 776s Test Organization Root Tr Token 776s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001 776s + token_name='Test Organization Root Tr Token' 776s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 776s + '[' '!' -d /tmp/sssd-softhsm2-18HdP2/softhsm2-test-root-CA-trusted-certificate-0001 ']' 776s + echo 'Test Organization Root Tr Token' 776s + '[' -n partial_chain ']' 776s + local verify_arg=--verify=partial_chain 776s + local output_base_name=SSSD-child-27680 776s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-27680.output 776s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-27680.pem 776s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem 776s [p11_child[2115]] [main] (0x0400): p11_child started. 776s [p11_child[2115]] [main] (0x2000): Running in [pre-auth] mode. 776s [p11_child[2115]] [main] (0x2000): Running with effective IDs: [0][0]. 776s [p11_child[2115]] [main] (0x2000): Running with real IDs [0][0]. 776s [p11_child[2115]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 776s [p11_child[2115]] [do_card] (0x4000): Module List: 776s [p11_child[2115]] [do_card] (0x4000): common name: [softhsm2]. 776s [p11_child[2115]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 776s [p11_child[2115]] [do_card] (0x4000): Description [SoftHSM slot ID 0x1a4c20fe] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 776s [p11_child[2115]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 776s [p11_child[2115]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x1a4c20fe][441196798] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 776s [p11_child[2115]] [do_card] (0x4000): Login NOT required. 776s [p11_child[2115]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 776s [p11_child[2115]] [do_verification] (0x0040): X509_verify_cert failed [0]. 776s [p11_child[2115]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 776s [p11_child[2115]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 776s [p11_child[2115]] [do_card] (0x4000): No certificate found. 776s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-27680.output 776s + return 2 776s + invalid_certificate /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 /dev/null 776s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 /dev/null 776s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 776s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20647 776s + local key_ring=/dev/null 776s + local verify_option= 776s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 776s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 776s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20647 776s + local key_cn 776s + local key_name 776s + local tokens_dir 776s + local output_cert_file 776s + token_name= 776s ++ basename /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem .pem 776s + key_name=test-intermediate-CA-trusted-certificate-0001 776s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 776s ++ sed -n 's/ *commonName *= //p' 776s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 776s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 776s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 776s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 776s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 776s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001 776s + token_name='Test Organization Interme Token' 776s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 776s + local key_file 776s + local decrypted_key 776s + mkdir -p /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001 776s + key_file=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001-key.pem 776s + decrypted_key=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 776s + cat 776s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 053350 --so-pin 053350 --free 776s Slot 0 has a free/uninitialized token. 776s The token has been initialized and is reassigned to slot 1561428094 776s + softhsm2-util --show-slots 776s Available slots: 776s Slot 1561428094 776s Slot info: 776s Description: SoftHSM slot ID 0x5d11807e 776s Manufacturer ID: SoftHSM project 776s Hardware version: 2.6 776s Firmware version: 2.6 776s Token present: yes 776s Token info: 776s Manufacturer ID: SoftHSM project 776s Model: SoftHSM v2 776s Hardware version: 2.6 776s Firmware version: 2.6 776s Serial number: 50d3a6ec5d11807e 776s Initialized: yes 776s User PIN init.: yes 776s Label: Test Organization Interme Token 776s Slot 1 776s Slot info: 776s Description: SoftHSM slot ID 0x1 776s Manufacturer ID: SoftHSM project 776s Hardware version: 2.6 776s Firmware version: 2.6 776s Token present: yes 776s Token info: 776s Manufacturer ID: SoftHSM project 776s Model: SoftHSM v2 776s Hardware version: 2.6 776s Firmware version: 2.6 776s Serial number: 776s Initialized: no 776s User PIN init.: no 776s Label: 776s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 776s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-20647 -in /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 776s writing RSA key 776s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 776s + rm /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 776s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 776s Object 0: 776s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=50d3a6ec5d11807e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 776s Type: X.509 Certificate (RSA-1024) 776s Expires: Sun Mar 9 15:30:47 2025 776s Label: Test Organization Intermediate Trusted Certificate 0001 776s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 776s 776s Test Organization Interme Token 776s + echo 'Test Organization Interme Token' 776s + '[' -n '' ']' 776s + local output_base_name=SSSD-child-7447 776s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-7447.output 776s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-7447.pem 776s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 776s [p11_child[2131]] [main] (0x0400): p11_child started. 776s [p11_child[2131]] [main] (0x2000): Running in [pre-auth] mode. 776s [p11_child[2131]] [main] (0x2000): Running with effective IDs: [0][0]. 776s [p11_child[2131]] [main] (0x2000): Running with real IDs [0][0]. 776s [p11_child[2131]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 776s [p11_child[2131]] [do_work] (0x0040): init_verification failed. 776s [p11_child[2131]] [main] (0x0020): p11_child failed (5) 776s + return 2 776s + valid_certificate /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 /dev/null no_verification 776s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 /dev/null no_verification 776s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 776s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20647 776s + local key_ring=/dev/null 776s + local verify_option=no_verification 776s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 776s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 776s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20647 776s + local key_cn 776s + local key_name 776s + local tokens_dir 776s + local output_cert_file 776s + token_name= 776s ++ basename /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem .pem 776s + key_name=test-intermediate-CA-trusted-certificate-0001 776s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 776s ++ sed -n 's/ *commonName *= //p' 776s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 776s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 776s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 776s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 776s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 776s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001 776s + token_name='Test Organization Interme Token' 776s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 776s + '[' '!' -d /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 776s + echo 'Test Organization Interme Token' 776s + '[' -n no_verification ']' 776s + local verify_arg=--verify=no_verification 776s + local output_base_name=SSSD-child-16483 776s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-16483.output 776s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-16483.pem 776s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 776s Test Organization Interme Token 776s [p11_child[2137]] [main] (0x0400): p11_child started. 776s [p11_child[2137]] [main] (0x2000): Running in [pre-auth] mode. 776s [p11_child[2137]] [main] (0x2000): Running with effective IDs: [0][0]. 776s [p11_child[2137]] [main] (0x2000): Running with real IDs [0][0]. 776s [p11_child[2137]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 776s [p11_child[2137]] [do_card] (0x4000): Module List: 776s [p11_child[2137]] [do_card] (0x4000): common name: [softhsm2]. 776s [p11_child[2137]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 776s [p11_child[2137]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5d11807e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 776s [p11_child[2137]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 776s [p11_child[2137]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5d11807e][1561428094] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 776s [p11_child[2137]] [do_card] (0x4000): Login NOT required. 776s [p11_child[2137]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 776s [p11_child[2137]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 776s [p11_child[2137]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5d11807e;slot-manufacturer=SoftHSM%20project;slot-id=1561428094;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=50d3a6ec5d11807e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 776s [p11_child[2137]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 776s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-16483.output 776s + echo '-----BEGIN CERTIFICATE-----' 776s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-16483.output 776s + echo '-----END CERTIFICATE-----' 776s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-16483.pem 776s Certificate: 776s Data: 776s Version: 3 (0x2) 776s Serial Number: 4 (0x4) 776s Signature Algorithm: sha256WithRSAEncryption 776s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 776s Validity 776s Not Before: Mar 9 15:30:47 2024 GMT 776s Not After : Mar 9 15:30:47 2025 GMT 776s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 776s Subject Public Key Info: 776s Public Key Algorithm: rsaEncryption 776s Public-Key: (1024 bit) 776s Modulus: 776s 00:da:7f:32:1c:8d:b6:21:0a:be:29:aa:10:ca:e7: 776s f6:b2:68:34:f2:ba:19:83:3e:c4:d7:7b:a3:dd:7a: 776s 46:77:e9:00:45:bc:0b:4b:e7:ce:2e:0a:44:54:3a: 776s 6d:ea:1a:84:6c:79:b1:db:6b:6c:58:21:f2:8f:80: 776s 5e:00:f9:78:b6:2f:34:b1:89:4e:46:04:85:fc:86: 776s 6c:cf:3b:bc:aa:c5:d5:4f:59:d0:cc:a7:b2:61:ad: 776s d2:7f:e9:14:e3:fe:78:48:12:d7:ed:90:fb:9a:c6: 776s 36:66:9b:e2:d8:ce:07:27:45:4f:97:ad:6a:d6:ef: 776s 4b:d0:a2:26:95:41:b1:1e:13 776s Exponent: 65537 (0x10001) 776s X509v3 extensions: 776s X509v3 Authority Key Identifier: 776s F4:85:17:14:EA:B5:70:25:A8:B6:D1:31:39:8E:41:7C:A7:7F:AD:A8 776s X509v3 Basic Constraints: 776s CA:FALSE 776s Netscape Cert Type: 776s SSL Client, S/MIME 776s Netscape Comment: 776s Test Organization Intermediate CA trusted Certificate 776s X509v3 Subject Key Identifier: 776s FA:EB:79:BE:59:67:21:8D:D5:D4:04:55:CF:42:26:D9:D4:EF:3D:83 776s X509v3 Key Usage: critical 776s Digital Signature, Non Repudiation, Key Encipherment 776s X509v3 Extended Key Usage: 776s TLS Web Client Authentication, E-mail Protection 776s X509v3 Subject Alternative Name: 776s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 776s Signature Algorithm: sha256WithRSAEncryption 776s Signature Value: 776s 6c:18:f5:57:27:62:72:79:82:e0:ac:93:bc:fc:6a:99:4c:3b: 776s 8a:dc:63:b1:2e:3c:5d:db:8b:63:39:40:41:a8:85:22:3b:45: 776s fc:ae:5d:67:4d:5a:ad:61:bb:0e:b5:02:de:a9:95:b8:c0:73: 776s b6:3a:fd:0b:78:cf:88:6f:cb:fb:e8:ae:36:8b:5a:0b:7e:3a: 776s d7:53:d9:92:a2:e9:16:64:3c:bb:a1:90:c5:91:3d:28:12:78: 776s c5:7b:50:1b:7f:ee:23:3e:34:4e:b2:2c:c2:e9:36:17:2e:96: 776s 98:c1:42:b8:6f:66:3e:7b:79:1d:54:0e:23:48:72:b0:ee:ec: 776s 9c:83 776s + local found_md5 expected_md5 776s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 776s + expected_md5=Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 776s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-16483.pem 777s + found_md5=Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 777s + '[' Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 '!=' Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 ']' 777s + output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-16483-auth.output 777s ++ basename /tmp/sssd-softhsm2-18HdP2/SSSD-child-16483-auth.output .output 777s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-16483-auth.pem 777s + echo -n 053350 777s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Interme Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 777s [p11_child[2145]] [main] (0x0400): p11_child started. 777s [p11_child[2145]] [main] (0x2000): Running in [auth] mode. 777s [p11_child[2145]] [main] (0x2000): Running with effective IDs: [0][0]. 777s [p11_child[2145]] [main] (0x2000): Running with real IDs [0][0]. 777s [p11_child[2145]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 777s [p11_child[2145]] [do_card] (0x4000): Module List: 777s [p11_child[2145]] [do_card] (0x4000): common name: [softhsm2]. 777s [p11_child[2145]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 777s [p11_child[2145]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5d11807e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 777s [p11_child[2145]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 777s [p11_child[2145]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5d11807e][1561428094] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 777s [p11_child[2145]] [do_card] (0x4000): Login required. 777s [p11_child[2145]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 777s [p11_child[2145]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 777s [p11_child[2145]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5d11807e;slot-manufacturer=SoftHSM%20project;slot-id=1561428094;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=50d3a6ec5d11807e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 777s [p11_child[2145]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 777s [p11_child[2145]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 777s [p11_child[2145]] [do_card] (0x4000): Certificate verified and validated. 777s [p11_child[2145]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 777s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-16483-auth.output 777s + echo '-----BEGIN CERTIFICATE-----' 777s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-16483-auth.output 777s + echo '-----END CERTIFICATE-----' 777s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-16483-auth.pem 777s Certificate: 777s Data: 777s Version: 3 (0x2) 777s Serial Number: 4 (0x4) 777s Signature Algorithm: sha256WithRSAEncryption 777s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 777s Validity 777s Not Before: Mar 9 15:30:47 2024 GMT 777s Not After : Mar 9 15:30:47 2025 GMT 777s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 777s Subject Public Key Info: 777s Public Key Algorithm: rsaEncryption 777s Public-Key: (1024 bit) 777s Modulus: 777s 00:da:7f:32:1c:8d:b6:21:0a:be:29:aa:10:ca:e7: 777s f6:b2:68:34:f2:ba:19:83:3e:c4:d7:7b:a3:dd:7a: 777s 46:77:e9:00:45:bc:0b:4b:e7:ce:2e:0a:44:54:3a: 777s 6d:ea:1a:84:6c:79:b1:db:6b:6c:58:21:f2:8f:80: 777s 5e:00:f9:78:b6:2f:34:b1:89:4e:46:04:85:fc:86: 777s 6c:cf:3b:bc:aa:c5:d5:4f:59:d0:cc:a7:b2:61:ad: 777s d2:7f:e9:14:e3:fe:78:48:12:d7:ed:90:fb:9a:c6: 777s 36:66:9b:e2:d8:ce:07:27:45:4f:97:ad:6a:d6:ef: 777s 4b:d0:a2:26:95:41:b1:1e:13 777s Exponent: 65537 (0x10001) 777s X509v3 extensions: 777s X509v3 Authority Key Identifier: 777s F4:85:17:14:EA:B5:70:25:A8:B6:D1:31:39:8E:41:7C:A7:7F:AD:A8 777s X509v3 Basic Constraints: 777s CA:FALSE 777s Netscape Cert Type: 777s SSL Client, S/MIME 777s Netscape Comment: 777s Test Organization Intermediate CA trusted Certificate 777s X509v3 Subject Key Identifier: 777s FA:EB:79:BE:59:67:21:8D:D5:D4:04:55:CF:42:26:D9:D4:EF:3D:83 777s X509v3 Key Usage: critical 777s Digital Signature, Non Repudiation, Key Encipherment 777s X509v3 Extended Key Usage: 777s TLS Web Client Authentication, E-mail Protection 777s X509v3 Subject Alternative Name: 777s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 777s Signature Algorithm: sha256WithRSAEncryption 777s Signature Value: 777s 6c:18:f5:57:27:62:72:79:82:e0:ac:93:bc:fc:6a:99:4c:3b: 777s 8a:dc:63:b1:2e:3c:5d:db:8b:63:39:40:41:a8:85:22:3b:45: 777s fc:ae:5d:67:4d:5a:ad:61:bb:0e:b5:02:de:a9:95:b8:c0:73: 777s b6:3a:fd:0b:78:cf:88:6f:cb:fb:e8:ae:36:8b:5a:0b:7e:3a: 777s d7:53:d9:92:a2:e9:16:64:3c:bb:a1:90:c5:91:3d:28:12:78: 777s c5:7b:50:1b:7f:ee:23:3e:34:4e:b2:2c:c2:e9:36:17:2e:96: 777s 98:c1:42:b8:6f:66:3e:7b:79:1d:54:0e:23:48:72:b0:ee:ec: 777s 9c:83 777s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-16483-auth.pem 777s + found_md5=Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 777s + '[' Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 '!=' Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 ']' 777s + invalid_certificate /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 /tmp/sssd-softhsm2-18HdP2/test-root-CA.pem 777s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 /tmp/sssd-softhsm2-18HdP2/test-root-CA.pem 777s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 777s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20647 777s + local key_ring=/tmp/sssd-softhsm2-18HdP2/test-root-CA.pem 777s + local verify_option= 777s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 777s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 777s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20647 777s + local key_cn 777s + local key_name 777s + local tokens_dir 777s + local output_cert_file 777s + token_name= 777s ++ basename /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem .pem 777s + key_name=test-intermediate-CA-trusted-certificate-0001 777s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 777s ++ sed -n 's/ *commonName *= //p' 777s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 777s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 777s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 777s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 777s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 777s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001 777s + token_name='Test Organization Interme Token' 777s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 777s + '[' '!' -d /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 777s + echo 'Test Organization Interme Token' 777s + '[' -n '' ']' 777s Test Organization Interme Token 777s + local output_base_name=SSSD-child-31503 777s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-31503.output 777s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-31503.pem 777s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-18HdP2/test-root-CA.pem 777s [p11_child[2155]] [main] (0x0400): p11_child started. 777s [p11_child[2155]] [main] (0x2000): Running in [pre-auth] mode. 777s [p11_child[2155]] [main] (0x2000): Running with effective IDs: [0][0]. 777s [p11_child[2155]] [main] (0x2000): Running with real IDs [0][0]. 777s [p11_child[2155]] [do_card] (0x4000): Module List: 777s [p11_child[2155]] [do_card] (0x4000): common name: [softhsm2]. 777s [p11_child[2155]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 777s [p11_child[2155]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5d11807e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 777s [p11_child[2155]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 777s [p11_child[2155]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5d11807e][1561428094] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 777s [p11_child[2155]] [do_card] (0x4000): Login NOT required. 777s [p11_child[2155]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 777s [p11_child[2155]] [do_verification] (0x0040): X509_verify_cert failed [0]. 777s [p11_child[2155]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 777s [p11_child[2155]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 777s [p11_child[2155]] [do_card] (0x4000): No certificate found. 777s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-31503.output 777s + return 2 777s + invalid_certificate /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 /tmp/sssd-softhsm2-18HdP2/test-root-CA.pem partial_chain 777s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 /tmp/sssd-softhsm2-18HdP2/test-root-CA.pem partial_chain 777s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 777s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20647 777s + local key_ring=/tmp/sssd-softhsm2-18HdP2/test-root-CA.pem 777s + local verify_option=partial_chain 777s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 777s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 777s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20647 777s + local key_cn 777s + local key_name 777s + local tokens_dir 777s + local output_cert_file 777s + token_name= 777s ++ basename /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem .pem 777s + key_name=test-intermediate-CA-trusted-certificate-0001 777s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 777s ++ sed -n 's/ *commonName *= //p' 777s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 777s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 777s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 777s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 777s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 777s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001 777s + token_name='Test Organization Interme Token' 777s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 777s + '[' '!' -d /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 777s + echo 'Test Organization Interme Token' 777s + '[' -n partial_chain ']' 777s + local verify_arg=--verify=partial_chain 777s + local output_base_name=SSSD-child-9874 777s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-9874.output 777s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-9874.pem 777s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-18HdP2/test-root-CA.pem 777s Test Organization Interme Token 777s [p11_child[2162]] [main] (0x0400): p11_child started. 777s [p11_child[2162]] [main] (0x2000): Running in [pre-auth] mode. 777s [p11_child[2162]] [main] (0x2000): Running with effective IDs: [0][0]. 777s [p11_child[2162]] [main] (0x2000): Running with real IDs [0][0]. 777s [p11_child[2162]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 777s [p11_child[2162]] [do_card] (0x4000): Module List: 777s [p11_child[2162]] [do_card] (0x4000): common name: [softhsm2]. 777s [p11_child[2162]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 777s [p11_child[2162]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5d11807e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 777s [p11_child[2162]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 777s [p11_child[2162]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5d11807e][1561428094] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 777s [p11_child[2162]] [do_card] (0x4000): Login NOT required. 777s [p11_child[2162]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 777s [p11_child[2162]] [do_verification] (0x0040): X509_verify_cert failed [0]. 777s [p11_child[2162]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 777s [p11_child[2162]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 777s [p11_child[2162]] [do_card] (0x4000): No certificate found. 777s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-9874.output 777s + return 2 777s + valid_certificate /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 /tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem 777s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 /tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem 777s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 777s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20647 777s + local key_ring=/tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem 777s + local verify_option= 777s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 777s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 777s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20647 777s + local key_cn 777s + local key_name 777s + local tokens_dir 777s + local output_cert_file 777s + token_name= 777s ++ basename /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem .pem 777s + key_name=test-intermediate-CA-trusted-certificate-0001 777s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 777s ++ sed -n 's/ *commonName *= //p' 777s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 777s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 777s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 777s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 777s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 777s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001 777s + token_name='Test Organization Interme Token' 777s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 777s Test Organization Interme Token 777s + '[' '!' -d /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 777s + echo 'Test Organization Interme Token' 777s + '[' -n '' ']' 777s + local output_base_name=SSSD-child-3085 777s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-3085.output 777s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-3085.pem 777s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem 777s [p11_child[2169]] [main] (0x0400): p11_child started. 777s [p11_child[2169]] [main] (0x2000): Running in [pre-auth] mode. 777s [p11_child[2169]] [main] (0x2000): Running with effective IDs: [0][0]. 777s [p11_child[2169]] [main] (0x2000): Running with real IDs [0][0]. 777s [p11_child[2169]] [do_card] (0x4000): Module List: 777s [p11_child[2169]] [do_card] (0x4000): common name: [softhsm2]. 777s [p11_child[2169]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 777s [p11_child[2169]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5d11807e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 777s [p11_child[2169]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 777s [p11_child[2169]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5d11807e][1561428094] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 777s [p11_child[2169]] [do_card] (0x4000): Login NOT required. 777s [p11_child[2169]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 777s [p11_child[2169]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 777s [p11_child[2169]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 777s [p11_child[2169]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5d11807e;slot-manufacturer=SoftHSM%20project;slot-id=1561428094;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=50d3a6ec5d11807e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 777s [p11_child[2169]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 777s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-3085.output 777s + echo '-----BEGIN CERTIFICATE-----' 777s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-3085.output 777s + echo '-----END CERTIFICATE-----' 777s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-3085.pem 777s Certificate: 777s Data: 777s Version: 3 (0x2) 777s Serial Number: 4 (0x4) 777s Signature Algorithm: sha256WithRSAEncryption 777s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 777s Validity 777s Not Before: Mar 9 15:30:47 2024 GMT 777s Not After : Mar 9 15:30:47 2025 GMT 777s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 777s Subject Public Key Info: 777s Public Key Algorithm: rsaEncryption 777s Public-Key: (1024 bit) 777s Modulus: 777s 00:da:7f:32:1c:8d:b6:21:0a:be:29:aa:10:ca:e7: 777s f6:b2:68:34:f2:ba:19:83:3e:c4:d7:7b:a3:dd:7a: 777s 46:77:e9:00:45:bc:0b:4b:e7:ce:2e:0a:44:54:3a: 777s 6d:ea:1a:84:6c:79:b1:db:6b:6c:58:21:f2:8f:80: 777s 5e:00:f9:78:b6:2f:34:b1:89:4e:46:04:85:fc:86: 777s 6c:cf:3b:bc:aa:c5:d5:4f:59:d0:cc:a7:b2:61:ad: 777s d2:7f:e9:14:e3:fe:78:48:12:d7:ed:90:fb:9a:c6: 777s 36:66:9b:e2:d8:ce:07:27:45:4f:97:ad:6a:d6:ef: 777s 4b:d0:a2:26:95:41:b1:1e:13 777s Exponent: 65537 (0x10001) 777s X509v3 extensions: 777s X509v3 Authority Key Identifier: 777s F4:85:17:14:EA:B5:70:25:A8:B6:D1:31:39:8E:41:7C:A7:7F:AD:A8 777s X509v3 Basic Constraints: 777s CA:FALSE 777s Netscape Cert Type: 777s SSL Client, S/MIME 777s Netscape Comment: 777s Test Organization Intermediate CA trusted Certificate 777s X509v3 Subject Key Identifier: 777s FA:EB:79:BE:59:67:21:8D:D5:D4:04:55:CF:42:26:D9:D4:EF:3D:83 777s X509v3 Key Usage: critical 777s Digital Signature, Non Repudiation, Key Encipherment 777s X509v3 Extended Key Usage: 777s TLS Web Client Authentication, E-mail Protection 777s X509v3 Subject Alternative Name: 777s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 777s Signature Algorithm: sha256WithRSAEncryption 777s Signature Value: 777s 6c:18:f5:57:27:62:72:79:82:e0:ac:93:bc:fc:6a:99:4c:3b: 777s 8a:dc:63:b1:2e:3c:5d:db:8b:63:39:40:41:a8:85:22:3b:45: 777s fc:ae:5d:67:4d:5a:ad:61:bb:0e:b5:02:de:a9:95:b8:c0:73: 777s b6:3a:fd:0b:78:cf:88:6f:cb:fb:e8:ae:36:8b:5a:0b:7e:3a: 777s d7:53:d9:92:a2:e9:16:64:3c:bb:a1:90:c5:91:3d:28:12:78: 777s c5:7b:50:1b:7f:ee:23:3e:34:4e:b2:2c:c2:e9:36:17:2e:96: 777s 98:c1:42:b8:6f:66:3e:7b:79:1d:54:0e:23:48:72:b0:ee:ec: 777s 9c:83 777s + local found_md5 expected_md5 777s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 777s + expected_md5=Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 777s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-3085.pem 777s + found_md5=Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 777s + '[' Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 '!=' Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 ']' 777s + output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-3085-auth.output 777s ++ basename /tmp/sssd-softhsm2-18HdP2/SSSD-child-3085-auth.output .output 777s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-3085-auth.pem 777s + echo -n 053350 777s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Interme Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 777s [p11_child[2177]] [main] (0x0400): p11_child started. 777s [p11_child[2177]] [main] (0x2000): Running in [auth] mode. 777s [p11_child[2177]] [main] (0x2000): Running with effective IDs: [0][0]. 777s [p11_child[2177]] [main] (0x2000): Running with real IDs [0][0]. 777s [p11_child[2177]] [do_card] (0x4000): Module List: 777s [p11_child[2177]] [do_card] (0x4000): common name: [softhsm2]. 777s [p11_child[2177]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 777s [p11_child[2177]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5d11807e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 777s [p11_child[2177]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 777s [p11_child[2177]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5d11807e][1561428094] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 777s [p11_child[2177]] [do_card] (0x4000): Login required. 777s [p11_child[2177]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 777s [p11_child[2177]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 777s [p11_child[2177]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 777s [p11_child[2177]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5d11807e;slot-manufacturer=SoftHSM%20project;slot-id=1561428094;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=50d3a6ec5d11807e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 777s [p11_child[2177]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 777s [p11_child[2177]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 777s [p11_child[2177]] [do_card] (0x4000): Certificate verified and validated. 777s [p11_child[2177]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 777s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-3085-auth.output 777s + echo '-----BEGIN CERTIFICATE-----' 777s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-3085-auth.output 777s + echo '-----END CERTIFICATE-----' 777s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-3085-auth.pem 777s Certificate: 777s Data: 777s Version: 3 (0x2) 777s Serial Number: 4 (0x4) 777s Signature Algorithm: sha256WithRSAEncryption 777s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 777s Validity 777s Not Before: Mar 9 15:30:47 2024 GMT 777s Not After : Mar 9 15:30:47 2025 GMT 777s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 777s Subject Public Key Info: 777s Public Key Algorithm: rsaEncryption 777s Public-Key: (1024 bit) 777s Modulus: 777s 00:da:7f:32:1c:8d:b6:21:0a:be:29:aa:10:ca:e7: 777s f6:b2:68:34:f2:ba:19:83:3e:c4:d7:7b:a3:dd:7a: 777s 46:77:e9:00:45:bc:0b:4b:e7:ce:2e:0a:44:54:3a: 777s 6d:ea:1a:84:6c:79:b1:db:6b:6c:58:21:f2:8f:80: 777s 5e:00:f9:78:b6:2f:34:b1:89:4e:46:04:85:fc:86: 777s 6c:cf:3b:bc:aa:c5:d5:4f:59:d0:cc:a7:b2:61:ad: 777s d2:7f:e9:14:e3:fe:78:48:12:d7:ed:90:fb:9a:c6: 777s 36:66:9b:e2:d8:ce:07:27:45:4f:97:ad:6a:d6:ef: 777s 4b:d0:a2:26:95:41:b1:1e:13 777s Exponent: 65537 (0x10001) 777s X509v3 extensions: 777s X509v3 Authority Key Identifier: 777s F4:85:17:14:EA:B5:70:25:A8:B6:D1:31:39:8E:41:7C:A7:7F:AD:A8 777s X509v3 Basic Constraints: 777s CA:FALSE 777s Netscape Cert Type: 777s SSL Client, S/MIME 777s Netscape Comment: 777s Test Organization Intermediate CA trusted Certificate 777s X509v3 Subject Key Identifier: 777s FA:EB:79:BE:59:67:21:8D:D5:D4:04:55:CF:42:26:D9:D4:EF:3D:83 777s X509v3 Key Usage: critical 777s Digital Signature, Non Repudiation, Key Encipherment 777s X509v3 Extended Key Usage: 777s TLS Web Client Authentication, E-mail Protection 777s X509v3 Subject Alternative Name: 777s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 777s Signature Algorithm: sha256WithRSAEncryption 777s Signature Value: 777s 6c:18:f5:57:27:62:72:79:82:e0:ac:93:bc:fc:6a:99:4c:3b: 777s 8a:dc:63:b1:2e:3c:5d:db:8b:63:39:40:41:a8:85:22:3b:45: 777s fc:ae:5d:67:4d:5a:ad:61:bb:0e:b5:02:de:a9:95:b8:c0:73: 777s b6:3a:fd:0b:78:cf:88:6f:cb:fb:e8:ae:36:8b:5a:0b:7e:3a: 777s d7:53:d9:92:a2:e9:16:64:3c:bb:a1:90:c5:91:3d:28:12:78: 777s c5:7b:50:1b:7f:ee:23:3e:34:4e:b2:2c:c2:e9:36:17:2e:96: 777s 98:c1:42:b8:6f:66:3e:7b:79:1d:54:0e:23:48:72:b0:ee:ec: 777s 9c:83 777s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-3085-auth.pem 777s + found_md5=Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 777s + '[' Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 '!=' Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 ']' 777s + valid_certificate /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 /tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem partial_chain 777s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 /tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem partial_chain 777s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 777s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20647 777s + local key_ring=/tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem 777s + local verify_option=partial_chain 777s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 777s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 777s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20647 777s + local key_cn 777s + local key_name 777s + local tokens_dir 777s + local output_cert_file 777s + token_name= 777s ++ basename /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem .pem 777s + key_name=test-intermediate-CA-trusted-certificate-0001 777s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 777s ++ sed -n 's/ *commonName *= //p' 777s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 777s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 777s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 777s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 777s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 777s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001 777s + token_name='Test Organization Interme Token' 777s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 777s + '[' '!' -d /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 777s + echo 'Test Organization Interme Token' 777s + '[' -n partial_chain ']' 777s + local verify_arg=--verify=partial_chain 777s + local output_base_name=SSSD-child-19754 777s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-19754.output 777s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-19754.pem 777s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem 777s Test Organization Interme Token 777s [p11_child[2187]] [main] (0x0400): p11_child started. 777s [p11_child[2187]] [main] (0x2000): Running in [pre-auth] mode. 777s [p11_child[2187]] [main] (0x2000): Running with effective IDs: [0][0]. 777s [p11_child[2187]] [main] (0x2000): Running with real IDs [0][0]. 777s [p11_child[2187]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 777s [p11_child[2187]] [do_card] (0x4000): Module List: 777s [p11_child[2187]] [do_card] (0x4000): common name: [softhsm2]. 777s [p11_child[2187]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 777s [p11_child[2187]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5d11807e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 777s [p11_child[2187]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 777s [p11_child[2187]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5d11807e][1561428094] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 777s [p11_child[2187]] [do_card] (0x4000): Login NOT required. 777s [p11_child[2187]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 777s [p11_child[2187]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 777s [p11_child[2187]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 777s [p11_child[2187]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5d11807e;slot-manufacturer=SoftHSM%20project;slot-id=1561428094;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=50d3a6ec5d11807e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 777s [p11_child[2187]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 777s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-19754.output 777s + echo '-----BEGIN CERTIFICATE-----' 777s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-19754.output 777s + echo '-----END CERTIFICATE-----' 777s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-19754.pem 777s Certificate: 777s Data: 777s Version: 3 (0x2) 777s Serial Number: 4 (0x4) 777s Signature Algorithm: sha256WithRSAEncryption 777s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 777s Validity 777s Not Before: Mar 9 15:30:47 2024 GMT 777s Not After : Mar 9 15:30:47 2025 GMT 777s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 777s Subject Public Key Info: 777s Public Key Algorithm: rsaEncryption 777s Public-Key: (1024 bit) 777s Modulus: 777s 00:da:7f:32:1c:8d:b6:21:0a:be:29:aa:10:ca:e7: 777s f6:b2:68:34:f2:ba:19:83:3e:c4:d7:7b:a3:dd:7a: 777s 46:77:e9:00:45:bc:0b:4b:e7:ce:2e:0a:44:54:3a: 777s 6d:ea:1a:84:6c:79:b1:db:6b:6c:58:21:f2:8f:80: 777s 5e:00:f9:78:b6:2f:34:b1:89:4e:46:04:85:fc:86: 777s 6c:cf:3b:bc:aa:c5:d5:4f:59:d0:cc:a7:b2:61:ad: 777s d2:7f:e9:14:e3:fe:78:48:12:d7:ed:90:fb:9a:c6: 777s 36:66:9b:e2:d8:ce:07:27:45:4f:97:ad:6a:d6:ef: 777s 4b:d0:a2:26:95:41:b1:1e:13 777s Exponent: 65537 (0x10001) 777s X509v3 extensions: 777s X509v3 Authority Key Identifier: 777s F4:85:17:14:EA:B5:70:25:A8:B6:D1:31:39:8E:41:7C:A7:7F:AD:A8 777s X509v3 Basic Constraints: 777s CA:FALSE 777s Netscape Cert Type: 777s SSL Client, S/MIME 777s Netscape Comment: 777s Test Organization Intermediate CA trusted Certificate 777s X509v3 Subject Key Identifier: 777s FA:EB:79:BE:59:67:21:8D:D5:D4:04:55:CF:42:26:D9:D4:EF:3D:83 777s X509v3 Key Usage: critical 777s Digital Signature, Non Repudiation, Key Encipherment 777s X509v3 Extended Key Usage: 777s TLS Web Client Authentication, E-mail Protection 777s X509v3 Subject Alternative Name: 777s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 777s Signature Algorithm: sha256WithRSAEncryption 777s Signature Value: 777s 6c:18:f5:57:27:62:72:79:82:e0:ac:93:bc:fc:6a:99:4c:3b: 777s 8a:dc:63:b1:2e:3c:5d:db:8b:63:39:40:41:a8:85:22:3b:45: 777s fc:ae:5d:67:4d:5a:ad:61:bb:0e:b5:02:de:a9:95:b8:c0:73: 777s b6:3a:fd:0b:78:cf:88:6f:cb:fb:e8:ae:36:8b:5a:0b:7e:3a: 777s d7:53:d9:92:a2:e9:16:64:3c:bb:a1:90:c5:91:3d:28:12:78: 777s c5:7b:50:1b:7f:ee:23:3e:34:4e:b2:2c:c2:e9:36:17:2e:96: 777s 98:c1:42:b8:6f:66:3e:7b:79:1d:54:0e:23:48:72:b0:ee:ec: 777s 9c:83 777s + local found_md5 expected_md5 777s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 777s + expected_md5=Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 777s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-19754.pem 777s + found_md5=Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 777s + '[' Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 '!=' Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 ']' 777s + output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-19754-auth.output 777s ++ basename /tmp/sssd-softhsm2-18HdP2/SSSD-child-19754-auth.output .output 777s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-19754-auth.pem 777s + echo -n 053350 777s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 777s [p11_child[2195]] [main] (0x0400): p11_child started. 777s [p11_child[2195]] [main] (0x2000): Running in [auth] mode. 777s [p11_child[2195]] [main] (0x2000): Running with effective IDs: [0][0]. 777s [p11_child[2195]] [main] (0x2000): Running with real IDs [0][0]. 777s [p11_child[2195]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 777s [p11_child[2195]] [do_card] (0x4000): Module List: 777s [p11_child[2195]] [do_card] (0x4000): common name: [softhsm2]. 777s [p11_child[2195]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 777s [p11_child[2195]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5d11807e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 777s [p11_child[2195]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 777s [p11_child[2195]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5d11807e][1561428094] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 777s [p11_child[2195]] [do_card] (0x4000): Login required. 777s [p11_child[2195]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 777s [p11_child[2195]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 777s [p11_child[2195]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 777s [p11_child[2195]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5d11807e;slot-manufacturer=SoftHSM%20project;slot-id=1561428094;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=50d3a6ec5d11807e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 777s [p11_child[2195]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 777s [p11_child[2195]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 777s [p11_child[2195]] [do_card] (0x4000): Certificate verified and validated. 777s [p11_child[2195]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 777s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-19754-auth.output 777s + echo '-----BEGIN CERTIFICATE-----' 777s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-19754-auth.output 777s + echo '-----END CERTIFICATE-----' 777s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-19754-auth.pem 777s Certificate: 777s Data: 777s Version: 3 (0x2) 777s Serial Number: 4 (0x4) 777s Signature Algorithm: sha256WithRSAEncryption 777s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 777s Validity 777s Not Before: Mar 9 15:30:47 2024 GMT 777s Not After : Mar 9 15:30:47 2025 GMT 777s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 777s Subject Public Key Info: 777s Public Key Algorithm: rsaEncryption 777s Public-Key: (1024 bit) 777s Modulus: 777s 00:da:7f:32:1c:8d:b6:21:0a:be:29:aa:10:ca:e7: 777s f6:b2:68:34:f2:ba:19:83:3e:c4:d7:7b:a3:dd:7a: 777s 46:77:e9:00:45:bc:0b:4b:e7:ce:2e:0a:44:54:3a: 777s 6d:ea:1a:84:6c:79:b1:db:6b:6c:58:21:f2:8f:80: 777s 5e:00:f9:78:b6:2f:34:b1:89:4e:46:04:85:fc:86: 777s 6c:cf:3b:bc:aa:c5:d5:4f:59:d0:cc:a7:b2:61:ad: 777s d2:7f:e9:14:e3:fe:78:48:12:d7:ed:90:fb:9a:c6: 777s 36:66:9b:e2:d8:ce:07:27:45:4f:97:ad:6a:d6:ef: 777s 4b:d0:a2:26:95:41:b1:1e:13 777s Exponent: 65537 (0x10001) 777s X509v3 extensions: 777s X509v3 Authority Key Identifier: 777s F4:85:17:14:EA:B5:70:25:A8:B6:D1:31:39:8E:41:7C:A7:7F:AD:A8 777s X509v3 Basic Constraints: 777s CA:FALSE 777s Netscape Cert Type: 777s SSL Client, S/MIME 777s Netscape Comment: 777s Test Organization Intermediate CA trusted Certificate 777s X509v3 Subject Key Identifier: 777s FA:EB:79:BE:59:67:21:8D:D5:D4:04:55:CF:42:26:D9:D4:EF:3D:83 777s X509v3 Key Usage: critical 777s Digital Signature, Non Repudiation, Key Encipherment 777s X509v3 Extended Key Usage: 777s TLS Web Client Authentication, E-mail Protection 777s X509v3 Subject Alternative Name: 777s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 777s Signature Algorithm: sha256WithRSAEncryption 777s Signature Value: 777s 6c:18:f5:57:27:62:72:79:82:e0:ac:93:bc:fc:6a:99:4c:3b: 777s 8a:dc:63:b1:2e:3c:5d:db:8b:63:39:40:41:a8:85:22:3b:45: 777s fc:ae:5d:67:4d:5a:ad:61:bb:0e:b5:02:de:a9:95:b8:c0:73: 777s b6:3a:fd:0b:78:cf:88:6f:cb:fb:e8:ae:36:8b:5a:0b:7e:3a: 777s d7:53:d9:92:a2:e9:16:64:3c:bb:a1:90:c5:91:3d:28:12:78: 777s c5:7b:50:1b:7f:ee:23:3e:34:4e:b2:2c:c2:e9:36:17:2e:96: 777s 98:c1:42:b8:6f:66:3e:7b:79:1d:54:0e:23:48:72:b0:ee:ec: 777s 9c:83 777s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-19754-auth.pem 777s + found_md5=Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 777s + '[' Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 '!=' Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 ']' 777s + invalid_certificate /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem 777s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem 777s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 777s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20647 777s + local key_ring=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem 777s + local verify_option= 777s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 777s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 777s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20647 777s + local key_cn 777s + local key_name 777s + local tokens_dir 777s + local output_cert_file 777s + token_name= 777s ++ basename /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem .pem 777s + key_name=test-intermediate-CA-trusted-certificate-0001 777s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 777s ++ sed -n 's/ *commonName *= //p' 777s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 777s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 777s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 777s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 777s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 777s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001 777s + token_name='Test Organization Interme Token' 777s Test Organization Interme Token 777s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 777s + '[' '!' -d /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 777s + echo 'Test Organization Interme Token' 777s + '[' -n '' ']' 777s + local output_base_name=SSSD-child-31384 777s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-31384.output 777s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-31384.pem 777s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem 777s [p11_child[2205]] [main] (0x0400): p11_child started. 777s [p11_child[2205]] [main] (0x2000): Running in [pre-auth] mode. 777s [p11_child[2205]] [main] (0x2000): Running with effective IDs: [0][0]. 777s [p11_child[2205]] [main] (0x2000): Running with real IDs [0][0]. 777s [p11_child[2205]] [do_card] (0x4000): Module List: 777s [p11_child[2205]] [do_card] (0x4000): common name: [softhsm2]. 777s [p11_child[2205]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 777s [p11_child[2205]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5d11807e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 777s [p11_child[2205]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 777s [p11_child[2205]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5d11807e][1561428094] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 777s [p11_child[2205]] [do_card] (0x4000): Login NOT required. 777s [p11_child[2205]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 777s [p11_child[2205]] [do_verification] (0x0040): X509_verify_cert failed [0]. 777s [p11_child[2205]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 777s [p11_child[2205]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 777s [p11_child[2205]] [do_card] (0x4000): No certificate found. 777s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-31384.output 777s + return 2 777s + valid_certificate /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem partial_chain 777s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem partial_chain 777s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 777s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20647 777s + local key_ring=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem 777s + local verify_option=partial_chain 777s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-20647 777s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 777s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-20647 777s + local key_cn 777s + local key_name 777s + local tokens_dir 777s + local output_cert_file 777s + token_name= 777s ++ basename /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem .pem 777s + key_name=test-intermediate-CA-trusted-certificate-0001 777s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 777s ++ sed -n 's/ *commonName *= //p' 777s Test Organization Interme Token 777s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 777s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 777s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 777s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 777s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 777s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001 777s + token_name='Test Organization Interme Token' 777s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 777s + '[' '!' -d /tmp/sssd-softhsm2-18HdP2/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 777s + echo 'Test Organization Interme Token' 777s + '[' -n partial_chain ']' 777s + local verify_arg=--verify=partial_chain 777s + local output_base_name=SSSD-child-191 777s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-191.output 777s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-191.pem 777s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem 777s [p11_child[2212]] [main] (0x0400): p11_child started. 777s [p11_child[2212]] [main] (0x2000): Running in [pre-auth] mode. 777s [p11_child[2212]] [main] (0x2000): Running with effective IDs: [0][0]. 777s [p11_child[2212]] [main] (0x2000): Running with real IDs [0][0]. 777s [p11_child[2212]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 777s [p11_child[2212]] [do_card] (0x4000): Module List: 777s [p11_child[2212]] [do_card] (0x4000): common name: [softhsm2]. 777s [p11_child[2212]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 777s [p11_child[2212]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5d11807e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 777s [p11_child[2212]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 777s [p11_child[2212]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5d11807e][1561428094] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 777s [p11_child[2212]] [do_card] (0x4000): Login NOT required. 777s [p11_child[2212]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 777s [p11_child[2212]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 777s [p11_child[2212]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 777s [p11_child[2212]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5d11807e;slot-manufacturer=SoftHSM%20project;slot-id=1561428094;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=50d3a6ec5d11807e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 777s [p11_child[2212]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 777s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-191.output 777s + echo '-----BEGIN CERTIFICATE-----' 777s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-191.output 777s + echo '-----END CERTIFICATE-----' 777s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-191.pem 777s Certificate: 777s Data: 777s Version: 3 (0x2) 777s Serial Number: 4 (0x4) 777s Signature Algorithm: sha256WithRSAEncryption 777s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 777s Validity 777s Not Before: Mar 9 15:30:47 2024 GMT 777s Not After : Mar 9 15:30:47 2025 GMT 777s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 777s Subject Public Key Info: 777s Public Key Algorithm: rsaEncryption 777s Public-Key: (1024 bit) 777s Modulus: 777s 00:da:7f:32:1c:8d:b6:21:0a:be:29:aa:10:ca:e7: 777s f6:b2:68:34:f2:ba:19:83:3e:c4:d7:7b:a3:dd:7a: 777s 46:77:e9:00:45:bc:0b:4b:e7:ce:2e:0a:44:54:3a: 777s 6d:ea:1a:84:6c:79:b1:db:6b:6c:58:21:f2:8f:80: 777s 5e:00:f9:78:b6:2f:34:b1:89:4e:46:04:85:fc:86: 777s 6c:cf:3b:bc:aa:c5:d5:4f:59:d0:cc:a7:b2:61:ad: 777s d2:7f:e9:14:e3:fe:78:48:12:d7:ed:90:fb:9a:c6: 777s 36:66:9b:e2:d8:ce:07:27:45:4f:97:ad:6a:d6:ef: 777s 4b:d0:a2:26:95:41:b1:1e:13 777s Exponent: 65537 (0x10001) 777s X509v3 extensions: 777s X509v3 Authority Key Identifier: 777s F4:85:17:14:EA:B5:70:25:A8:B6:D1:31:39:8E:41:7C:A7:7F:AD:A8 777s X509v3 Basic Constraints: 777s CA:FALSE 777s Netscape Cert Type: 777s SSL Client, S/MIME 777s Netscape Comment: 777s Test Organization Intermediate CA trusted Certificate 777s X509v3 Subject Key Identifier: 777s FA:EB:79:BE:59:67:21:8D:D5:D4:04:55:CF:42:26:D9:D4:EF:3D:83 777s X509v3 Key Usage: critical 777s Digital Signature, Non Repudiation, Key Encipherment 777s X509v3 Extended Key Usage: 777s TLS Web Client Authentication, E-mail Protection 777s X509v3 Subject Alternative Name: 777s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 777s Signature Algorithm: sha256WithRSAEncryption 777s Signature Value: 777s 6c:18:f5:57:27:62:72:79:82:e0:ac:93:bc:fc:6a:99:4c:3b: 777s 8a:dc:63:b1:2e:3c:5d:db:8b:63:39:40:41:a8:85:22:3b:45: 777s fc:ae:5d:67:4d:5a:ad:61:bb:0e:b5:02:de:a9:95:b8:c0:73: 777s b6:3a:fd:0b:78:cf:88:6f:cb:fb:e8:ae:36:8b:5a:0b:7e:3a: 777s d7:53:d9:92:a2:e9:16:64:3c:bb:a1:90:c5:91:3d:28:12:78: 777s c5:7b:50:1b:7f:ee:23:3e:34:4e:b2:2c:c2:e9:36:17:2e:96: 777s 98:c1:42:b8:6f:66:3e:7b:79:1d:54:0e:23:48:72:b0:ee:ec: 777s 9c:83 777s + local found_md5 expected_md5 777s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/test-intermediate-CA-trusted-certificate-0001.pem 777s + expected_md5=Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 777s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-191.pem 777s + found_md5=Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 777s + '[' Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 '!=' Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 ']' 777s + output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-191-auth.output 777s ++ basename /tmp/sssd-softhsm2-18HdP2/SSSD-child-191-auth.output .output 777s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-191-auth.pem 777s + echo -n 053350 777s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-18HdP2/test-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 777s [p11_child[2220]] [main] (0x0400): p11_child started. 777s [p11_child[2220]] [main] (0x2000): Running in [auth] mode. 777s [p11_child[2220]] [main] (0x2000): Running with effective IDs: [0][0]. 777s [p11_child[2220]] [main] (0x2000): Running with real IDs [0][0]. 777s [p11_child[2220]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 777s [p11_child[2220]] [do_card] (0x4000): Module List: 777s [p11_child[2220]] [do_card] (0x4000): common name: [softhsm2]. 777s [p11_child[2220]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 777s [p11_child[2220]] [do_card] (0x4000): Description [SoftHSM slot ID 0x5d11807e] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 777s [p11_child[2220]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 777s [p11_child[2220]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x5d11807e][1561428094] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 777s [p11_child[2220]] [do_card] (0x4000): Login required. 777s [p11_child[2220]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 777s [p11_child[2220]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 777s [p11_child[2220]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 777s [p11_child[2220]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x5d11807e;slot-manufacturer=SoftHSM%20project;slot-id=1561428094;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=50d3a6ec5d11807e;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 777s [p11_child[2220]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 777s [p11_child[2220]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 777s [p11_child[2220]] [do_card] (0x4000): Certificate verified and validated. 777s [p11_child[2220]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 777s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-191-auth.output 777s + echo '-----BEGIN CERTIFICATE-----' 777s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-191-auth.output 777s + echo '-----END CERTIFICATE-----' 777s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-191-auth.pem 777s Certificate: 777s Data: 777s Version: 3 (0x2) 777s Serial Number: 4 (0x4) 777s Signature Algorithm: sha256WithRSAEncryption 777s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 777s Validity 777s Not Before: Mar 9 15:30:47 2024 GMT 777s Not After : Mar 9 15:30:47 2025 GMT 777s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 777s Subject Public Key Info: 777s Public Key Algorithm: rsaEncryption 777s Public-Key: (1024 bit) 777s Modulus: 777s 00:da:7f:32:1c:8d:b6:21:0a:be:29:aa:10:ca:e7: 777s f6:b2:68:34:f2:ba:19:83:3e:c4:d7:7b:a3:dd:7a: 777s 46:77:e9:00:45:bc:0b:4b:e7:ce:2e:0a:44:54:3a: 777s 6d:ea:1a:84:6c:79:b1:db:6b:6c:58:21:f2:8f:80: 777s 5e:00:f9:78:b6:2f:34:b1:89:4e:46:04:85:fc:86: 777s 6c:cf:3b:bc:aa:c5:d5:4f:59:d0:cc:a7:b2:61:ad: 777s d2:7f:e9:14:e3:fe:78:48:12:d7:ed:90:fb:9a:c6: 777s 36:66:9b:e2:d8:ce:07:27:45:4f:97:ad:6a:d6:ef: 777s 4b:d0:a2:26:95:41:b1:1e:13 777s Exponent: 65537 (0x10001) 777s X509v3 extensions: 777s X509v3 Authority Key Identifier: 777s F4:85:17:14:EA:B5:70:25:A8:B6:D1:31:39:8E:41:7C:A7:7F:AD:A8 777s X509v3 Basic Constraints: 777s CA:FALSE 777s Netscape Cert Type: 777s SSL Client, S/MIME 777s Netscape Comment: 777s Test Organization Intermediate CA trusted Certificate 777s X509v3 Subject Key Identifier: 777s FA:EB:79:BE:59:67:21:8D:D5:D4:04:55:CF:42:26:D9:D4:EF:3D:83 777s X509v3 Key Usage: critical 777s Digital Signature, Non Repudiation, Key Encipherment 777s X509v3 Extended Key Usage: 777s TLS Web Client Authentication, E-mail Protection 777s X509v3 Subject Alternative Name: 777s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 777s Signature Algorithm: sha256WithRSAEncryption 777s Signature Value: 777s 6c:18:f5:57:27:62:72:79:82:e0:ac:93:bc:fc:6a:99:4c:3b: 777s 8a:dc:63:b1:2e:3c:5d:db:8b:63:39:40:41:a8:85:22:3b:45: 777s fc:ae:5d:67:4d:5a:ad:61:bb:0e:b5:02:de:a9:95:b8:c0:73: 777s b6:3a:fd:0b:78:cf:88:6f:cb:fb:e8:ae:36:8b:5a:0b:7e:3a: 777s d7:53:d9:92:a2:e9:16:64:3c:bb:a1:90:c5:91:3d:28:12:78: 777s c5:7b:50:1b:7f:ee:23:3e:34:4e:b2:2c:c2:e9:36:17:2e:96: 777s 98:c1:42:b8:6f:66:3e:7b:79:1d:54:0e:23:48:72:b0:ee:ec: 777s 9c:83 777s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-191-auth.pem 777s + found_md5=Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 777s + '[' Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 '!=' Modulus=DA7F321C8DB6210ABE29AA10CAE7F6B26834F2BA19833EC4D77BA3DD7A4677E90045BC0B4BE7CE2E0A44543A6DEA1A846C79B1DB6B6C5821F28F805E00F978B62F34B1894E460485FC866CCF3BBCAAC5D54F59D0CCA7B261ADD27FE914E3FE784812D7ED90FB9AC636669BE2D8CE0727454F97AD6AD6EF4BD0A2269541B11E13 ']' 777s + invalid_certificate /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 /tmp/sssd-softhsm2-18HdP2/test-root-CA.pem 777s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 /tmp/sssd-softhsm2-18HdP2/test-root-CA.pem 777s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 777s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-183 777s + local key_ring=/tmp/sssd-softhsm2-18HdP2/test-root-CA.pem 777s + local verify_option= 777s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 777s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 777s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-183 777s + local key_cn 777s + local key_name 777s + local tokens_dir 777s + local output_cert_file 777s + token_name= 777s ++ basename /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 777s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 777s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 777s ++ sed -n 's/ *commonName *= //p' 777s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 777s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 777s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 777s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 777s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 777s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 777s + token_name='Test Organization Sub Int Token' 777s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 777s + local key_file 777s + local decrypted_key 777s + mkdir -p /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 777s + key_file=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 777s + decrypted_key=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 777s + cat 777s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 053350 --so-pin 053350 --free 777s Slot 0 has a free/uninitialized token. 777s The token has been initialized and is reassigned to slot 1416846834 777s + softhsm2-util --show-slots 777s Available slots: 777s Slot 1416846834 777s Slot info: 777s Description: SoftHSM slot ID 0x54735df2 777s Manufacturer ID: SoftHSM project 777s Hardware version: 2.6 777s Firmware version: 2.6 777s Token present: yes 777s Token info: 777s Manufacturer ID: SoftHSM project 777s Model: SoftHSM v2 777s Hardware version: 2.6 777s Firmware version: 2.6 777s Serial number: 5132f0af54735df2 778s Initialized: yes 778s User PIN init.: yes 778s Label: Test Organization Sub Int Token 778s Slot 1 778s Slot info: 778s Description: SoftHSM slot ID 0x1 778s Manufacturer ID: SoftHSM project 778s Hardware version: 2.6 778s Firmware version: 2.6 778s Token present: yes 778s Token info: 778s Manufacturer ID: SoftHSM project 778s Model: SoftHSM v2 778s Hardware version: 2.6 778s Firmware version: 2.6 778s Serial number: 778s Initialized: no 778s User PIN init.: no 778s Label: 778s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 778s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-183 -in /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 778s writing RSA key 778s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 778s + rm /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 778s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 778s Object 0: 778s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5132f0af54735df2;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 778s Type: X.509 Certificate (RSA-1024) 778s Expires: Sun Mar 9 15:30:47 2025 778s Label: Test Organization Sub Intermediate Trusted Certificate 0001 778s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 778s 778s Test Organization Sub Int Token 778s + echo 'Test Organization Sub Int Token' 778s + '[' -n '' ']' 778s + local output_base_name=SSSD-child-9654 778s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-9654.output 778s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-9654.pem 778s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-18HdP2/test-root-CA.pem 778s [p11_child[2239]] [main] (0x0400): p11_child started. 778s [p11_child[2239]] [main] (0x2000): Running in [pre-auth] mode. 778s [p11_child[2239]] [main] (0x2000): Running with effective IDs: [0][0]. 778s [p11_child[2239]] [main] (0x2000): Running with real IDs [0][0]. 778s [p11_child[2239]] [do_card] (0x4000): Module List: 778s [p11_child[2239]] [do_card] (0x4000): common name: [softhsm2]. 778s [p11_child[2239]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2239]] [do_card] (0x4000): Description [SoftHSM slot ID 0x54735df2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 778s [p11_child[2239]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 778s [p11_child[2239]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x54735df2][1416846834] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2239]] [do_card] (0x4000): Login NOT required. 778s [p11_child[2239]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 778s [p11_child[2239]] [do_verification] (0x0040): X509_verify_cert failed [0]. 778s [p11_child[2239]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 778s [p11_child[2239]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 778s [p11_child[2239]] [do_card] (0x4000): No certificate found. 778s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-9654.output 778s + return 2 778s + invalid_certificate /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 /tmp/sssd-softhsm2-18HdP2/test-root-CA.pem partial_chain 778s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 /tmp/sssd-softhsm2-18HdP2/test-root-CA.pem partial_chain 778s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-183 778s + local key_ring=/tmp/sssd-softhsm2-18HdP2/test-root-CA.pem 778s + local verify_option=partial_chain 778s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 778s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-183 778s + local key_cn 778s + local key_name 778s + local tokens_dir 778s + local output_cert_file 778s + token_name= 778s ++ basename /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 778s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 778s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s ++ sed -n 's/ *commonName *= //p' 778s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 778s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 778s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 778s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 778s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 778s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 778s + token_name='Test Organization Sub Int Token' 778s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 778s + '[' '!' -d /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 778s + echo 'Test Organization Sub Int Token' 778s Test Organization Sub Int Token 778s + '[' -n partial_chain ']' 778s + local verify_arg=--verify=partial_chain 778s + local output_base_name=SSSD-child-21371 778s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-21371.output 778s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-21371.pem 778s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-18HdP2/test-root-CA.pem 778s [p11_child[2246]] [main] (0x0400): p11_child started. 778s [p11_child[2246]] [main] (0x2000): Running in [pre-auth] mode. 778s [p11_child[2246]] [main] (0x2000): Running with effective IDs: [0][0]. 778s [p11_child[2246]] [main] (0x2000): Running with real IDs [0][0]. 778s [p11_child[2246]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 778s [p11_child[2246]] [do_card] (0x4000): Module List: 778s [p11_child[2246]] [do_card] (0x4000): common name: [softhsm2]. 778s [p11_child[2246]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2246]] [do_card] (0x4000): Description [SoftHSM slot ID 0x54735df2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 778s [p11_child[2246]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 778s [p11_child[2246]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x54735df2][1416846834] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2246]] [do_card] (0x4000): Login NOT required. 778s [p11_child[2246]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 778s [p11_child[2246]] [do_verification] (0x0040): X509_verify_cert failed [0]. 778s [p11_child[2246]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 778s [p11_child[2246]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 778s [p11_child[2246]] [do_card] (0x4000): No certificate found. 778s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-21371.output 778s + return 2 778s + valid_certificate /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 /tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem 778s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 /tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem 778s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-183 778s + local key_ring=/tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem 778s + local verify_option= 778s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 778s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-183 778s + local key_cn 778s + local key_name 778s + local tokens_dir 778s + local output_cert_file 778s + token_name= 778s ++ basename /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 778s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 778s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s ++ sed -n 's/ *commonName *= //p' 778s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 778s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 778s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 778s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 778s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 778s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 778s + token_name='Test Organization Sub Int Token' 778s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 778s + '[' '!' -d /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 778s + echo 'Test Organization Sub Int Token' 778s + '[' -n '' ']' 778s + local output_base_name=SSSD-child-21120 778s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-21120.output 778s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-21120.pem 778s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem 778s Test Organization Sub Int Token 778s [p11_child[2253]] [main] (0x0400): p11_child started. 778s [p11_child[2253]] [main] (0x2000): Running in [pre-auth] mode. 778s [p11_child[2253]] [main] (0x2000): Running with effective IDs: [0][0]. 778s [p11_child[2253]] [main] (0x2000): Running with real IDs [0][0]. 778s [p11_child[2253]] [do_card] (0x4000): Module List: 778s [p11_child[2253]] [do_card] (0x4000): common name: [softhsm2]. 778s [p11_child[2253]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2253]] [do_card] (0x4000): Description [SoftHSM slot ID 0x54735df2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 778s [p11_child[2253]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 778s [p11_child[2253]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x54735df2][1416846834] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2253]] [do_card] (0x4000): Login NOT required. 778s [p11_child[2253]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 778s [p11_child[2253]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 778s [p11_child[2253]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 778s [p11_child[2253]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x54735df2;slot-manufacturer=SoftHSM%20project;slot-id=1416846834;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5132f0af54735df2;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 778s [p11_child[2253]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 778s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-21120.output 778s + echo '-----BEGIN CERTIFICATE-----' 778s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-21120.output 778s + echo '-----END CERTIFICATE-----' 778s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-21120.pem 778s Certificate: 778s Data: 778s Version: 3 (0x2) 778s Serial Number: 5 (0x5) 778s Signature Algorithm: sha256WithRSAEncryption 778s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 778s Validity 778s Not Before: Mar 9 15:30:47 2024 GMT 778s Not After : Mar 9 15:30:47 2025 GMT 778s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 778s Subject Public Key Info: 778s Public Key Algorithm: rsaEncryption 778s Public-Key: (1024 bit) 778s Modulus: 778s 00:9b:66:5e:36:2e:e8:df:31:8e:81:d3:69:fa:fc: 778s d2:e0:96:4d:26:1b:6f:f0:ec:0c:da:86:2a:86:31: 778s 8a:57:02:89:23:60:c6:fd:cb:f1:9c:32:9e:7a:e0: 778s bd:cb:c2:cb:18:0b:cb:09:9d:b3:c3:62:27:55:f9: 778s 95:51:55:74:1e:4f:0a:9d:16:70:9c:97:7f:8e:b7: 778s 73:fa:f9:69:80:bd:a0:cf:62:f0:4c:bc:d7:de:ed: 778s e7:1b:9d:43:ff:40:ee:32:aa:d8:7b:75:7e:84:5f: 778s 80:78:51:30:51:c9:85:bc:b0:af:0c:bb:5d:d3:10: 778s 51:ad:f5:6c:21:56:7f:b1:55 778s Exponent: 65537 (0x10001) 778s X509v3 extensions: 778s X509v3 Authority Key Identifier: 778s 9E:95:F0:D7:78:98:86:03:E8:94:BE:39:09:08:5B:DE:DA:78:74:13 778s X509v3 Basic Constraints: 778s CA:FALSE 778s Netscape Cert Type: 778s SSL Client, S/MIME 778s Netscape Comment: 778s Test Organization Sub Intermediate CA trusted Certificate 778s X509v3 Subject Key Identifier: 778s BF:C3:C8:8F:D6:41:1F:A0:6D:5D:29:21:EB:76:DB:D2:72:29:5F:23 778s X509v3 Key Usage: critical 778s Digital Signature, Non Repudiation, Key Encipherment 778s X509v3 Extended Key Usage: 778s TLS Web Client Authentication, E-mail Protection 778s X509v3 Subject Alternative Name: 778s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 778s Signature Algorithm: sha256WithRSAEncryption 778s Signature Value: 778s 10:16:97:34:34:ff:74:71:bc:3d:d4:53:87:d3:1e:38:5a:af: 778s f7:81:fa:7d:9d:7a:ee:a7:4c:1c:9d:12:e0:07:fb:94:61:d7: 778s 9e:40:bd:6f:5a:e6:08:31:f6:d3:95:37:8a:09:d4:27:f5:42: 778s ec:c9:e2:55:05:92:7c:e3:1c:4f:77:c3:db:ff:75:9b:a3:b7: 778s 82:27:cf:15:cf:b9:35:59:3a:89:4e:c8:b8:77:81:ab:12:12: 778s 17:40:17:fb:74:34:79:8e:a2:10:97:af:a4:ef:c8:41:bf:1b: 778s c6:6f:b5:0c:20:5a:d1:9c:66:9e:09:9c:6f:a6:48:20:23:ae: 778s 55:19 778s + local found_md5 expected_md5 778s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s + expected_md5=Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 778s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-21120.pem 778s + found_md5=Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 778s + '[' Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 '!=' Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 ']' 778s + output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-21120-auth.output 778s ++ basename /tmp/sssd-softhsm2-18HdP2/SSSD-child-21120-auth.output .output 778s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-21120-auth.pem 778s + echo -n 053350 778s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 778s [p11_child[2261]] [main] (0x0400): p11_child started. 778s [p11_child[2261]] [main] (0x2000): Running in [auth] mode. 778s [p11_child[2261]] [main] (0x2000): Running with effective IDs: [0][0]. 778s [p11_child[2261]] [main] (0x2000): Running with real IDs [0][0]. 778s [p11_child[2261]] [do_card] (0x4000): Module List: 778s [p11_child[2261]] [do_card] (0x4000): common name: [softhsm2]. 778s [p11_child[2261]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2261]] [do_card] (0x4000): Description [SoftHSM slot ID 0x54735df2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 778s [p11_child[2261]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 778s [p11_child[2261]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x54735df2][1416846834] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2261]] [do_card] (0x4000): Login required. 778s [p11_child[2261]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 778s [p11_child[2261]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 778s [p11_child[2261]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 778s [p11_child[2261]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x54735df2;slot-manufacturer=SoftHSM%20project;slot-id=1416846834;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5132f0af54735df2;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 778s [p11_child[2261]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 778s [p11_child[2261]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 778s [p11_child[2261]] [do_card] (0x4000): Certificate verified and validated. 778s [p11_child[2261]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 778s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-21120-auth.output 778s + echo '-----BEGIN CERTIFICATE-----' 778s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-21120-auth.output 778s + echo '-----END CERTIFICATE-----' 778s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-21120-auth.pem 778s Certificate: 778s Data: 778s Version: 3 (0x2) 778s Serial Number: 5 (0x5) 778s Signature Algorithm: sha256WithRSAEncryption 778s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 778s Validity 778s Not Before: Mar 9 15:30:47 2024 GMT 778s Not After : Mar 9 15:30:47 2025 GMT 778s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 778s Subject Public Key Info: 778s Public Key Algorithm: rsaEncryption 778s Public-Key: (1024 bit) 778s Modulus: 778s 00:9b:66:5e:36:2e:e8:df:31:8e:81:d3:69:fa:fc: 778s d2:e0:96:4d:26:1b:6f:f0:ec:0c:da:86:2a:86:31: 778s 8a:57:02:89:23:60:c6:fd:cb:f1:9c:32:9e:7a:e0: 778s bd:cb:c2:cb:18:0b:cb:09:9d:b3:c3:62:27:55:f9: 778s 95:51:55:74:1e:4f:0a:9d:16:70:9c:97:7f:8e:b7: 778s 73:fa:f9:69:80:bd:a0:cf:62:f0:4c:bc:d7:de:ed: 778s e7:1b:9d:43:ff:40:ee:32:aa:d8:7b:75:7e:84:5f: 778s 80:78:51:30:51:c9:85:bc:b0:af:0c:bb:5d:d3:10: 778s 51:ad:f5:6c:21:56:7f:b1:55 778s Exponent: 65537 (0x10001) 778s X509v3 extensions: 778s X509v3 Authority Key Identifier: 778s 9E:95:F0:D7:78:98:86:03:E8:94:BE:39:09:08:5B:DE:DA:78:74:13 778s X509v3 Basic Constraints: 778s CA:FALSE 778s Netscape Cert Type: 778s SSL Client, S/MIME 778s Netscape Comment: 778s Test Organization Sub Intermediate CA trusted Certificate 778s X509v3 Subject Key Identifier: 778s BF:C3:C8:8F:D6:41:1F:A0:6D:5D:29:21:EB:76:DB:D2:72:29:5F:23 778s X509v3 Key Usage: critical 778s Digital Signature, Non Repudiation, Key Encipherment 778s X509v3 Extended Key Usage: 778s TLS Web Client Authentication, E-mail Protection 778s X509v3 Subject Alternative Name: 778s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 778s Signature Algorithm: sha256WithRSAEncryption 778s Signature Value: 778s 10:16:97:34:34:ff:74:71:bc:3d:d4:53:87:d3:1e:38:5a:af: 778s f7:81:fa:7d:9d:7a:ee:a7:4c:1c:9d:12:e0:07:fb:94:61:d7: 778s 9e:40:bd:6f:5a:e6:08:31:f6:d3:95:37:8a:09:d4:27:f5:42: 778s ec:c9:e2:55:05:92:7c:e3:1c:4f:77:c3:db:ff:75:9b:a3:b7: 778s 82:27:cf:15:cf:b9:35:59:3a:89:4e:c8:b8:77:81:ab:12:12: 778s 17:40:17:fb:74:34:79:8e:a2:10:97:af:a4:ef:c8:41:bf:1b: 778s c6:6f:b5:0c:20:5a:d1:9c:66:9e:09:9c:6f:a6:48:20:23:ae: 778s 55:19 778s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-21120-auth.pem 778s + found_md5=Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 778s + '[' Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 '!=' Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 ']' 778s + valid_certificate /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 /tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem partial_chain 778s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 /tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem partial_chain 778s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-183 778s + local key_ring=/tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem 778s + local verify_option=partial_chain 778s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 778s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-183 778s + local key_cn 778s + local key_name 778s + local tokens_dir 778s + local output_cert_file 778s + token_name= 778s ++ basename /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 778s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 778s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s ++ sed -n 's/ *commonName *= //p' 778s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 778s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 778s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 778s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 778s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 778s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 778s + token_name='Test Organization Sub Int Token' 778s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 778s + '[' '!' -d /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 778s + echo 'Test Organization Sub Int Token' 778s + '[' -n partial_chain ']' 778s + local verify_arg=--verify=partial_chain 778s + local output_base_name=SSSD-child-28829 778s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-28829.output 778s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-28829.pem 778s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem 778s Test Organization Sub Int Token 778s [p11_child[2271]] [main] (0x0400): p11_child started. 778s [p11_child[2271]] [main] (0x2000): Running in [pre-auth] mode. 778s [p11_child[2271]] [main] (0x2000): Running with effective IDs: [0][0]. 778s [p11_child[2271]] [main] (0x2000): Running with real IDs [0][0]. 778s [p11_child[2271]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 778s [p11_child[2271]] [do_card] (0x4000): Module List: 778s [p11_child[2271]] [do_card] (0x4000): common name: [softhsm2]. 778s [p11_child[2271]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2271]] [do_card] (0x4000): Description [SoftHSM slot ID 0x54735df2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 778s [p11_child[2271]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 778s [p11_child[2271]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x54735df2][1416846834] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2271]] [do_card] (0x4000): Login NOT required. 778s [p11_child[2271]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 778s [p11_child[2271]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 778s [p11_child[2271]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 778s [p11_child[2271]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x54735df2;slot-manufacturer=SoftHSM%20project;slot-id=1416846834;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5132f0af54735df2;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 778s [p11_child[2271]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 778s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-28829.output 778s + echo '-----BEGIN CERTIFICATE-----' 778s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-28829.output 778s + echo '-----END CERTIFICATE-----' 778s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-28829.pem 778s Certificate: 778s Data: 778s Version: 3 (0x2) 778s Serial Number: 5 (0x5) 778s Signature Algorithm: sha256WithRSAEncryption 778s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 778s Validity 778s Not Before: Mar 9 15:30:47 2024 GMT 778s Not After : Mar 9 15:30:47 2025 GMT 778s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 778s Subject Public Key Info: 778s Public Key Algorithm: rsaEncryption 778s Public-Key: (1024 bit) 778s Modulus: 778s 00:9b:66:5e:36:2e:e8:df:31:8e:81:d3:69:fa:fc: 778s d2:e0:96:4d:26:1b:6f:f0:ec:0c:da:86:2a:86:31: 778s 8a:57:02:89:23:60:c6:fd:cb:f1:9c:32:9e:7a:e0: 778s bd:cb:c2:cb:18:0b:cb:09:9d:b3:c3:62:27:55:f9: 778s 95:51:55:74:1e:4f:0a:9d:16:70:9c:97:7f:8e:b7: 778s 73:fa:f9:69:80:bd:a0:cf:62:f0:4c:bc:d7:de:ed: 778s e7:1b:9d:43:ff:40:ee:32:aa:d8:7b:75:7e:84:5f: 778s 80:78:51:30:51:c9:85:bc:b0:af:0c:bb:5d:d3:10: 778s 51:ad:f5:6c:21:56:7f:b1:55 778s Exponent: 65537 (0x10001) 778s X509v3 extensions: 778s X509v3 Authority Key Identifier: 778s 9E:95:F0:D7:78:98:86:03:E8:94:BE:39:09:08:5B:DE:DA:78:74:13 778s X509v3 Basic Constraints: 778s CA:FALSE 778s Netscape Cert Type: 778s SSL Client, S/MIME 778s Netscape Comment: 778s Test Organization Sub Intermediate CA trusted Certificate 778s X509v3 Subject Key Identifier: 778s BF:C3:C8:8F:D6:41:1F:A0:6D:5D:29:21:EB:76:DB:D2:72:29:5F:23 778s X509v3 Key Usage: critical 778s Digital Signature, Non Repudiation, Key Encipherment 778s X509v3 Extended Key Usage: 778s TLS Web Client Authentication, E-mail Protection 778s X509v3 Subject Alternative Name: 778s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 778s Signature Algorithm: sha256WithRSAEncryption 778s Signature Value: 778s 10:16:97:34:34:ff:74:71:bc:3d:d4:53:87:d3:1e:38:5a:af: 778s f7:81:fa:7d:9d:7a:ee:a7:4c:1c:9d:12:e0:07:fb:94:61:d7: 778s 9e:40:bd:6f:5a:e6:08:31:f6:d3:95:37:8a:09:d4:27:f5:42: 778s ec:c9:e2:55:05:92:7c:e3:1c:4f:77:c3:db:ff:75:9b:a3:b7: 778s 82:27:cf:15:cf:b9:35:59:3a:89:4e:c8:b8:77:81:ab:12:12: 778s 17:40:17:fb:74:34:79:8e:a2:10:97:af:a4:ef:c8:41:bf:1b: 778s c6:6f:b5:0c:20:5a:d1:9c:66:9e:09:9c:6f:a6:48:20:23:ae: 778s 55:19 778s + local found_md5 expected_md5 778s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s + expected_md5=Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 778s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-28829.pem 778s + found_md5=Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 778s + '[' Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 '!=' Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 ']' 778s + output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-28829-auth.output 778s ++ basename /tmp/sssd-softhsm2-18HdP2/SSSD-child-28829-auth.output .output 778s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-28829-auth.pem 778s + echo -n 053350 778s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-18HdP2/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 778s [p11_child[2279]] [main] (0x0400): p11_child started. 778s [p11_child[2279]] [main] (0x2000): Running in [auth] mode. 778s [p11_child[2279]] [main] (0x2000): Running with effective IDs: [0][0]. 778s [p11_child[2279]] [main] (0x2000): Running with real IDs [0][0]. 778s [p11_child[2279]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 778s [p11_child[2279]] [do_card] (0x4000): Module List: 778s [p11_child[2279]] [do_card] (0x4000): common name: [softhsm2]. 778s [p11_child[2279]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2279]] [do_card] (0x4000): Description [SoftHSM slot ID 0x54735df2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 778s [p11_child[2279]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 778s [p11_child[2279]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x54735df2][1416846834] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2279]] [do_card] (0x4000): Login required. 778s [p11_child[2279]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 778s [p11_child[2279]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 778s [p11_child[2279]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 778s [p11_child[2279]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x54735df2;slot-manufacturer=SoftHSM%20project;slot-id=1416846834;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5132f0af54735df2;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 778s [p11_child[2279]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 778s [p11_child[2279]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 778s [p11_child[2279]] [do_card] (0x4000): Certificate verified and validated. 778s [p11_child[2279]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 778s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-28829-auth.output 778s + echo '-----BEGIN CERTIFICATE-----' 778s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-28829-auth.output 778s + echo '-----END CERTIFICATE-----' 778s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-28829-auth.pem 778s Certificate: 778s Data: 778s Version: 3 (0x2) 778s Serial Number: 5 (0x5) 778s Signature Algorithm: sha256WithRSAEncryption 778s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 778s Validity 778s Not Before: Mar 9 15:30:47 2024 GMT 778s Not After : Mar 9 15:30:47 2025 GMT 778s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 778s Subject Public Key Info: 778s Public Key Algorithm: rsaEncryption 778s Public-Key: (1024 bit) 778s Modulus: 778s 00:9b:66:5e:36:2e:e8:df:31:8e:81:d3:69:fa:fc: 778s d2:e0:96:4d:26:1b:6f:f0:ec:0c:da:86:2a:86:31: 778s 8a:57:02:89:23:60:c6:fd:cb:f1:9c:32:9e:7a:e0: 778s bd:cb:c2:cb:18:0b:cb:09:9d:b3:c3:62:27:55:f9: 778s 95:51:55:74:1e:4f:0a:9d:16:70:9c:97:7f:8e:b7: 778s 73:fa:f9:69:80:bd:a0:cf:62:f0:4c:bc:d7:de:ed: 778s e7:1b:9d:43:ff:40:ee:32:aa:d8:7b:75:7e:84:5f: 778s 80:78:51:30:51:c9:85:bc:b0:af:0c:bb:5d:d3:10: 778s 51:ad:f5:6c:21:56:7f:b1:55 778s Exponent: 65537 (0x10001) 778s X509v3 extensions: 778s X509v3 Authority Key Identifier: 778s 9E:95:F0:D7:78:98:86:03:E8:94:BE:39:09:08:5B:DE:DA:78:74:13 778s X509v3 Basic Constraints: 778s CA:FALSE 778s Netscape Cert Type: 778s SSL Client, S/MIME 778s Netscape Comment: 778s Test Organization Sub Intermediate CA trusted Certificate 778s X509v3 Subject Key Identifier: 778s BF:C3:C8:8F:D6:41:1F:A0:6D:5D:29:21:EB:76:DB:D2:72:29:5F:23 778s X509v3 Key Usage: critical 778s Digital Signature, Non Repudiation, Key Encipherment 778s X509v3 Extended Key Usage: 778s TLS Web Client Authentication, E-mail Protection 778s X509v3 Subject Alternative Name: 778s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 778s Signature Algorithm: sha256WithRSAEncryption 778s Signature Value: 778s 10:16:97:34:34:ff:74:71:bc:3d:d4:53:87:d3:1e:38:5a:af: 778s f7:81:fa:7d:9d:7a:ee:a7:4c:1c:9d:12:e0:07:fb:94:61:d7: 778s 9e:40:bd:6f:5a:e6:08:31:f6:d3:95:37:8a:09:d4:27:f5:42: 778s ec:c9:e2:55:05:92:7c:e3:1c:4f:77:c3:db:ff:75:9b:a3:b7: 778s 82:27:cf:15:cf:b9:35:59:3a:89:4e:c8:b8:77:81:ab:12:12: 778s 17:40:17:fb:74:34:79:8e:a2:10:97:af:a4:ef:c8:41:bf:1b: 778s c6:6f:b5:0c:20:5a:d1:9c:66:9e:09:9c:6f:a6:48:20:23:ae: 778s 55:19 778s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-28829-auth.pem 778s + found_md5=Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 778s + '[' Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 '!=' Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 ']' 778s + invalid_certificate /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.pem 778s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.pem 778s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-183 778s + local key_ring=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.pem 778s + local verify_option= 778s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 778s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-183 778s + local key_cn 778s + local key_name 778s + local tokens_dir 778s + local output_cert_file 778s + token_name= 778s ++ basename /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 778s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 778s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s ++ sed -n 's/ *commonName *= //p' 778s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 778s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 778s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 778s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 778s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 778s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 778s + token_name='Test Organization Sub Int Token' 778s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 778s + '[' '!' -d /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 778s + echo 'Test Organization Sub Int Token' 778s + '[' -n '' ']' 778s + local output_base_name=SSSD-child-19317 778s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-19317.output 778s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-19317.pem 778s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.pem 778s Test Organization Sub Int Token 778s [p11_child[2289]] [main] (0x0400): p11_child started. 778s [p11_child[2289]] [main] (0x2000): Running in [pre-auth] mode. 778s [p11_child[2289]] [main] (0x2000): Running with effective IDs: [0][0]. 778s [p11_child[2289]] [main] (0x2000): Running with real IDs [0][0]. 778s [p11_child[2289]] [do_card] (0x4000): Module List: 778s [p11_child[2289]] [do_card] (0x4000): common name: [softhsm2]. 778s [p11_child[2289]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2289]] [do_card] (0x4000): Description [SoftHSM slot ID 0x54735df2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 778s [p11_child[2289]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 778s [p11_child[2289]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x54735df2][1416846834] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2289]] [do_card] (0x4000): Login NOT required. 778s [p11_child[2289]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 778s [p11_child[2289]] [do_verification] (0x0040): X509_verify_cert failed [0]. 778s [p11_child[2289]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 778s [p11_child[2289]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 778s [p11_child[2289]] [do_card] (0x4000): No certificate found. 778s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-19317.output 778s + return 2 778s + invalid_certificate /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 /tmp/sssd-softhsm2-18HdP2/test-root-intermediate-chain-CA.pem partial_chain 778s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 /tmp/sssd-softhsm2-18HdP2/test-root-intermediate-chain-CA.pem partial_chain 778s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-183 778s + local key_ring=/tmp/sssd-softhsm2-18HdP2/test-root-intermediate-chain-CA.pem 778s + local verify_option=partial_chain 778s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 778s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-183 778s + local key_cn 778s + local key_name 778s + local tokens_dir 778s + local output_cert_file 778s + token_name= 778s ++ basename /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 778s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 778s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s ++ sed -n 's/ *commonName *= //p' 778s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 778s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 778s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 778s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 778s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 778s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 778s + token_name='Test Organization Sub Int Token' 778s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 778s + '[' '!' -d /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 778s + echo 'Test Organization Sub Int Token' 778s + '[' -n partial_chain ']' 778s + local verify_arg=--verify=partial_chain 778s + local output_base_name=SSSD-child-4672 778s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-4672.output 778s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-4672.pem 778s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-18HdP2/test-root-intermediate-chain-CA.pem 778s Test Organization Sub Int Token 778s [p11_child[2296]] [main] (0x0400): p11_child started. 778s [p11_child[2296]] [main] (0x2000): Running in [pre-auth] mode. 778s [p11_child[2296]] [main] (0x2000): Running with effective IDs: [0][0]. 778s [p11_child[2296]] [main] (0x2000): Running with real IDs [0][0]. 778s [p11_child[2296]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 778s [p11_child[2296]] [do_card] (0x4000): Module List: 778s [p11_child[2296]] [do_card] (0x4000): common name: [softhsm2]. 778s [p11_child[2296]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2296]] [do_card] (0x4000): Description [SoftHSM slot ID 0x54735df2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 778s [p11_child[2296]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 778s [p11_child[2296]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x54735df2][1416846834] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2296]] [do_card] (0x4000): Login NOT required. 778s [p11_child[2296]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 778s [p11_child[2296]] [do_verification] (0x0040): X509_verify_cert failed [0]. 778s [p11_child[2296]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 778s [p11_child[2296]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 778s [p11_child[2296]] [do_card] (0x4000): No certificate found. 778s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-4672.output 778s + return 2 778s + valid_certificate /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.pem partial_chain 778s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.pem partial_chain 778s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-183 778s + local key_ring=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.pem 778s + local verify_option=partial_chain 778s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 778s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-183 778s + local key_cn 778s + local key_name 778s + local tokens_dir 778s + local output_cert_file 778s + token_name= 778s ++ basename /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 778s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 778s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s ++ sed -n 's/ *commonName *= //p' 778s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 778s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 778s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 778s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 778s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 778s Test Organization Sub Int Token 778s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 778s + token_name='Test Organization Sub Int Token' 778s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 778s + '[' '!' -d /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 778s + echo 'Test Organization Sub Int Token' 778s + '[' -n partial_chain ']' 778s + local verify_arg=--verify=partial_chain 778s + local output_base_name=SSSD-child-646 778s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-646.output 778s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-646.pem 778s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.pem 778s [p11_child[2303]] [main] (0x0400): p11_child started. 778s [p11_child[2303]] [main] (0x2000): Running in [pre-auth] mode. 778s [p11_child[2303]] [main] (0x2000): Running with effective IDs: [0][0]. 778s [p11_child[2303]] [main] (0x2000): Running with real IDs [0][0]. 778s [p11_child[2303]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 778s [p11_child[2303]] [do_card] (0x4000): Module List: 778s [p11_child[2303]] [do_card] (0x4000): common name: [softhsm2]. 778s [p11_child[2303]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2303]] [do_card] (0x4000): Description [SoftHSM slot ID 0x54735df2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 778s [p11_child[2303]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 778s [p11_child[2303]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x54735df2][1416846834] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2303]] [do_card] (0x4000): Login NOT required. 778s [p11_child[2303]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 778s [p11_child[2303]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 778s [p11_child[2303]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 778s [p11_child[2303]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x54735df2;slot-manufacturer=SoftHSM%20project;slot-id=1416846834;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5132f0af54735df2;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 778s [p11_child[2303]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 778s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-646.output 778s + echo '-----BEGIN CERTIFICATE-----' 778s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-646.output 778s + echo '-----END CERTIFICATE-----' 778s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-646.pem 778s Certificate: 778s Data: 778s Version: 3 (0x2) 778s Serial Number: 5 (0x5) 778s Signature Algorithm: sha256WithRSAEncryption 778s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 778s Validity 778s Not Before: Mar 9 15:30:47 2024 GMT 778s Not After : Mar 9 15:30:47 2025 GMT 778s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 778s Subject Public Key Info: 778s Public Key Algorithm: rsaEncryption 778s Public-Key: (1024 bit) 778s Modulus: 778s 00:9b:66:5e:36:2e:e8:df:31:8e:81:d3:69:fa:fc: 778s d2:e0:96:4d:26:1b:6f:f0:ec:0c:da:86:2a:86:31: 778s 8a:57:02:89:23:60:c6:fd:cb:f1:9c:32:9e:7a:e0: 778s bd:cb:c2:cb:18:0b:cb:09:9d:b3:c3:62:27:55:f9: 778s 95:51:55:74:1e:4f:0a:9d:16:70:9c:97:7f:8e:b7: 778s 73:fa:f9:69:80:bd:a0:cf:62:f0:4c:bc:d7:de:ed: 778s e7:1b:9d:43:ff:40:ee:32:aa:d8:7b:75:7e:84:5f: 778s 80:78:51:30:51:c9:85:bc:b0:af:0c:bb:5d:d3:10: 778s 51:ad:f5:6c:21:56:7f:b1:55 778s Exponent: 65537 (0x10001) 778s X509v3 extensions: 778s X509v3 Authority Key Identifier: 778s 9E:95:F0:D7:78:98:86:03:E8:94:BE:39:09:08:5B:DE:DA:78:74:13 778s X509v3 Basic Constraints: 778s CA:FALSE 778s Netscape Cert Type: 778s SSL Client, S/MIME 778s Netscape Comment: 778s Test Organization Sub Intermediate CA trusted Certificate 778s X509v3 Subject Key Identifier: 778s BF:C3:C8:8F:D6:41:1F:A0:6D:5D:29:21:EB:76:DB:D2:72:29:5F:23 778s X509v3 Key Usage: critical 778s Digital Signature, Non Repudiation, Key Encipherment 778s X509v3 Extended Key Usage: 778s TLS Web Client Authentication, E-mail Protection 778s X509v3 Subject Alternative Name: 778s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 778s Signature Algorithm: sha256WithRSAEncryption 778s Signature Value: 778s 10:16:97:34:34:ff:74:71:bc:3d:d4:53:87:d3:1e:38:5a:af: 778s f7:81:fa:7d:9d:7a:ee:a7:4c:1c:9d:12:e0:07:fb:94:61:d7: 778s 9e:40:bd:6f:5a:e6:08:31:f6:d3:95:37:8a:09:d4:27:f5:42: 778s ec:c9:e2:55:05:92:7c:e3:1c:4f:77:c3:db:ff:75:9b:a3:b7: 778s 82:27:cf:15:cf:b9:35:59:3a:89:4e:c8:b8:77:81:ab:12:12: 778s 17:40:17:fb:74:34:79:8e:a2:10:97:af:a4:ef:c8:41:bf:1b: 778s c6:6f:b5:0c:20:5a:d1:9c:66:9e:09:9c:6f:a6:48:20:23:ae: 778s 55:19 778s + local found_md5 expected_md5 778s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s + expected_md5=Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 778s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-646.pem 778s + found_md5=Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 778s + '[' Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 '!=' Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 ']' 778s + output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-646-auth.output 778s ++ basename /tmp/sssd-softhsm2-18HdP2/SSSD-child-646-auth.output .output 778s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-646-auth.pem 778s + echo -n 053350 778s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 778s [p11_child[2311]] [main] (0x0400): p11_child started. 778s [p11_child[2311]] [main] (0x2000): Running in [auth] mode. 778s [p11_child[2311]] [main] (0x2000): Running with effective IDs: [0][0]. 778s [p11_child[2311]] [main] (0x2000): Running with real IDs [0][0]. 778s [p11_child[2311]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 778s [p11_child[2311]] [do_card] (0x4000): Module List: 778s [p11_child[2311]] [do_card] (0x4000): common name: [softhsm2]. 778s [p11_child[2311]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2311]] [do_card] (0x4000): Description [SoftHSM slot ID 0x54735df2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 778s [p11_child[2311]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 778s [p11_child[2311]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x54735df2][1416846834] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2311]] [do_card] (0x4000): Login required. 778s [p11_child[2311]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 778s [p11_child[2311]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 778s [p11_child[2311]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 778s [p11_child[2311]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x54735df2;slot-manufacturer=SoftHSM%20project;slot-id=1416846834;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5132f0af54735df2;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 778s [p11_child[2311]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 778s [p11_child[2311]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 778s [p11_child[2311]] [do_card] (0x4000): Certificate verified and validated. 778s [p11_child[2311]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 778s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-646-auth.output 778s + echo '-----BEGIN CERTIFICATE-----' 778s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-646-auth.output 778s + echo '-----END CERTIFICATE-----' 778s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-646-auth.pem 778s Certificate: 778s Data: 778s Version: 3 (0x2) 778s Serial Number: 5 (0x5) 778s Signature Algorithm: sha256WithRSAEncryption 778s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 778s Validity 778s Not Before: Mar 9 15:30:47 2024 GMT 778s Not After : Mar 9 15:30:47 2025 GMT 778s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 778s Subject Public Key Info: 778s Public Key Algorithm: rsaEncryption 778s Public-Key: (1024 bit) 778s Modulus: 778s 00:9b:66:5e:36:2e:e8:df:31:8e:81:d3:69:fa:fc: 778s d2:e0:96:4d:26:1b:6f:f0:ec:0c:da:86:2a:86:31: 778s 8a:57:02:89:23:60:c6:fd:cb:f1:9c:32:9e:7a:e0: 778s bd:cb:c2:cb:18:0b:cb:09:9d:b3:c3:62:27:55:f9: 778s 95:51:55:74:1e:4f:0a:9d:16:70:9c:97:7f:8e:b7: 778s 73:fa:f9:69:80:bd:a0:cf:62:f0:4c:bc:d7:de:ed: 778s e7:1b:9d:43:ff:40:ee:32:aa:d8:7b:75:7e:84:5f: 778s 80:78:51:30:51:c9:85:bc:b0:af:0c:bb:5d:d3:10: 778s 51:ad:f5:6c:21:56:7f:b1:55 778s Exponent: 65537 (0x10001) 778s X509v3 extensions: 778s X509v3 Authority Key Identifier: 778s 9E:95:F0:D7:78:98:86:03:E8:94:BE:39:09:08:5B:DE:DA:78:74:13 778s X509v3 Basic Constraints: 778s CA:FALSE 778s Netscape Cert Type: 778s SSL Client, S/MIME 778s Netscape Comment: 778s Test Organization Sub Intermediate CA trusted Certificate 778s X509v3 Subject Key Identifier: 778s BF:C3:C8:8F:D6:41:1F:A0:6D:5D:29:21:EB:76:DB:D2:72:29:5F:23 778s X509v3 Key Usage: critical 778s Digital Signature, Non Repudiation, Key Encipherment 778s X509v3 Extended Key Usage: 778s TLS Web Client Authentication, E-mail Protection 778s X509v3 Subject Alternative Name: 778s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 778s Signature Algorithm: sha256WithRSAEncryption 778s Signature Value: 778s 10:16:97:34:34:ff:74:71:bc:3d:d4:53:87:d3:1e:38:5a:af: 778s f7:81:fa:7d:9d:7a:ee:a7:4c:1c:9d:12:e0:07:fb:94:61:d7: 778s 9e:40:bd:6f:5a:e6:08:31:f6:d3:95:37:8a:09:d4:27:f5:42: 778s ec:c9:e2:55:05:92:7c:e3:1c:4f:77:c3:db:ff:75:9b:a3:b7: 778s 82:27:cf:15:cf:b9:35:59:3a:89:4e:c8:b8:77:81:ab:12:12: 778s 17:40:17:fb:74:34:79:8e:a2:10:97:af:a4:ef:c8:41:bf:1b: 778s c6:6f:b5:0c:20:5a:d1:9c:66:9e:09:9c:6f:a6:48:20:23:ae: 778s 55:19 778s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-646-auth.pem 778s + found_md5=Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 778s + '[' Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 '!=' Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 ']' 778s + valid_certificate /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 /tmp/sssd-softhsm2-18HdP2/test-intermediate-sub-chain-CA.pem partial_chain 778s + check_certificate /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 /tmp/sssd-softhsm2-18HdP2/test-intermediate-sub-chain-CA.pem partial_chain 778s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-183 778s + local key_ring=/tmp/sssd-softhsm2-18HdP2/test-intermediate-sub-chain-CA.pem 778s + local verify_option=partial_chain 778s + prepare_softhsm2_card /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-183 778s + local certificate=/tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-183 778s + local key_cn 778s + local key_name 778s + local tokens_dir 778s + local output_cert_file 778s + token_name= 778s ++ basename /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 778s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 778s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s ++ sed -n 's/ *commonName *= //p' 778s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 778s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 778s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 778s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 778s ++ basename /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 778s + tokens_dir=/tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 778s + token_name='Test Organization Sub Int Token' 778s + '[' '!' -e /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 778s + '[' '!' -d /tmp/sssd-softhsm2-18HdP2/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 778s + echo 'Test Organization Sub Int Token' 778s Test Organization Sub Int Token 778s + '[' -n partial_chain ']' 778s + local verify_arg=--verify=partial_chain 778s + local output_base_name=SSSD-child-31698 778s + local output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-31698.output 778s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-31698.pem 778s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-18HdP2/test-intermediate-sub-chain-CA.pem 778s [p11_child[2321]] [main] (0x0400): p11_child started. 778s [p11_child[2321]] [main] (0x2000): Running in [pre-auth] mode. 778s [p11_child[2321]] [main] (0x2000): Running with effective IDs: [0][0]. 778s [p11_child[2321]] [main] (0x2000): Running with real IDs [0][0]. 778s [p11_child[2321]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 778s [p11_child[2321]] [do_card] (0x4000): Module List: 778s [p11_child[2321]] [do_card] (0x4000): common name: [softhsm2]. 778s [p11_child[2321]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2321]] [do_card] (0x4000): Description [SoftHSM slot ID 0x54735df2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 778s [p11_child[2321]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 778s [p11_child[2321]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x54735df2][1416846834] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 778s [p11_child[2321]] [do_card] (0x4000): Login NOT required. 778s [p11_child[2321]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 778s [p11_child[2321]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 778s [p11_child[2321]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 778s [p11_child[2321]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x54735df2;slot-manufacturer=SoftHSM%20project;slot-id=1416846834;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5132f0af54735df2;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 778s [p11_child[2321]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 778s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-31698.output 778s + echo '-----BEGIN CERTIFICATE-----' 778s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-31698.output 778s + echo '-----END CERTIFICATE-----' 778s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-31698.pem 778s Certificate: 778s Data: 778s Version: 3 (0x2) 778s Serial Number: 5 (0x5) 778s Signature Algorithm: sha256WithRSAEncryption 778s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 778s Validity 778s Not Before: Mar 9 15:30:47 2024 GMT 778s Not After : Mar 9 15:30:47 2025 GMT 778s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 778s Subject Public Key Info: 778s Public Key Algorithm: rsaEncryption 778s Public-Key: (1024 bit) 778s Modulus: 778s 00:9b:66:5e:36:2e:e8:df:31:8e:81:d3:69:fa:fc: 778s d2:e0:96:4d:26:1b:6f:f0:ec:0c:da:86:2a:86:31: 778s 8a:57:02:89:23:60:c6:fd:cb:f1:9c:32:9e:7a:e0: 778s bd:cb:c2:cb:18:0b:cb:09:9d:b3:c3:62:27:55:f9: 778s 95:51:55:74:1e:4f:0a:9d:16:70:9c:97:7f:8e:b7: 778s 73:fa:f9:69:80:bd:a0:cf:62:f0:4c:bc:d7:de:ed: 778s e7:1b:9d:43:ff:40:ee:32:aa:d8:7b:75:7e:84:5f: 778s 80:78:51:30:51:c9:85:bc:b0:af:0c:bb:5d:d3:10: 778s 51:ad:f5:6c:21:56:7f:b1:55 778s Exponent: 65537 (0x10001) 778s X509v3 extensions: 778s X509v3 Authority Key Identifier: 778s 9E:95:F0:D7:78:98:86:03:E8:94:BE:39:09:08:5B:DE:DA:78:74:13 778s X509v3 Basic Constraints: 778s CA:FALSE 778s Netscape Cert Type: 778s SSL Client, S/MIME 778s Netscape Comment: 778s Test Organization Sub Intermediate CA trusted Certificate 778s X509v3 Subject Key Identifier: 778s BF:C3:C8:8F:D6:41:1F:A0:6D:5D:29:21:EB:76:DB:D2:72:29:5F:23 778s X509v3 Key Usage: critical 778s Digital Signature, Non Repudiation, Key Encipherment 778s X509v3 Extended Key Usage: 778s TLS Web Client Authentication, E-mail Protection 778s X509v3 Subject Alternative Name: 778s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 778s Signature Algorithm: sha256WithRSAEncryption 778s Signature Value: 778s 10:16:97:34:34:ff:74:71:bc:3d:d4:53:87:d3:1e:38:5a:af: 778s f7:81:fa:7d:9d:7a:ee:a7:4c:1c:9d:12:e0:07:fb:94:61:d7: 778s 9e:40:bd:6f:5a:e6:08:31:f6:d3:95:37:8a:09:d4:27:f5:42: 778s ec:c9:e2:55:05:92:7c:e3:1c:4f:77:c3:db:ff:75:9b:a3:b7: 778s 82:27:cf:15:cf:b9:35:59:3a:89:4e:c8:b8:77:81:ab:12:12: 778s 17:40:17:fb:74:34:79:8e:a2:10:97:af:a4:ef:c8:41:bf:1b: 778s c6:6f:b5:0c:20:5a:d1:9c:66:9e:09:9c:6f:a6:48:20:23:ae: 778s 55:19 778s + local found_md5 expected_md5 778s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/test-sub-intermediate-CA-trusted-certificate-0001.pem 778s + expected_md5=Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 778s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-31698.pem 779s + found_md5=Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 779s + '[' Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 '!=' Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 ']' 779s + output_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-31698-auth.output 779s ++ basename /tmp/sssd-softhsm2-18HdP2/SSSD-child-31698-auth.output .output 779s + output_cert_file=/tmp/sssd-softhsm2-18HdP2/SSSD-child-31698-auth.pem 779s + echo -n 053350 779s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-18HdP2/test-intermediate-sub-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 779s [p11_child[2329]] [main] (0x0400): p11_child started. 779s [p11_child[2329]] [main] (0x2000): Running in [auth] mode. 779s [p11_child[2329]] [main] (0x2000): Running with effective IDs: [0][0]. 779s [p11_child[2329]] [main] (0x2000): Running with real IDs [0][0]. 779s [p11_child[2329]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 779s [p11_child[2329]] [do_card] (0x4000): Module List: 779s [p11_child[2329]] [do_card] (0x4000): common name: [softhsm2]. 779s [p11_child[2329]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 779s [p11_child[2329]] [do_card] (0x4000): Description [SoftHSM slot ID 0x54735df2] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 779s [p11_child[2329]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 779s [p11_child[2329]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x54735df2][1416846834] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 779s [p11_child[2329]] [do_card] (0x4000): Login required. 779s [p11_child[2329]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 779s [p11_child[2329]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 779s [p11_child[2329]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 779s [p11_child[2329]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x54735df2;slot-manufacturer=SoftHSM%20project;slot-id=1416846834;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=5132f0af54735df2;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 779s [p11_child[2329]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 779s [p11_child[2329]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 779s [p11_child[2329]] [do_card] (0x4000): Certificate verified and validated. 779s [p11_child[2329]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 779s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-18HdP2/SSSD-child-31698-auth.output 779s + echo '-----BEGIN CERTIFICATE-----' 779s + tail -n1 /tmp/sssd-softhsm2-18HdP2/SSSD-child-31698-auth.output 779s + echo '-----END CERTIFICATE-----' 779s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-31698-auth.pem 779s Certificate: 779s Data: 779s Version: 3 (0x2) 779s Serial Number: 5 (0x5) 779s Signature Algorithm: sha256WithRSAEncryption 779s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 779s Validity 779s Not Before: Mar 9 15:30:47 2024 GMT 779s Not After : Mar 9 15:30:47 2025 GMT 779s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 779s Subject Public Key Info: 779s Public Key Algorithm: rsaEncryption 779s Public-Key: (1024 bit) 779s Modulus: 779s 00:9b:66:5e:36:2e:e8:df:31:8e:81:d3:69:fa:fc: 779s d2:e0:96:4d:26:1b:6f:f0:ec:0c:da:86:2a:86:31: 779s 8a:57:02:89:23:60:c6:fd:cb:f1:9c:32:9e:7a:e0: 779s bd:cb:c2:cb:18:0b:cb:09:9d:b3:c3:62:27:55:f9: 779s 95:51:55:74:1e:4f:0a:9d:16:70:9c:97:7f:8e:b7: 779s 73:fa:f9:69:80:bd:a0:cf:62:f0:4c:bc:d7:de:ed: 779s e7:1b:9d:43:ff:40:ee:32:aa:d8:7b:75:7e:84:5f: 779s 80:78:51:30:51:c9:85:bc:b0:af:0c:bb:5d:d3:10: 779s 51:ad:f5:6c:21:56:7f:b1:55 779s Exponent: 65537 (0x10001) 779s X509v3 extensions: 779s X509v3 Authority Key Identifier: 779s 9E:95:F0:D7:78:98:86:03:E8:94:BE:39:09:08:5B:DE:DA:78:74:13 779s X509v3 Basic Constraints: 779s CA:FALSE 779s Netscape Cert Type: 779s SSL Client, S/MIME 779s Netscape Comment: 779s Test Organization Sub Intermediate CA trusted Certificate 779s X509v3 Subject Key Identifier: 779s BF:C3:C8:8F:D6:41:1F:A0:6D:5D:29:21:EB:76:DB:D2:72:29:5F:23 779s X509v3 Key Usage: critical 779s Digital Signature, Non Repudiation, Key Encipherment 779s X509v3 Extended Key Usage: 779s TLS Web Client Authentication, E-mail Protection 779s X509v3 Subject Alternative Name: 779s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 779s Signature Algorithm: sha256WithRSAEncryption 779s Signature Value: 779s 10:16:97:34:34:ff:74:71:bc:3d:d4:53:87:d3:1e:38:5a:af: 779s f7:81:fa:7d:9d:7a:ee:a7:4c:1c:9d:12:e0:07:fb:94:61:d7: 779s 9e:40:bd:6f:5a:e6:08:31:f6:d3:95:37:8a:09:d4:27:f5:42: 779s ec:c9:e2:55:05:92:7c:e3:1c:4f:77:c3:db:ff:75:9b:a3:b7: 779s 82:27:cf:15:cf:b9:35:59:3a:89:4e:c8:b8:77:81:ab:12:12: 779s 17:40:17:fb:74:34:79:8e:a2:10:97:af:a4:ef:c8:41:bf:1b: 779s c6:6f:b5:0c:20:5a:d1:9c:66:9e:09:9c:6f:a6:48:20:23:ae: 779s 55:19 779s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-18HdP2/SSSD-child-31698-auth.pem 779s 779s Test completed, Root CA and intermediate issued certificates verified! 779s + found_md5=Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 779s + '[' Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 '!=' Modulus=9B665E362EE8DF318E81D369FAFCD2E0964D261B6FF0EC0CDA862A86318A5702892360C6FDCBF19C329E7AE0BDCBC2CB180BCB099DB3C3622755F9955155741E4F0A9D16709C977F8EB773FAF96980BDA0CF62F04CBCD7DEEDE71B9D43FF40EE32AAD87B757E845F8078513051C985BCB0AF0CBB5DD31051ADF56C21567FB155 ']' 779s + set +x 779s autopkgtest [15:30:52]: test sssd-softhism2-certificates-tests.sh: -----------------------] 780s autopkgtest [15:30:53]: test sssd-softhism2-certificates-tests.sh: - - - - - - - - - - results - - - - - - - - - - 780s sssd-softhism2-certificates-tests.sh PASS 780s autopkgtest [15:30:53]: test sssd-smart-card-pam-auth-configs: preparing testbed 783s Reading package lists... 783s Building dependency tree... 783s Reading state information... 783s Correcting dependencies...Starting pkgProblemResolver with broken count: 0 783s Starting 2 pkgProblemResolver with broken count: 0 783s Done 784s Done 784s Starting pkgProblemResolver with broken count: 0 784s Starting 2 pkgProblemResolver with broken count: 0 784s Done 784s The following additional packages will be installed: 784s pamtester 785s The following NEW packages will be installed: 785s pamtester 785s 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. 785s 1 not fully installed or removed. 785s Need to get 12.3 kB of archives. 785s After this operation, 36.9 kB of additional disk space will be used. 785s Get:1 http://ftpmaster.internal/ubuntu noble/universe arm64 pamtester arm64 0.1.2-4 [12.3 kB] 785s Fetched 12.3 kB in 0s (87.0 kB/s) 785s Selecting previously unselected package pamtester. 785s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 74907 files and directories currently installed.) 785s Preparing to unpack .../pamtester_0.1.2-4_arm64.deb ... 785s Unpacking pamtester (0.1.2-4) ... 785s Setting up pamtester (0.1.2-4) ... 785s Setting up autopkgtest-satdep (0) ... 785s Processing triggers for man-db (2.12.0-3) ... 788s (Reading database ... 74913 files and directories currently installed.) 788s Removing autopkgtest-satdep (0) ... 789s autopkgtest [15:31:02]: test sssd-smart-card-pam-auth-configs: env OFFLINE_MODE=1 bash debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 789s autopkgtest [15:31:02]: test sssd-smart-card-pam-auth-configs: [----------------------- 789s + '[' -z ubuntu ']' 789s + export DEBIAN_FRONTEND=noninteractive 789s + DEBIAN_FRONTEND=noninteractive 789s + required_tools=(pamtester softhsm2-util sssd) 789s + [[ ! -v OFFLINE_MODE ]] 789s + for cmd in "${required_tools[@]}" 789s + command -v pamtester 789s + for cmd in "${required_tools[@]}" 789s + command -v softhsm2-util 789s + for cmd in "${required_tools[@]}" 789s + command -v sssd 789s + PIN=123456 789s ++ mktemp -d -t sssd-softhsm2-certs-XXXXXX 789s + tmpdir=/tmp/sssd-softhsm2-certs-CPU2ZU 789s + backupsdir= 789s + alternative_pam_configs=(sss-smart-card-optional sss-smart-card-required) 789s + declare -a restore_paths 789s + declare -a delete_paths 789s + trap handle_exit EXIT 789s ++ dirname debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 789s + tester=debian/tests/sssd-softhism2-certificates-tests.sh 789s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 789s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 789s + export PIN TEST_TMPDIR=/tmp/sssd-softhsm2-certs-CPU2ZU GENERATE_SMART_CARDS=1 KEEP_TEMPORARY_FILES=1 NO_SSSD_TESTS=1 789s + TEST_TMPDIR=/tmp/sssd-softhsm2-certs-CPU2ZU 789s + GENERATE_SMART_CARDS=1 789s + KEEP_TEMPORARY_FILES=1 789s + NO_SSSD_TESTS=1 789s + bash debian/tests/sssd-softhism2-certificates-tests.sh 789s + '[' -z ubuntu ']' 789s + required_tools=(p11tool openssl softhsm2-util) 789s + for cmd in "${required_tools[@]}" 789s + command -v p11tool 789s + for cmd in "${required_tools[@]}" 789s + command -v openssl 789s + for cmd in "${required_tools[@]}" 789s + command -v softhsm2-util 789s + PIN=123456 789s +++ find /usr/lib/softhsm/libsofthsm2.so 789s +++ head -n 1 789s ++ realpath /usr/lib/softhsm/libsofthsm2.so 789s + SOFTHSM2_MODULE=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 789s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 789s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 789s + '[' '!' -v NO_SSSD_TESTS ']' 789s + '[' '!' -e /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so ']' 789s + tmpdir=/tmp/sssd-softhsm2-certs-CPU2ZU 789s + keys_size=1024 789s + [[ ! -v KEEP_TEMPORARY_FILES ]] 789s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 789s + echo -n 01 789s + touch /tmp/sssd-softhsm2-certs-CPU2ZU/index.txt 789s + mkdir -p /tmp/sssd-softhsm2-certs-CPU2ZU/new_certs 789s + cat 789s + root_ca_key_pass=pass:random-root-CA-password-7234 789s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-key.pem -passout pass:random-root-CA-password-7234 1024 789s + openssl req -passin pass:random-root-CA-password-7234 -batch -config /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA.pem 789s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA.pem 789s + cat 789s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-5224 789s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-5224 1024 789s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-5224 -config /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-7234 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-certificate-request.pem 789s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-certificate-request.pem 789s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA.config -passin pass:random-root-CA-password-7234 -keyfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.pem 789s Certificate Request: 789s Data: 789s Version: 1 (0x0) 789s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 789s Subject Public Key Info: 789s Public Key Algorithm: rsaEncryption 789s Public-Key: (1024 bit) 789s Modulus: 789s 00:d1:4a:7f:26:3a:72:3a:ea:a6:a6:91:a1:1a:0b: 789s a8:53:e0:d8:a8:91:6e:fc:ad:17:ab:fa:43:bf:08: 789s fc:be:fd:09:f4:da:cb:31:17:fa:5c:d4:35:04:82: 789s 4e:7f:fb:57:2a:1a:21:07:6d:bb:e0:58:8e:bd:ae: 789s 35:ff:b4:bd:a5:a3:35:fa:c5:16:68:ac:68:b4:d6: 789s 35:be:6a:4a:64:4e:7b:93:f5:a0:97:bd:46:87:1c: 789s f1:37:0c:32:13:39:5a:87:d0:58:c7:7e:47:c9:2c: 789s 7e:33:3d:81:57:51:7d:35:0e:ac:71:8a:25:c8:f8: 789s c1:09:e7:92:ed:57:57:e5:59 789s Exponent: 65537 (0x10001) 789s Attributes: 789s (none) 789s Requested Extensions: 789s Signature Algorithm: sha256WithRSAEncryption 789s Signature Value: 789s 50:84:9d:8f:e7:73:a3:57:e0:c0:e4:fc:27:05:91:52:86:2e: 789s f6:be:de:07:6b:6f:a9:84:b7:c2:fc:9b:a7:5b:e4:7d:30:29: 789s bf:d2:f6:6a:42:5f:3a:31:6c:a4:94:63:9d:0c:2b:f8:91:bc: 789s c8:11:a3:14:b4:c5:d3:67:ba:4a:eb:dc:6a:7a:c6:f0:8f:f1: 789s 89:6b:b2:58:4b:63:04:ec:7e:ab:d4:3c:f8:67:68:24:c8:ef: 789s 6a:57:03:d9:91:5d:1d:8b:81:4b:fe:94:6f:e0:30:1f:9c:01: 789s 50:6b:f3:cf:49:1f:fb:3f:1e:26:1c:16:e2:07:96:24:35:39: 789s ad:7d 789s Using configuration from /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA.config 789s Check that the request matches the signature 789s Signature ok 789s Certificate Details: 789s Serial Number: 1 (0x1) 789s Validity 789s Not Before: Mar 9 15:31:02 2024 GMT 789s Not After : Mar 9 15:31:02 2025 GMT 789s Subject: 789s organizationName = Test Organization 789s organizationalUnitName = Test Organization Unit 789s commonName = Test Organization Intermediate CA 789s X509v3 extensions: 789s X509v3 Subject Key Identifier: 789s 66:DF:22:4E:69:F9:34:AF:F2:8D:59:57:68:68:5F:1A:20:A2:87:C5 789s X509v3 Authority Key Identifier: 789s keyid:44:20:32:06:15:2F:A3:A2:AF:F5:A8:06:E6:A4:E2:6F:A7:9B:A3:D0 789s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 789s serial:00 789s X509v3 Basic Constraints: 789s CA:TRUE 789s X509v3 Key Usage: critical 789s Digital Signature, Certificate Sign, CRL Sign 789s Certificate is to be certified until Mar 9 15:31:02 2025 GMT (365 days) 789s 789s Write out database with 1 new entries 789s Database updated 789s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.pem 789s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.pem 789s + cat 789s /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.pem: OK 789s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-7722 789s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-7722 1024 790s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-7722 -config /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-5224 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-certificate-request.pem 790s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-certificate-request.pem 790s Certificate Request: 790s Data: 790s Version: 1 (0x0) 790s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 790s Subject Public Key Info: 790s Public Key Algorithm: rsaEncryption 790s Public-Key: (1024 bit) 790s Modulus: 790s 00:b5:44:52:e6:91:d4:16:56:fe:83:a8:11:60:c9: 790s 86:31:e8:d9:01:47:46:58:c0:33:b2:16:b8:81:ad: 790s 97:6a:51:75:23:35:c5:c4:69:92:a3:31:30:39:0b: 790s ed:39:c1:9c:8e:0d:e8:1d:68:db:7f:ec:4a:71:d1: 790s 98:b3:28:1a:2e:8b:1b:c3:20:22:a1:dd:f4:a0:db: 790s 48:a3:17:a5:d6:53:98:24:dc:4a:70:e2:88:bb:71: 790s f0:f1:03:2e:55:68:cc:4e:a7:20:67:79:42:a1:5b: 790s 6d:5a:7b:f0:ab:3e:6b:ff:bc:dd:8d:59:56:8f:10: 790s ed:38:6a:dd:62:fb:cd:97:a3 790s Exponent: 65537 (0x10001) 790s Attributes: 790s (none) 790s Requested Extensions: 790s Signature Algorithm: sha256WithRSAEncryption 790s Signature Value: 790s 49:4d:7b:dd:ce:5d:76:f9:2a:ba:91:85:3f:76:18:91:85:a9: 790s 16:54:07:7e:6d:32:0e:cf:d3:85:81:e0:35:5a:9e:33:b4:32: 790s ce:3a:d0:55:7c:be:e6:e0:fe:76:52:f0:f5:bc:33:c7:e4:71: 790s 75:57:43:c3:ed:6b:12:91:b4:6d:e7:98:cd:06:93:01:2c:b1: 790s 08:ab:61:9a:ab:f5:67:51:2d:d5:15:d6:4e:3f:3f:15:7d:5d: 790s 19:6c:cd:e3:b4:09:e7:42:a9:20:98:4e:4d:8e:6f:6c:db:3c: 790s 71:21:b5:70:f8:71:ae:c6:ab:ca:e0:99:2e:01:32:75:7d:29: 790s 9f:52 790s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-5224 -keyfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA.pem 790s Using configuration from /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.config 790s Check that the request matches the signature 790s Signature ok 790s Certificate Details: 790s Serial Number: 2 (0x2) 790s Validity 790s Not Before: Mar 9 15:31:02 2024 GMT 790s Not After : Mar 9 15:31:02 2025 GMT 790s Subject: 790s organizationName = Test Organization 790s organizationalUnitName = Test Organization Unit 790s commonName = Test Organization Sub Intermediate CA 790s X509v3 extensions: 790s X509v3 Subject Key Identifier: 790s 1D:5E:B5:04:1E:4A:3F:0A:DF:29:F2:64:5B:01:D1:F7:BE:47:17:5A 790s X509v3 Authority Key Identifier: 790s keyid:66:DF:22:4E:69:F9:34:AF:F2:8D:59:57:68:68:5F:1A:20:A2:87:C5 790s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 790s serial:01 790s X509v3 Basic Constraints: 790s CA:TRUE 790s X509v3 Key Usage: critical 790s Digital Signature, Certificate Sign, CRL Sign 790s Certificate is to be certified until Mar 9 15:31:02 2025 GMT (365 days) 790s 790s Write out database with 1 new entries 790s Database updated 790s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA.pem 790s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA.pem 790s /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA.pem: OK 790s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA.pem 790s + local cmd=openssl 790s + shift 790s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA.pem 790s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 790s error 20 at 0 depth lookup: unable to get local issuer certificate 790s error /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA.pem: verification failed 790s + cat 790s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-8348 790s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-8348 1024 790s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-8348 -key /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001-request.pem 790s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001-request.pem 790s Certificate Request: 790s Data: 790s Version: 1 (0x0) 790s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 790s Subject Public Key Info: 790s Public Key Algorithm: rsaEncryption 790s Public-Key: (1024 bit) 790s Modulus: 790s 00:95:2f:fe:fb:d2:5e:62:48:96:02:ff:77:43:15: 790s 88:4a:ea:3c:ba:d2:ea:a1:48:8c:f0:a1:97:9c:65: 790s eb:4d:67:1e:4c:b3:a7:c0:9a:b5:d4:52:73:49:9f: 790s 52:a3:40:81:79:be:6e:de:0e:99:5f:3e:31:a4:58: 790s 79:23:e1:91:69:4c:d8:f1:5e:68:fb:5e:cd:81:dc: 790s 9c:f2:d8:ec:97:45:46:db:d2:1c:d4:00:38:d2:4f: 790s ec:7a:0b:f2:37:7d:d1:4f:f6:98:b0:a1:61:4d:58: 790s 24:99:ff:a1:e7:5c:e8:5d:02:18:6a:4a:5d:51:f6: 790s 9b:2f:42:e1:38:41:b7:2b:f7 790s Exponent: 65537 (0x10001) 790s Attributes: 790s Requested Extensions: 790s X509v3 Basic Constraints: 790s CA:FALSE 790s Netscape Cert Type: 790s SSL Client, S/MIME 790s Netscape Comment: 790s Test Organization Root CA trusted Certificate 790s X509v3 Subject Key Identifier: 790s E3:6B:70:B0:7D:73:42:8E:35:AE:0E:23:FE:0B:90:BD:16:31:A1:F8 790s X509v3 Key Usage: critical 790s Digital Signature, Non Repudiation, Key Encipherment 790s X509v3 Extended Key Usage: 790s TLS Web Client Authentication, E-mail Protection 790s X509v3 Subject Alternative Name: 790s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 790s Signature Algorithm: sha256WithRSAEncryption 790s Signature Value: 790s 3a:80:5f:0f:95:24:f2:af:35:c0:c2:65:29:44:30:be:d2:b6: 790s f9:1a:a0:68:f2:bf:c2:d2:2a:9b:3f:68:3f:f3:9d:3a:b0:60: 790s 03:dc:5b:36:34:ac:0c:76:de:2a:7f:9e:9f:70:9b:9c:7f:02: 790s d5:98:e8:d9:50:6d:aa:8c:e6:1f:50:d9:7f:af:78:6f:63:c0: 790s aa:aa:e4:c3:64:a4:1b:d3:db:dd:17:43:0d:1d:4b:c6:f7:f4: 790s 3b:19:8e:94:33:c9:d8:03:f2:c9:5a:1f:87:51:ce:9d:9e:fa: 790s 54:b9:0e:a1:88:8c:9f:92:b9:2a:78:09:99:1c:67:31:96:a5: 790s b6:30 790s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA.config -passin pass:random-root-CA-password-7234 -keyfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001.pem 790s Using configuration from /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA.config 790s Check that the request matches the signature 790s Signature ok 790s Certificate Details: 790s Serial Number: 3 (0x3) 790s Validity 790s Not Before: Mar 9 15:31:03 2024 GMT 790s Not After : Mar 9 15:31:03 2025 GMT 790s Subject: 790s organizationName = Test Organization 790s organizationalUnitName = Test Organization Unit 790s commonName = Test Organization Root Trusted Certificate 0001 790s X509v3 extensions: 790s X509v3 Authority Key Identifier: 790s 44:20:32:06:15:2F:A3:A2:AF:F5:A8:06:E6:A4:E2:6F:A7:9B:A3:D0 790s X509v3 Basic Constraints: 790s CA:FALSE 790s Netscape Cert Type: 790s SSL Client, S/MIME 790s Netscape Comment: 790s Test Organization Root CA trusted Certificate 790s X509v3 Subject Key Identifier: 790s E3:6B:70:B0:7D:73:42:8E:35:AE:0E:23:FE:0B:90:BD:16:31:A1:F8 790s X509v3 Key Usage: critical 790s Digital Signature, Non Repudiation, Key Encipherment 790s X509v3 Extended Key Usage: 790s TLS Web Client Authentication, E-mail Protection 790s X509v3 Subject Alternative Name: 790s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 790s Certificate is to be certified until Mar 9 15:31:03 2025 GMT (365 days) 790s 790s Write out database with 1 new entries 790s Database updated 790s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001.pem 790s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001.pem 790s /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001.pem: OK 790s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001.pem 790s + local cmd=openssl 790s + shift 790s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001.pem 790s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 790s error 20 at 0 depth lookup: unable to get local issuer certificate 790s error /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001.pem: verification failed 790s + cat 790s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-3263 790s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-3263 1024 790s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-3263 -key /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001-request.pem 790s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001-request.pem 790s + openssl ca -passin pass:random-intermediate-CA-password-5224 -config /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001.pem 790s Certificate Request: 790s Data: 790s Version: 1 (0x0) 790s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 790s Subject Public Key Info: 790s Public Key Algorithm: rsaEncryption 790s Public-Key: (1024 bit) 790s Modulus: 790s 00:cd:09:d4:0b:91:d2:40:7c:f1:9b:1d:04:65:e4: 790s 4f:20:53:cc:e9:0e:6f:65:20:f1:69:92:4e:72:ab: 790s 86:20:28:69:e0:0b:b6:70:25:1b:03:8b:0d:48:9a: 790s 31:4d:a2:d2:f3:2e:c9:ea:a5:1b:e1:98:5f:11:00: 790s 9d:4f:cd:1e:7b:44:a1:30:6d:7d:d4:e7:6e:8b:d0: 790s c4:56:aa:b2:44:ec:46:a1:1f:54:df:72:c6:b0:a6: 790s b4:86:b1:48:5d:9b:a7:c7:43:fd:f6:bd:9a:cd:ad: 790s b9:49:40:81:9e:ae:1c:0b:ea:58:75:69:f3:68:db: 790s 14:03:79:b9:70:72:eb:8b:33 790s Exponent: 65537 (0x10001) 790s Attributes: 790s Requested Extensions: 790s X509v3 Basic Constraints: 790s CA:FALSE 790s Netscape Cert Type: 790s SSL Client, S/MIME 790s Netscape Comment: 790s Test Organization Intermediate CA trusted Certificate 790s X509v3 Subject Key Identifier: 790s 3F:48:61:50:D7:E8:3E:81:B7:C8:41:20:4E:54:9A:59:7F:14:C0:44 790s X509v3 Key Usage: critical 790s Digital Signature, Non Repudiation, Key Encipherment 790s X509v3 Extended Key Usage: 790s TLS Web Client Authentication, E-mail Protection 790s X509v3 Subject Alternative Name: 790s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 790s Signature Algorithm: sha256WithRSAEncryption 790s Signature Value: 790s c1:5c:0e:43:50:65:e2:99:e7:d7:29:d9:49:10:ae:a7:9e:28: 790s 5e:8c:6c:4a:d3:28:8a:27:7b:84:ff:cb:d7:fa:5f:ee:75:42: 790s 45:50:56:f4:ae:cb:c5:0f:43:0e:6c:77:07:8e:7c:4e:73:c8: 790s e3:9e:2c:87:ec:8a:c5:8d:eb:b3:24:aa:4b:81:11:92:0a:2b: 790s e0:78:87:0a:1e:ac:f9:31:98:79:80:38:f8:66:a8:4c:4f:f0: 790s bd:00:f5:39:c8:cf:47:06:10:18:f2:85:b2:a5:e9:b3:ca:ac: 790s 64:db:91:1d:88:39:40:6e:7e:b0:6a:84:2c:ee:72:7c:bd:a5: 790s 1d:38 790s Using configuration from /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.config 790s Check that the request matches the signature 790s Signature ok 790s Certificate Details: 790s Serial Number: 4 (0x4) 790s Validity 790s Not Before: Mar 9 15:31:03 2024 GMT 790s Not After : Mar 9 15:31:03 2025 GMT 790s Subject: 790s organizationName = Test Organization 790s organizationalUnitName = Test Organization Unit 790s commonName = Test Organization Intermediate Trusted Certificate 0001 790s X509v3 extensions: 790s X509v3 Authority Key Identifier: 790s 66:DF:22:4E:69:F9:34:AF:F2:8D:59:57:68:68:5F:1A:20:A2:87:C5 790s X509v3 Basic Constraints: 790s CA:FALSE 790s Netscape Cert Type: 790s SSL Client, S/MIME 790s Netscape Comment: 790s Test Organization Intermediate CA trusted Certificate 790s X509v3 Subject Key Identifier: 790s 3F:48:61:50:D7:E8:3E:81:B7:C8:41:20:4E:54:9A:59:7F:14:C0:44 790s X509v3 Key Usage: critical 790s Digital Signature, Non Repudiation, Key Encipherment 790s X509v3 Extended Key Usage: 790s TLS Web Client Authentication, E-mail Protection 790s X509v3 Subject Alternative Name: 790s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 790s Certificate is to be certified until Mar 9 15:31:03 2025 GMT (365 days) 790s 790s Write out database with 1 new entries 790s Database updated 790s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001.pem 790s This certificate should not be trusted fully 790s + echo 'This certificate should not be trusted fully' 790s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001.pem 790s + local cmd=openssl 790s + shift 790s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001.pem 790s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 790s error 2 at 1 depth lookup: unable to get issuer certificate 790s error /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 790s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001.pem 790s /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001.pem: OK 790s + cat 790s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-19232 790s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-19232 1024 790s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-19232 -key /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 790s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 790s + openssl ca -passin pass:random-sub-intermediate-CA-password-7722 -config /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001.pem 790s Certificate Request: 790s Data: 790s Version: 1 (0x0) 790s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 790s Subject Public Key Info: 790s Public Key Algorithm: rsaEncryption 790s Public-Key: (1024 bit) 790s Modulus: 790s 00:d4:80:37:45:df:97:ae:14:3a:1d:ef:72:c4:a0: 790s e8:f4:d7:8d:39:ee:79:97:40:99:75:23:1a:29:ef: 790s ab:f7:85:00:fa:46:4f:16:c6:26:1b:b4:e6:3f:36: 790s 52:f4:1d:21:7b:2e:74:35:df:28:0d:35:5d:6f:42: 790s c7:96:9f:eb:52:b9:98:96:b8:bf:0a:4b:88:bc:6a: 790s 8d:16:4d:d4:fc:89:23:61:f2:9c:e5:88:c4:30:89: 790s 6b:08:04:b3:74:ed:58:e9:39:ac:3d:48:31:9f:77: 790s f2:79:f5:ff:3e:64:10:e3:13:d6:75:63:89:77:80: 790s a4:ac:06:3b:94:1a:ea:42:c5 790s Exponent: 65537 (0x10001) 790s Attributes: 790s Requested Extensions: 790s X509v3 Basic Constraints: 790s CA:FALSE 790s Netscape Cert Type: 790s SSL Client, S/MIME 790s Netscape Comment: 790s Test Organization Sub Intermediate CA trusted Certificate 790s X509v3 Subject Key Identifier: 790s 31:91:C2:E9:D9:8A:AB:85:8E:03:C5:8A:91:2C:B6:BD:69:39:00:B3 790s X509v3 Key Usage: critical 790s Digital Signature, Non Repudiation, Key Encipherment 790s X509v3 Extended Key Usage: 790s TLS Web Client Authentication, E-mail Protection 790s X509v3 Subject Alternative Name: 790s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 790s Signature Algorithm: sha256WithRSAEncryption 790s Signature Value: 790s 3c:cf:4f:3d:4b:55:6c:1e:50:ca:7d:cf:e1:1f:8c:e7:9a:c2: 790s 00:cf:30:ef:6c:b4:e7:8d:61:93:c5:58:11:53:c4:b9:69:43: 790s b9:e0:00:68:04:ac:52:bd:c6:8d:9d:66:40:e1:50:61:d7:53: 790s f0:f2:cc:ed:43:a4:af:e8:d7:7f:4d:ba:5c:e0:61:13:e0:e6: 790s 4a:24:6b:57:65:85:3a:02:85:84:1a:f0:aa:a8:fb:61:26:da: 790s da:c9:ce:58:d4:77:26:42:0b:30:11:3d:3c:dc:86:61:ee:fb: 790s 2c:98:a2:04:6f:9c:ab:cd:41:32:f9:15:32:ef:6e:91:4c:d6: 790s 40:09 790s Using configuration from /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA.config 790s Check that the request matches the signature 790s Signature ok 790s Certificate Details: 790s Serial Number: 5 (0x5) 790s Validity 790s Not Before: Mar 9 15:31:03 2024 GMT 790s Not After : Mar 9 15:31:03 2025 GMT 790s Subject: 790s organizationName = Test Organization 790s organizationalUnitName = Test Organization Unit 790s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 790s X509v3 extensions: 790s X509v3 Authority Key Identifier: 790s 1D:5E:B5:04:1E:4A:3F:0A:DF:29:F2:64:5B:01:D1:F7:BE:47:17:5A 790s X509v3 Basic Constraints: 790s CA:FALSE 790s Netscape Cert Type: 790s SSL Client, S/MIME 790s Netscape Comment: 790s Test Organization Sub Intermediate CA trusted Certificate 790s X509v3 Subject Key Identifier: 790s 31:91:C2:E9:D9:8A:AB:85:8E:03:C5:8A:91:2C:B6:BD:69:39:00:B3 790s X509v3 Key Usage: critical 790s Digital Signature, Non Repudiation, Key Encipherment 790s X509v3 Extended Key Usage: 790s TLS Web Client Authentication, E-mail Protection 790s X509v3 Subject Alternative Name: 790s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 790s Certificate is to be certified until Mar 9 15:31:03 2025 GMT (365 days) 790s 790s Write out database with 1 new entries 790s Database updated 790s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001.pem 790s + echo 'This certificate should not be trusted fully' 790s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001.pem 790s + local cmd=openssl 790s + shift 790s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001.pem 790s This certificate should not be trusted fully 790s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 790s error 2 at 1 depth lookup: unable to get issuer certificate 790s error /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 790s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001.pem 790s + local cmd=openssl 790s + shift 790s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001.pem 790s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 790s error 20 at 0 depth lookup: unable to get local issuer certificate 790s error /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 790s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001.pem 790s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001.pem 790s + local cmd=openssl 790s + shift 790s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001.pem 790s /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 790s Building a the full-chain CA file... 790s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 790s error 20 at 0 depth lookup: unable to get local issuer certificate 790s error /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 790s + echo 'Building a the full-chain CA file...' 790s + cat /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA.pem 790s + cat /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.pem 790s + cat /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA.pem 790s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-full-chain-CA.pem 790s + openssl pkcs7 -print_certs -noout 790s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.pem 790s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 790s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 790s 790s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 790s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 790s 790s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 790s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 790s 790s /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA.pem: OK 790s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001.pem 790s /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001.pem: OK 790s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001.pem 790s /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001.pem: OK 790s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-intermediate-chain-CA.pem 790s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-CPU2ZU/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001.pem 790s /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-intermediate-chain-CA.pem: OK 790s /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 790s + echo 'Certificates generation completed!' 790s + [[ -v NO_SSSD_TESTS ]] 790s + [[ -v GENERATE_SMART_CARDS ]] 790s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-8348 790s + local certificate=/tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001.pem 790s + local key_pass=pass:random-root-ca-trusted-cert-0001-8348 790s + local key_cn 790s + local key_name 790s + local tokens_dir 790s + local output_cert_file 790s + token_name= 790s ++ basename /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001.pem .pem 790s Certificates generation completed! 790s + key_name=test-root-CA-trusted-certificate-0001 790s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001.pem 790s ++ sed -n 's/ *commonName *= //p' 790s + key_cn='Test Organization Root Trusted Certificate 0001' 790s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 790s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-root-CA-trusted-certificate-0001.conf 790s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-root-CA-trusted-certificate-0001.conf 790s ++ basename /tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 790s + tokens_dir=/tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-root-CA-trusted-certificate-0001 790s + token_name='Test Organization Root Tr Token' 790s + '[' '!' -e /tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 790s + local key_file 790s + local decrypted_key 790s + mkdir -p /tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-root-CA-trusted-certificate-0001 790s + key_file=/tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001-key.pem 790s + decrypted_key=/tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001-key-decrypted.pem 790s + cat 790s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 123456 --so-pin 123456 --free 790s + softhsm2-util --show-slots 790s Slot 0 has a free/uninitialized token. 790s The token has been initialized and is reassigned to slot 889828556 790s Available slots: 790s Slot 889828556 790s Slot info: 790s Description: SoftHSM slot ID 0x3509b4cc 790s Manufacturer ID: SoftHSM project 790s Hardware version: 2.6 790s Firmware version: 2.6 790s Token present: yes 790s Token info: 790s Manufacturer ID: SoftHSM project 790s Model: SoftHSM v2 790s Hardware version: 2.6 790s Firmware version: 2.6 790s Serial number: 90d071d93509b4cc 790s Initialized: yes 790s User PIN init.: yes 790s Label: Test Organization Root Tr Token 790s Slot 1 790s Slot info: 790s Description: SoftHSM slot ID 0x1 790s Manufacturer ID: SoftHSM project 790s Hardware version: 2.6 790s Firmware version: 2.6 790s Token present: yes 790s Token info: 790s Manufacturer ID: SoftHSM project 790s Model: SoftHSM v2 790s Hardware version: 2.6 790s Firmware version: 2.6 790s Serial number: 790s Initialized: no 790s User PIN init.: no 790s Label: 790s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 790s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-8348 -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001-key-decrypted.pem 790s writing RSA key 790s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 790s + rm /tmp/sssd-softhsm2-certs-CPU2ZU/test-root-CA-trusted-certificate-0001-key-decrypted.pem 790s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 790s Object 0: 790s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=90d071d93509b4cc;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 790s Type: X.509 Certificate (RSA-1024) 790s Expires: Sun Mar 9 15:31:03 2025 790s Label: Test Organization Root Trusted Certificate 0001 790s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 790s 790s + echo 'Test Organization Root Tr Token' 790s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-3263 790s + local certificate=/tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001.pem 790s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-3263 790s + local key_cn 790s + local key_name 790s + local tokens_dir 790s + local output_cert_file 790s + token_name= 790s Test Organization Root Tr Token 790s ++ basename /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001.pem .pem 790s + key_name=test-intermediate-CA-trusted-certificate-0001 790s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001.pem 790s ++ sed -n 's/ *commonName *= //p' 790s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 790s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 790s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 790s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 790s ++ basename /tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 790s + tokens_dir=/tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-intermediate-CA-trusted-certificate-0001 790s + token_name='Test Organization Interme Token' 790s + '[' '!' -e /tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 790s + local key_file 790s + local decrypted_key 790s + mkdir -p /tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-intermediate-CA-trusted-certificate-0001 790s + key_file=/tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001-key.pem 790s + decrypted_key=/tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 790s + cat 790s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 123456 --so-pin 123456 --free 790s + softhsm2-util --show-slots 790s Slot 0 has a free/uninitialized token. 790s The token has been initialized and is reassigned to slot 917223970 790s Available slots: 790s Slot 917223970 790s Slot info: 790s Description: SoftHSM slot ID 0x36abba22 790s Manufacturer ID: SoftHSM project 790s Hardware version: 2.6 790s Firmware version: 2.6 790s Token present: yes 790s Token info: 790s Manufacturer ID: SoftHSM project 790s Model: SoftHSM v2 790s Hardware version: 2.6 790s Firmware version: 2.6 790s Serial number: c4bc5233b6abba22 790s Initialized: yes 790s User PIN init.: yes 790s Label: Test Organization Interme Token 790s Slot 1 790s Slot info: 790s Description: SoftHSM slot ID 0x1 790s Manufacturer ID: SoftHSM project 790s Hardware version: 2.6 790s Firmware version: 2.6 790s Token present: yes 790s Token info: 790s Manufacturer ID: SoftHSM project 790s Model: SoftHSM v2 790s Hardware version: 2.6 790s Firmware version: 2.6 790s Serial number: 790s Initialized: no 790s User PIN init.: no 790s Label: 790s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 790s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-3263 -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 790s writing RSA key 790s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 790s + rm /tmp/sssd-softhsm2-certs-CPU2ZU/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 790s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 790s Object 0: 790s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=c4bc5233b6abba22;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 790s Type: X.509 Certificate (RSA-1024) 790s Expires: Sun Mar 9 15:31:03 2025 790s Label: Test Organization Intermediate Trusted Certificate 0001 790s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 790s 790s Test Organization Interme Token 790s + echo 'Test Organization Interme Token' 790s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-19232 790s + local certificate=/tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001.pem 790s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-19232 790s + local key_cn 790s + local key_name 790s + local tokens_dir 790s + local output_cert_file 790s + token_name= 790s ++ basename /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 790s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 790s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001.pem 790s ++ sed -n 's/ *commonName *= //p' 790s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 790s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 790s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 790s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 790s ++ basename /tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 790s + tokens_dir=/tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 790s + token_name='Test Organization Sub Int Token' 790s + '[' '!' -e /tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 790s + local key_file 790s + local decrypted_key 790s + mkdir -p /tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 790s + key_file=/tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 790s + decrypted_key=/tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 790s + cat 790s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 123456 --so-pin 123456 --free 790s + softhsm2-util --show-slots 790s Slot 0 has a free/uninitialized token. 790s The token has been initialized and is reassigned to slot 567013945 790s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 790s Available slots: 790s Slot 567013945 790s Slot info: 790s Description: SoftHSM slot ID 0x21cbf239 790s Manufacturer ID: SoftHSM project 790s Hardware version: 2.6 790s Firmware version: 2.6 790s Token present: yes 790s Token info: 790s Manufacturer ID: SoftHSM project 790s Model: SoftHSM v2 790s Hardware version: 2.6 790s Firmware version: 2.6 790s Serial number: 46de2d9da1cbf239 790s Initialized: yes 790s User PIN init.: yes 790s Label: Test Organization Sub Int Token 790s Slot 1 790s Slot info: 790s Description: SoftHSM slot ID 0x1 790s Manufacturer ID: SoftHSM project 790s Hardware version: 2.6 790s Firmware version: 2.6 790s Token present: yes 790s Token info: 790s Manufacturer ID: SoftHSM project 790s Model: SoftHSM v2 790s Hardware version: 2.6 790s Firmware version: 2.6 790s Serial number: 790s Initialized: no 790s User PIN init.: no 790s Label: 790s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-19232 -in /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 790s writing RSA key 790s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 790s + rm /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 790s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 790s Object 0: 790s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=46de2d9da1cbf239;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 790s Type: X.509 Certificate (RSA-1024) 790s Expires: Sun Mar 9 15:31:03 2025 790s Label: Test Organization Sub Intermediate Trusted Certificate 0001 790s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 790s 790s Test Organization Sub Int Token 790s Certificates generation completed! 790s + echo 'Test Organization Sub Int Token' 790s + echo 'Certificates generation completed!' 790s + exit 0 790s + find /tmp/sssd-softhsm2-certs-CPU2ZU -type d -exec chmod 777 '{}' ';' 790s + find /tmp/sssd-softhsm2-certs-CPU2ZU -type f -exec chmod 666 '{}' ';' 790s + backup_file /etc/sssd/sssd.conf 790s + '[' -z '' ']' 790s ++ mktemp -d -t sssd-softhsm2-backups-XXXXXX 790s + backupsdir=/tmp/sssd-softhsm2-backups-pDfZ23 790s + '[' -e /etc/sssd/sssd.conf ']' 790s + delete_paths+=("$1") 790s + rm -f /etc/sssd/sssd.conf 790s ++ runuser -u ubuntu -- sh -c 'echo ~' 790s + user_home=/home/ubuntu 790s + mkdir -p /home/ubuntu 790s + chown ubuntu:ubuntu /home/ubuntu 790s ++ runuser -u ubuntu -- sh -c 'echo ${XDG_CONFIG_HOME:-~/.config}' 790s + user_config=/home/ubuntu/.config 790s + system_config=/etc 790s + softhsm2_conf_paths=("${AUTOPKGTEST_NORMAL_USER}:$user_config/softhsm2/softhsm2.conf" "root:$system_config/softhsm/softhsm2.conf") 790s + for path_pair in "${softhsm2_conf_paths[@]}" 790s + IFS=: 790s + read -r -a path 790s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 790s + backup_file /home/ubuntu/.config/softhsm2/softhsm2.conf 790s + '[' -z /tmp/sssd-softhsm2-backups-pDfZ23 ']' 790s + '[' -e /home/ubuntu/.config/softhsm2/softhsm2.conf ']' 790s + delete_paths+=("$1") 790s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 790s + for path_pair in "${softhsm2_conf_paths[@]}" 790s + IFS=: 790s + read -r -a path 790s + path=/etc/softhsm/softhsm2.conf 790s + backup_file /etc/softhsm/softhsm2.conf 790s + '[' -z /tmp/sssd-softhsm2-backups-pDfZ23 ']' 790s + '[' -e /etc/softhsm/softhsm2.conf ']' 790s ++ dirname /etc/softhsm/softhsm2.conf 790s + local back_dir=/tmp/sssd-softhsm2-backups-pDfZ23//etc/softhsm 790s ++ basename /etc/softhsm/softhsm2.conf 790s + local back_path=/tmp/sssd-softhsm2-backups-pDfZ23//etc/softhsm/softhsm2.conf 790s + '[' '!' -e /tmp/sssd-softhsm2-backups-pDfZ23//etc/softhsm/softhsm2.conf ']' 790s + mkdir -p /tmp/sssd-softhsm2-backups-pDfZ23//etc/softhsm 790s + cp -a /etc/softhsm/softhsm2.conf /tmp/sssd-softhsm2-backups-pDfZ23//etc/softhsm/softhsm2.conf 790s + restore_paths+=("$back_path") 790s + rm -f /etc/softhsm/softhsm2.conf 790s + test_authentication login /tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-root-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-CPU2ZU/test-full-chain-CA.pem 790s + pam_service=login 790s + certificate_config=/tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-root-CA-trusted-certificate-0001.conf 790s + ca_db=/tmp/sssd-softhsm2-certs-CPU2ZU/test-full-chain-CA.pem 790s + verification_options= 790s + mkdir -p -m 700 /etc/sssd 790s Using CA DB '/tmp/sssd-softhsm2-certs-CPU2ZU/test-full-chain-CA.pem' with verification options: '' 790s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-CPU2ZU/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 790s + cat 790s + chmod 600 /etc/sssd/sssd.conf 790s + for path_pair in "${softhsm2_conf_paths[@]}" 790s + IFS=: 790s + read -r -a path 790s + user=ubuntu 790s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 790s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 790s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 790s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-root-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 790s + runuser -u ubuntu -- softhsm2-util --show-slots 790s + grep 'Test Organization' 790s Label: Test Organization Root Tr Token 790s + for path_pair in "${softhsm2_conf_paths[@]}" 790s + IFS=: 790s + read -r -a path 790s + user=root 790s + path=/etc/softhsm/softhsm2.conf 790s ++ dirname /etc/softhsm/softhsm2.conf 790s + runuser -u root -- mkdir -p /etc/softhsm 790s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-root-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 790s + runuser -u root -- softhsm2-util --show-slots 790s + grep 'Test Organization' 790s Label: Test Organization Root Tr Token 790s + systemctl restart sssd 791s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 791s + for alternative in "${alternative_pam_configs[@]}" 791s + pam-auth-update --enable sss-smart-card-optional 791s + cat /etc/pam.d/common-auth 791s # 791s # /etc/pam.d/common-auth - authentication settings common to all services 791s # 791s # This file is included from other service-specific PAM config files, 791s # and should contain a list of the authentication modules that define 791s # the central authentication scheme for use on the system 791s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 791s # traditional Unix authentication mechanisms. 791s # 791s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 791s # To take advantage of this, it is recommended that you configure any 791s # local modules either before or after the default block, and use 791s # pam-auth-update to manage selection of other modules. See 791s # pam-auth-update(8) for details. 791s 791s # here are the per-package modules (the "Primary" block) 791s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 791s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 791s auth [success=1 default=ignore] pam_sss.so use_first_pass 791s # here's the fallback if no module succeeds 791s auth requisite pam_deny.so 791s # prime the stack with a positive return value if there isn't one already; 791s # this avoids us returning an error just because nothing sets a success code 791s # since the modules above will each just jump around 791s auth required pam_permit.so 791s # and here are more per-package modules (the "Additional" block) 791s auth optional pam_cap.so 791s # end of pam-auth-update config 791s + echo -n -e 123456 791s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 791s pamtester: invoking pam_start(login, ubuntu, ...) 791s pamtester: performing operation - authenticate 791s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 791s + echo -n -e 123456 791s + runuser -u ubuntu -- pamtester -v login '' authenticate 791s pamtester: invoking pam_start(login, , ...) 791s pamtester: performing operation - authenticate 791s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 791s + echo -n -e wrong123456 791s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 791s pamtester: invoking pam_start(login, ubuntu, ...) 791s pamtester: performing operation - authenticate 794s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 794s + echo -n -e wrong123456 794s + runuser -u ubuntu -- pamtester -v login '' authenticate 794s pamtester: invoking pam_start(login, , ...) 794s pamtester: performing operation - authenticate 797s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 797s + echo -n -e 123456 797s + pamtester -v login root authenticate 797s pamtester: invoking pam_start(login, root, ...) 797s pamtester: performing operation - authenticate 801s Password: pamtester: Authentication failure 801s + for alternative in "${alternative_pam_configs[@]}" 801s + pam-auth-update --enable sss-smart-card-required 801s PAM configuration 801s ----------------- 801s 801s Incompatible PAM profiles selected. 801s 801s The following PAM profiles cannot be used together: 801s 801s SSS required smart card authentication, SSS optional smart card 801s authentication 801s 801s Please select a different set of modules to enable. 801s 801s + cat /etc/pam.d/common-auth 801s # 801s # /etc/pam.d/common-auth - authentication settings common to all services 801s # 801s # This file is included from other service-specific PAM config files, 801s # and should contain a list of the authentication modules that define 801s # the central authentication scheme for use on the system 801s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 801s # traditional Unix authentication mechanisms. 801s # 801s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 801s # To take advantage of this, it is recommended that you configure any 801s # local modules either before or after the default block, and use 801s # pam-auth-update to manage selection of other modules. See 801s # pam-auth-update(8) for details. 801s 801s # here are the per-package modules (the "Primary" block) 801s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 801s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 801s auth [success=1 default=ignore] pam_sss.so use_first_pass 801s # here's the fallback if no module succeeds 801s auth requisite pam_deny.so 801s # prime the stack with a positive return value if there isn't one already; 801s # this avoids us returning an error just because nothing sets a success code 801s # since the modules above will each just jump around 801s auth required pam_permit.so 801s # and here are more per-package modules (the "Additional" block) 801s auth optional pam_cap.so 801s # end of pam-auth-update config 801s + echo -n -e 123456 801s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 801s pamtester: invoking pam_start(login, ubuntu, ...) 801s pamtester: performing operation - authenticate 801s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 801s + echo -n -e 123456 801s + runuser -u ubuntu -- pamtester -v login '' authenticate 801s pamtester: invoking pam_start(login, , ...) 801s pamtester: performing operation - authenticate 801s pamtester: successfully authenticated 801s PIN for Test Organization Root Tr Token: + echo -n -e wrong123456 801s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 801s pamtester: invoking pam_start(login, ubuntu, ...) 801s pamtester: performing operation - authenticate 804s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 804s + echo -n -e wrong123456 804s + runuser -u ubuntu -- pamtester -v login '' authenticate 804s pamtester: invoking pam_start(login, , ...) 804s pamtester: performing operation - authenticate 808s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 808s + echo -n -e 123456 808s + pamtester -v login root authenticate 808s pamtester: invoking pam_start(login, root, ...) 808s pamtester: performing operation - authenticate 812s pamtester: Authentication service cannot retrieve authentication info 812s + test_authentication login /tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-CPU2ZU/test-full-chain-CA.pem 812s + pam_service=login 812s + certificate_config=/tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 812s + ca_db=/tmp/sssd-softhsm2-certs-CPU2ZU/test-full-chain-CA.pem 812s + verification_options= 812s + mkdir -p -m 700 /etc/sssd 812s Using CA DB '/tmp/sssd-softhsm2-certs-CPU2ZU/test-full-chain-CA.pem' with verification options: '' 812s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-CPU2ZU/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 812s + cat 812s + chmod 600 /etc/sssd/sssd.conf 812s + for path_pair in "${softhsm2_conf_paths[@]}" 812s + IFS=: 812s + read -r -a path 812s + user=ubuntu 812s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 812s Label: Test Organization Sub Int Token 812s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 812s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 812s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 812s + runuser -u ubuntu -- softhsm2-util --show-slots 812s + grep 'Test Organization' 812s + for path_pair in "${softhsm2_conf_paths[@]}" 812s + IFS=: 812s + read -r -a path 812s + user=root 812s + path=/etc/softhsm/softhsm2.conf 812s ++ dirname /etc/softhsm/softhsm2.conf 812s + runuser -u root -- mkdir -p /etc/softhsm 812s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 812s + runuser -u root -- softhsm2-util --show-slots 812s + grep 'Test Organization' 812s Label: Test Organization Sub Int Token 812s + systemctl restart sssd 812s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 812s + for alternative in "${alternative_pam_configs[@]}" 812s # 812s # /etc/pam.d/common-auth - authentication settings common to all services 812s # 812s # This file is included from other service-specific PAM config files, 812s # and should contain a list of the authentication modules that define 812s # the central authentication scheme for use on the system 812s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 812s # traditional Unix authentication mechanisms. 812s # 812s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 812s # To take advantage of this, it is recommended that you configure any 812s # local modules either before or after the default block, and use 812s # pam-auth-update to manage selection of other modules. See 812s # pam-auth-update(8) for details. 812s 812s # here are the per-package modules (the "Primary" block) 812s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 812s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 812s auth [success=1 default=ignore] pam_sss.so use_first_pass 812s # here's the fallback if no module succeeds 812s auth requisite pam_deny.so 812s # prime the stack with a positive return value if there isn't one already; 812s # this avoids us returning an error just because nothing sets a success code 812s # since the modules above will each just jump around 812s auth required pam_permit.so 812s # and here are more per-package modules (the "Additional" block) 812s auth optional pam_cap.so 812s # end of pam-auth-update config 812s + pam-auth-update --enable sss-smart-card-optional 812s + cat /etc/pam.d/common-auth 812s + echo -n -e 123456 812s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 812s pamtester: invoking pam_start(login, ubuntu, ...) 812s pamtester: performing operation - authenticate 812s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 812s + echo -n -e 123456 812s + runuser -u ubuntu -- pamtester -v login '' authenticate 812s pamtester: invoking pam_start(login, , ...) 812s pamtester: performing operation - authenticate 813s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 813s + echo -n -e wrong123456 813s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 813s pamtester: invoking pam_start(login, ubuntu, ...) 813s pamtester: performing operation - authenticate 816s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 816s + echo -n -e wrong123456 816s + runuser -u ubuntu -- pamtester -v login '' authenticate 816s pamtester: invoking pam_start(login, , ...) 816s pamtester: performing operation - authenticate 820s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 820s + echo -n -e 123456 820s + pamtester -v login root authenticate 820s pamtester: invoking pam_start(login, root, ...) 820s pamtester: performing operation - authenticate 823s Password: pamtester: Authentication failure 823s + for alternative in "${alternative_pam_configs[@]}" 823s + pam-auth-update --enable sss-smart-card-required 823s PAM configuration 823s ----------------- 823s 823s Incompatible PAM profiles selected. 823s 823s The following PAM profiles cannot be used together: 823s 823s SSS required smart card authentication, SSS optional smart card 823s authentication 823s 823s Please select a different set of modules to enable. 823s 823s + cat /etc/pam.d/common-auth 823s # 823s # /etc/pam.d/common-auth - authentication settings common to all services 823s # 823s # This file is included from other service-specific PAM config files, 823s # and should contain a list of the authentication modules that define 823s # the central authentication scheme for use on the system 823s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 823s # traditional Unix authentication mechanisms. 823s # 823s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 823s # To take advantage of this, it is recommended that you configure any 823s # local modules either before or after the default block, and use 823s # pam-auth-update to manage selection of other modules. See 823s # pam-auth-update(8) for details. 823s 823s # here are the per-package modules (the "Primary" block) 823s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 823s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 823s auth [success=1 default=ignore] pam_sss.so use_first_pass 823s # here's the fallback if no module succeeds 823s auth requisite pam_deny.so 823s # prime the stack with a positive return value if there isn't one already; 823s # this avoids us returning an error just because nothing sets a success code 823s # since the modules above will each just jump around 823s auth required pam_permit.so 823s # and here are more per-package modules (the "Additional" block) 823s auth optional pam_cap.so 823s # end of pam-auth-update config 823s + echo -n -e 123456 823s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 823s pamtester: invoking pam_start(login, ubuntu, ...) 823s pamtester: performing operation - authenticate 823s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 823s + echo -n -e 123456 823s + runuser -u ubuntu -- pamtester -v login '' authenticate 823s pamtester: invoking pam_start(login, , ...) 823s pamtester: performing operation - authenticate 823s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 823s + echo -n -e wrong123456 823s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 823s pamtester: invoking pam_start(login, ubuntu, ...) 823s pamtester: performing operation - authenticate 825s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 825s + echo -n -e wrong123456 825s + runuser -u ubuntu -- pamtester -v login '' authenticate 826s pamtester: invoking pam_start(login, , ...) 826s pamtester: performing operation - authenticate 828s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 828s + echo -n -e 123456 828s + pamtester -v login root authenticate 828s pamtester: invoking pam_start(login, root, ...) 828s pamtester: performing operation - authenticate 832s pamtester: Authentication service cannot retrieve authentication info 832s + test_authentication login /tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA.pem partial_chain 832s + pam_service=login 832s + certificate_config=/tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 832s + ca_db=/tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA.pem 832s + verification_options=partial_chain 832s + mkdir -p -m 700 /etc/sssd 832s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA.pem'\'' with verification options: '\''partial_chain'\''' 832s + cat 832s Using CA DB '/tmp/sssd-softhsm2-certs-CPU2ZU/test-sub-intermediate-CA.pem' with verification options: 'partial_chain' 832s Label: Test Organization Sub Int Token 832s + chmod 600 /etc/sssd/sssd.conf 832s + for path_pair in "${softhsm2_conf_paths[@]}" 832s + IFS=: 832s + read -r -a path 832s + user=ubuntu 832s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 832s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 832s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 832s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 832s + runuser -u ubuntu -- softhsm2-util --show-slots 832s + grep 'Test Organization' 832s + for path_pair in "${softhsm2_conf_paths[@]}" 832s + IFS=: 832s + read -r -a path 832s + user=root 832s + path=/etc/softhsm/softhsm2.conf 832s ++ dirname /etc/softhsm/softhsm2.conf 832s + runuser -u root -- mkdir -p /etc/softhsm 832s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-CPU2ZU/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 832s + runuser -u root -- softhsm2-util --show-slots 832s + grep 'Test Organization' 832s Label: Test Organization Sub Int Token 832s + systemctl restart sssd 832s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 832s + for alternative in "${alternative_pam_configs[@]}" 832s + pam-auth-update --enable sss-smart-card-optional 832s + cat /etc/pam.d/common-auth 832s # 832s # /etc/pam.d/common-auth - authentication settings common to all services 832s # 832s # This file is included from other service-specific PAM config files, 832s # and should contain a list of the authentication modules that define 832s # the central authentication scheme for use on the system 832s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 832s # traditional Unix authentication mechanisms. 832s # 832s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 832s # To take advantage of this, it is recommended that you configure any 832s # local modules either before or after the default block, and use 832s # pam-auth-update to manage selection of other modules. See 832s # pam-auth-update(8) for details. 832s 832s # here are the per-package modules (the "Primary" block) 832s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 832s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 832s auth [success=1 default=ignore] pam_sss.so use_first_pass 832s # here's the fallback if no module succeeds 832s auth requisite pam_deny.so 832s # prime the stack with a positive return value if there isn't one already; 832s # this avoids us returning an error just because nothing sets a success code 832s # since the modules above will each just jump around 832s auth required pam_permit.so 832s # and here are more per-package modules (the "Additional" block) 832s auth optional pam_cap.so 832s # end of pam-auth-update config 832s + echo -n -e 123456 832s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 832s pamtester: invoking pam_start(login, ubuntu, ...) 832s pamtester: performing operation - authenticate 832s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 832s + echo -n -e 123456 832s + runuser -u ubuntu -- pamtester -v login '' authenticate 832s pamtester: invoking pam_start(login, , ...) 832s pamtester: performing operation - authenticate 832s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 832s + echo -n -e wrong123456 832s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 832s pamtester: invoking pam_start(login, ubuntu, ...) 832s pamtester: performing operation - authenticate 836s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 836s + echo -n -e wrong123456 836s + runuser -u ubuntu -- pamtester -v login '' authenticate 836s pamtester: invoking pam_start(login, , ...) 836s pamtester: performing operation - authenticate 839s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 839s + echo -n -e 123456 839s + pamtester -v login root authenticate 839s pamtester: invoking pam_start(login, root, ...) 839s pamtester: performing operation - authenticate 842s Password: pamtester: Authentication failure 842s + for alternative in "${alternative_pam_configs[@]}" 842s + pam-auth-update --enable sss-smart-card-required 843s PAM configuration 843s ----------------- 843s 843s Incompatible PAM profiles selected. 843s 843s The following PAM profiles cannot be used together: 843s 843s SSS required smart card authentication, SSS optional smart card 843s authentication 843s 843s Please select a different set of modules to enable. 843s 843s + cat /etc/pam.d/common-auth 843s # 843s # /etc/pam.d/common-auth - authentication settings common to all services 843s # 843s # This file is included from other service-specific PAM config files, 843s # and should contain a list of the authentication modules that define 843s # the central authentication scheme for use on the system 843s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 843s # traditional Unix authentication mechanisms. 843s # 843s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 843s # To take advantage of this, it is recommended that you configure any 843s # local modules either before or after the default block, and use 843s # pam-auth-update to manage selection of other modules. See 843s # pam-auth-update(8) for details. 843s 843s # here are the per-package modules (the "Primary" block) 843s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 843s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 843s auth [success=1 default=ignore] pam_sss.so use_first_pass 843s # here's the fallback if no module succeeds 843s auth requisite pam_deny.so 843s # prime the stack with a positive return value if there isn't one already; 843s # this avoids us returning an error just because nothing sets a success code 843s # since the modules above will each just jump around 843s auth required pam_permit.so 843s # and here are more per-package modules (the "Additional" block) 843s auth optional pam_cap.so 843s # end of pam-auth-update config 843s + echo -n -e 123456 843s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 843s pamtester: invoking pam_start(login, ubuntu, ...) 843s pamtester: performing operation - authenticate 843s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 843s + echo -n -e 123456 843s + runuser -u ubuntu -- pamtester -v login '' authenticate 843s pamtester: invoking pam_start(login, , ...) 843s pamtester: performing operation - authenticate 843s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 843s + echo -n -e wrong123456 843s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 843s pamtester: invoking pam_start(login, ubuntu, ...) 843s pamtester: performing operation - authenticate 846s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 846s + echo -n -e wrong123456 846s + runuser -u ubuntu -- pamtester -v login '' authenticate 846s pamtester: invoking pam_start(login, , ...) 846s pamtester: performing operation - authenticate 850s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 850s + echo -n -e 123456 850s + pamtester -v login root authenticate 850s pamtester: invoking pam_start(login, root, ...) 850s pamtester: performing operation - authenticate 853s pamtester: Authentication service cannot retrieve authentication info 853s + handle_exit 853s + exit_code=0 853s + restore_changes 853s + for path in "${restore_paths[@]}" 853s + local original_path 853s ++ realpath --strip --relative-base=/tmp/sssd-softhsm2-backups-pDfZ23 /tmp/sssd-softhsm2-backups-pDfZ23//etc/softhsm/softhsm2.conf 853s + original_path=/etc/softhsm/softhsm2.conf 853s + rm /etc/softhsm/softhsm2.conf 853s + mv /tmp/sssd-softhsm2-backups-pDfZ23//etc/softhsm/softhsm2.conf /etc/softhsm/softhsm2.conf 853s + for path in "${delete_paths[@]}" 853s + rm -f /etc/sssd/sssd.conf 853s + for path in "${delete_paths[@]}" 853s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 853s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 853s + '[' -e /etc/sssd/sssd.conf ']' 853s + systemctl stop sssd 853s + '[' -e /etc/softhsm/softhsm2.conf ']' 853s + chmod 600 /etc/softhsm/softhsm2.conf 853s + rm -rf /tmp/sssd-softhsm2-certs-CPU2ZU 853s + '[' 0 = 0 ']' 853s + rm -rf /tmp/sssd-softhsm2-backups-pDfZ23 853s + set +x 853s Script completed successfully! 854s autopkgtest [15:32:07]: test sssd-smart-card-pam-auth-configs: -----------------------] 854s sssd-smart-card-pam-auth-configs PASS 854s autopkgtest [15:32:07]: test sssd-smart-card-pam-auth-configs: - - - - - - - - - - results - - - - - - - - - - 855s autopkgtest [15:32:08]: @@@@@@@@@@@@@@@@@@@@ summary 855s ldap-user-group-ldap-auth PASS 855s ldap-user-group-krb5-auth PASS 855s sssd-softhism2-certificates-tests.sh PASS 855s sssd-smart-card-pam-auth-configs PASS 859s Creating nova instance adt-noble-arm64-sssd-20240309-151752-juju-7f2275-prod-proposed-migration-environment-3 from image adt/ubuntu-noble-arm64-server-20240308.img (UUID ddbc0ee7-bb97-4aa3-b5e1-9386758c2ba2)... 859s Creating nova instance adt-noble-arm64-sssd-20240309-151752-juju-7f2275-prod-proposed-migration-environment-3 from image adt/ubuntu-noble-arm64-server-20240308.img (UUID ddbc0ee7-bb97-4aa3-b5e1-9386758c2ba2)...